GKE ingress unable to connect to healthy service

google-cloud-platform kubernetes google-kubernetes-engine
10,669

It turns out my services were not in a healthy state. Being "READY" doesn't mean that they're responding with 200 on the root path (/). I used kubectl get pods to list my pods, then inspected the logs.

NAME                            READY     STATUS    RESTARTS   AGE
cable-76bfb45bb-rkz8f           2/2       Running   0          24m
rails-67d569746d-54hs8          2/2       Running   0          24m
elasticsearch-0                 1/1       Running   0          16m
redis-master-945b795f6-ldg5x    1/1       Running   0          14h
sidekiq-597c876bc4-zg24k        2/2       Running   0          24m

I could then inspect specific logs with kubectl logs rails-67d569746d-54hs8 rails where the second rails is the name of the container within the pod. You should see the logs for the health check there, which should indicate what's wrong.

If you only see the start up of the server and no health check logs, it's most likely your pod is not reachable. Check your services and the ports on them. As long as they're reachable and responding with 200 on the root path (and not redirecting), the health check should pass and the ingress should allow connection.

Share:
10,669

Related videos on Youtube

Archonic
Author by

Archonic

CTO at Climate Check. Previously Senior Software Engineer at IT Glue. Ruby on Rails is my forte and I tinker with Python, Node, Rust and Raspberry Pi stuff.

Updated on September 18, 2022

Comments

  • Archonic
    Archonic over 1 year

    I've been following the tutorial here: https://medium.com/@nithinmallya4/deploying-a-rails-application-to-google-container-engine-with-kubernetes-b08b2de353fc

    With their code base: https://github.com/nmallya/gkedemoapp

    You can see how this deployment is put together here, between the "FIRST TIME DEPLOYMENT" comments: https://github.com/nmallya/gkedemoapp/blob/master/gcloud_deployment.sh

    I have created the SSL cert, the web service is up and healthy, but I can't create the ingress as described. The status for the ingress is "All backend services are in UNHEALTHY state".

    The YAML for the ingress is as follows:

    apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: gke-ingress 
  annotations:
    kubernetes.io/ingress.class: "gce"
    # kubernetes.io/ingress.allow-http: "false"
    # ingress.kubernetes.io/ssl-redirect: "true"
spec:
  tls:
  # This assumes tls-secret exists.
  - secretName: gkecert
  backend:
    serviceName: web
    servicePort: 443

    I imagine I'll need to provide more information but I'm not sure what/where to troubleshoot next.

    • Patrick W
      Patrick W almost 6 years
      the error message implies your backend (pods) are failing their health checks. You need to curl the HC path to see if you get a 200 response there. Can you provide us the YAML of your service so we can tell which target port the HC is querying?
    • Archonic
      Archonic almost 6 years
      My impression that the pods were healthy was from the READY 2/2 statement in kubectl get pods. They were in fact not healthy and checking the logs for the web service in those pods revealed why. I'll post an answer on how I found the issue shortly.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I mount the same persistent volume on multiple pods?
Getting "x509: certificate signed by unknown authority" in GKE on pulling image (a private registry) when a pod is created
Unable to access internet on pod in private GKE cluster
kubernetes connection refused during deployment
Resize kubernetes cluster with a different machine type?
How to choose the external IP address of a Kubernetes load balancer in Google Kubernetes Engine
Kubernetes reports "pod didn't trigger scale-up (it wouldn't fit if a new node is added)" even though it would?
ImagePullBackOff error Google Kubernetes Engine
Volume claim on GKE / Multi-Attach error for volume Volume is already exclusively attached
Kubernetes pods failing on "Pod sandbox changed, it will be killed and re-created"