annotations: Expands list of health-probe related ingress annotations (…

…#1062) * code changes to accommodate health probe annotations * documentation updated with new annotations * function names re-allignment with annotation names * added unit test to verify that annotation overwrites default settings for health probe * added annotations health-probe-status-codes health-probe-interval health-probe-timeout health-probe-unhealthy-treshold * suggested changes for PR 1062 Co-authored-by: Robert Polasek <robert.polasek@toptal.com> Co-authored-by: Akshay Gupta <aksgupta@microsoft.com>
Azure · Nov 25, 2020 · 6bc8764 · 6bc8764 · ferronsw · Nov 26, 2020
1 parent deb2acc
commit 6bc8764
Show file tree

Hide file tree

Showing 5 changed files with 541 additions and 26 deletions.
diff --git a/docs/annotations.md b/docs/annotations.md
@@ -20,9 +20,16 @@ For an Ingress resource to be observed by AGIC it **must be annotated** with `ku
 | [appgw.ingress.kubernetes.io/connection-draining-timeout](#connection-draining) | `int32` (seconds) | `30` | |
 | [appgw.ingress.kubernetes.io/cookie-based-affinity](#cookie-based-affinity) | `bool` | `false` | |
 | [appgw.ingress.kubernetes.io/request-timeout](#request-timeout) | `int32` (seconds) | `30` | |
+| [appgw.ingress.kubernetes.io/override-frontend-port](#override-frontend-port) | `string` |   |   |
 | [appgw.ingress.kubernetes.io/use-private-ip](#use-private-ip) | `bool` | `false` | |
 | [appgw.ingress.kubernetes.io/waf-policy-for-path](#azure-waf-policy-for-path) | `string` |   |   |
-| [appgw.ingress.kubernetes.io/override-frontend-port](#override-frontend-port) | `string` |   |   |
+| [appgw.ingress.kubernetes.io/health-probe-hostname](#health-probe-hostname) | `string` |  `nil` |   |
+| [appgw.ingress.kubernetes.io/health-probe-port](#health-probe-port) | `int32` | `nil`  |   |
+| [appgw.ingress.kubernetes.io/health-probe-path](#health-probe-path) | `string` | `nil`  |   |
+| [appgw.ingress.kubernetes.io/health-probe-status-codes](#health-probe-status-codes) | `[]string` | `nil`  |   |
+| [appgw.ingress.kubernetes.io/health-probe-interval](#health-probe-interval) | `int32` | `nil`  |   |
+| [appgw.ingress.kubernetes.io/health-probe-timeout](#health-probe-timeout) | `int32` | `nil`  |   |
+| [appgw.ingress.kubernetes.io/health-probe-unhealthy-threshold](#health-probe-unhealthy-threshold) | `int32` | `nil`  |   |
 
 ## Override Frontend Port
 
@@ -478,4 +485,228 @@ spec:
           serviceName: auth-server
           servicePort: 80
 ```
-Note that the WAF policy will be applied to both `/ad-server` and `/auth` URLs.
+Note that the WAF policy will be applied to both `/ad-server` and `/auth` URLs.
+
+## Health Probe Hostname
+
+This annotation allows specifically define a target host to be used for AGW health probe. By default, if backend container running service with liveliness probe of type `HTTP GET` defined, host used in liveliness probe definition is also used as a target host for health probe. However if annotation `appgw.ingress.kubernetes.io/health-probe-hostname` is defined it overrides it with its own value.
+
+### Usage
+
+```yaml
+appgw.ingress.kubernetes.io/health-probe-hostname: <hostname>
+```
+
+### Example
+
+```yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: go-server-ingress-bkprefix
+  namespace: test-ag
+  annotations:
+    kubernetes.io/ingress.class: azure/application-gateway
+    appgw.ingress.kubernetes.io/health-probe-hostname: "my-backend-host.custom.app"
+spec:
+  rules:
+  - http:
+      paths:
+      - path: /hello/
+        backend:
+          serviceName: go-server-service
+          servicePort: 80
+```
+
+## Health Probe Port
+
+Health probe port annotation allows specifically define target TCP port to be used for AGW health probe. By default, if backend container running service has liveliness probe of type `HTTP GET` defined, port used in liveliness probe definition is also used as a port for health probe. Annotation `appgw.ingress.kubernetes.io/health-probe-port` has precedence over such default value.
+
+### Usage
+
+```yaml
+appgw.ingress.kubernetes.io/health-probe-port: <port number>
+```
+
+### Example
+
+```yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: go-server-ingress-bkprefix
+  namespace: test-ag
+  annotations:
+    kubernetes.io/ingress.class: azure/application-gateway
+    appgw.ingress.kubernetes.io/health-probe-hostname: "my-backend-host.custom.app"
+    appgw.ingress.kubernetes.io/health-probe-port: "443"
+    appgw.ingress.kubernetes.io/health-probe-path: "/healthz"
+    appgw.ingress.kubernetes.io/backend-protocol: https
+spec:
+  tls:
+    - secretName: "my-backend-host.custom.app-ssl-certificate"
+  rules:
+  - http:
+      paths:
+      - path: /
+        backend:
+          serviceName: go-server-service
+          servicePort: 443
+```
+
+## Health Probe Path
+
+This annotation allows specifically define target URI path to be used for AGW health probe. By default, if backend container running service with liveliness probe of type `HTTP GET` defined , path defined in liveliness probe definition is also used as a path for health probe. However annotation `appgw.ingress.kubernetes.io/health-probe-path` overrides it with its own value.
+
+### Usage
+
+```yaml
+appgw.ingress.kubernetes.io/health-probe-path: <URI path>
+```
+
+### Example
+
+```yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: go-server-ingress-bkprefix
+  namespace: test-ag
+  annotations:
+    kubernetes.io/ingress.class: azure/application-gateway
+    appgw.ingress.kubernetes.io/health-probe-hostname: "my-backend-host.custom.app"
+    appgw.ingress.kubernetes.io/health-probe-port: "8080"
+    appgw.ingress.kubernetes.io/health-probe-path: "/healthz"
+spec:
+  rules:
+  - http:
+      paths:
+      - path: /
+        backend:
+          serviceName: go-server-service
+          servicePort: 8080
+```
+
+## Health Probe Status Codes
+
+This annotation defines healthy status codes returned by the health probe. The values are comma seperated list of individual status codes or ranges defined as `<start of the range>-<end of the range>`.
+
+### Usage
+
+```yaml
+appgw.ingress.kubernetes.io/health-probe-status-codes: <status codes>
+```
+
+### Example
+
+```yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: go-server-ingress-bkprefix
+  namespace: test-ag
+  annotations:
+    kubernetes.io/ingress.class: azure/application-gateway
+    appgw.ingress.kubernetes.io/health-probe-status-codes: "200-399, 401"
+spec:
+  rules:
+  - http:
+      paths:
+      - path: /
+        backend:
+          serviceName: go-server-service
+          servicePort: 8080
+```
+
+## Health Probe Interval
+
+This annotation sets AGW health probe interval. By default, if backend container running service with liveliness probe of type `HTTP GET` defined, interval in liveliness probe definition is also used as a interval for health probe. However annotation `appgw.ingress.kubernetes.io/health-probe-interval` overrides it with its value.
+
+### Usage
+
+```yaml
+appgw.ingress.kubernetes.io/health-probe-interval: <interval seconds>
+```
+
+### Example
+
+```yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: go-server-ingress-bkprefix
+  namespace: test-ag
+  annotations:
+    kubernetes.io/ingress.class: azure/application-gateway
+    appgw.ingress.kubernetes.io/health-probe-interval: "20"
+spec:
+  rules:
+  - http:
+      paths:
+      - path: /
+        backend:
+          serviceName: go-server-service
+          servicePort: 8080
+```
+
+## Health Probe Timeout
+
+This annotation allows specifically define timeout for AGW health probe. By default, if backend container running service with liveliness probe of type `HTTP GET` defined, timeout defined in liveliness probe definition is also used for health probe. However annotation `appgw.ingress.kubernetes.io/health-probe-timeout` overrides it with its value.
+
+### Usage
+
+```yaml
+appgw.ingress.kubernetes.io/health-probe-timeout: <timeout seconds>
+```
+
+### Example
+
+```yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: go-server-ingress-bkprefix
+  namespace: test-ag
+  annotations:
+    kubernetes.io/ingress.class: azure/application-gateway
+    appgw.ingress.kubernetes.io/health-probe-timeout: "15"
+spec:
+  rules:
+  - http:
+      paths:
+      - path: /
+        backend:
+          serviceName: go-server-service
+          servicePort: 8080
+```
+
+## Health Probe Unhealthy Threshold
+
+This annotation allows specifically define target unhealthy thresold for AGW health probe. By default, if backend container running service with liveliness probe of type `HTTP GET` defined , threshold defined in liveliness probe definition is also used for health probe. However annotation `appgw.ingress.kubernetes.io/health-probe-unhealthy-threshold` overrides it with its value.
+
+### Usage
+
+```yaml
+appgw.ingress.kubernetes.io/health-probe-unhealthy-threshold: <unhealthy threshold>
+```
+
+### Example
+
+```yaml
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: go-server-ingress-bkprefix
+  namespace: test-ag
+  annotations:
+    kubernetes.io/ingress.class: azure/application-gateway
+    appgw.ingress.kubernetes.io/health-probe-unhealthy-threshold: "5"
+spec:
+  rules:
+  - http:
+      paths:
+      - path: /
+        backend:
+          serviceName: go-server-service
+          servicePort: 8080
+```
diff --git a/pkg/annotations/ingress_annotations.go b/pkg/annotations/ingress_annotations.go
@@ -27,6 +27,27 @@ const (
 	// Null means Host specified in the request to Application Gateway is used to connect to the backend.
 	BackendHostNameKey = ApplicationGatewayPrefix + "/backend-hostname"
 
+	// HealthProbeHostKey defines the key for Host which should be used as a target for health probe.
+	HealthProbeHostKey = ApplicationGatewayPrefix + "/health-probe-hostname"
+
+	// HealthProbePortKey defines the key for port that should be used as a target for health probe.
+	HealthProbePortKey = ApplicationGatewayPrefix + "/health-probe-port"
+
+	// HealthProbePathKey defines the key for URL path which should be used as a target for health probe.
+	HealthProbePathKey = ApplicationGatewayPrefix + "/health-probe-path"
+
+	// HealthProbeStatusCodesKey defines status codes returned by the probe to be interpreted as healty service
+	HealthProbeStatusCodesKey = ApplicationGatewayPrefix + "/health-probe-status-codes"
+
+	// HealthProbeIntervalKey defines the probe interval in seconds
+	HealthProbeIntervalKey = ApplicationGatewayPrefix + "/health-probe-interval"
+
+	// HealthProbeTimeoutKey defines the probe timeout in seconds
+	HealthProbeTimeoutKey = ApplicationGatewayPrefix + "/health-probe-timeout"
+
+	// HealthProbeUnhealthyThresholdKey defines threshold for marking backend server as unhealthy
+	HealthProbeUnhealthyThresholdKey = ApplicationGatewayPrefix + "/health-probe-unhealthy-threshold"
+
 	// CookieBasedAffinityKey defines the key to enable/disable cookie based affinity for client connection.
 	CookieBasedAffinityKey = ApplicationGatewayPrefix + "/cookie-based-affinity"
 
@@ -135,6 +156,50 @@ func BackendHostName(ing *v1beta1.Ingress) (string, error) {
 	return parseString(ing, BackendHostNameKey)
 }
 
+// HealthProbeHostName probe hostname override
+func HealthProbeHostName(ing *v1beta1.Ingress) (string, error) {
+	return parseString(ing, HealthProbeHostKey)
+}
+
+// HealthProbePort probe port override
+func HealthProbePort(ing *v1beta1.Ingress) (int32, error) {
+	return parseInt32(ing, HealthProbePortKey)
+}
+
+// HealthProbePath probe path override
+func HealthProbePath(ing *v1beta1.Ingress) (string, error) {
+	return parseString(ing, HealthProbePathKey)
+}
+
+// HealthProbeStatusCodes probe status codes
+func HealthProbeStatusCodes(ing *v1beta1.Ingress) ([]string, error) {
+	value, err := parseString(ing, HealthProbeStatusCodesKey)
+	if value != "" {
+		codesArray := strings.Split(value, ",")
+		for index, element := range codesArray {
+			codesArray[index] = strings.TrimSpace(element)
+		}
+		return codesArray, err
+	}
+
+	return nil, err
+}
+
+// HealthProbeInterval probe interval
+func HealthProbeInterval(ing *v1beta1.Ingress) (int32, error) {
+	return parseInt32(ing, HealthProbeIntervalKey)
+}
+
+// HealthProbeTimeout probe timeout
+func HealthProbeTimeout(ing *v1beta1.Ingress) (int32, error) {
+	return parseInt32(ing, HealthProbeTimeoutKey)
+}
+
+// HealthProbeUnhealthyThreshold probe threshold
+func HealthProbeUnhealthyThreshold(ing *v1beta1.Ingress) (int32, error) {
+	return parseInt32(ing, HealthProbeUnhealthyThresholdKey)
+}
+
 // GetAppGwSslCertificate refer to appgw installed certificate
 func GetAppGwSslCertificate(ing *v1beta1.Ingress) (string, error) {
 	return parseString(ing, AppGwSslCertificate)