Skip to content

feat(loadbalancer): add health check port annotation #195

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat(loadbalancer): add health check port annotation #195

wants to merge 1 commit into from

Conversation

@aslafy-z
Copy link

@aslafy-z aslafy-z commented Nov 27, 2025
edited
Loading

Fixes #194
Partially addresses #192

Summary

This PR introduces a new annotation service.beta.kubernetes.io/scw-loadbalancer-health-check-port that allows users to explicitly define the port used for health checks on Scaleway Load Balancers.

Motivation

The Scaleway CCM currently determines the LoadBalancer health check port based on the per-port nodePort. However, there is no simple way to force a specific port for the health check, which is limiting in several use cases:

  • Legacy probes on fixed ports
  • Constrained firewall rules
  • Fixed monitoring pipelines
  • Using spec.healthCheckNodePort with externalTrafficPolicy: Local

Changes

  • New annotation: service.beta.kubernetes.io/scw-loadbalancer-health-check-port
    • Single port for all backends: 18080
    • Per-port configuration: 80:10080;443:10443
    • Mixed with default fallback: 80,8080:10080;9090 (port 8888 would use 9090)
    • Valid port range: 1-65535
    • Falls back to NodePort when not set or no match

Usage Examples

apiVersion: v1
kind: Service
metadata:
  name: my-service
  annotations:
    service.beta.kubernetes.io/scw-loadbalancer-health-check-port: "30021"
spec:
  type: LoadBalancer
  externalTrafficPolicy: Local
  healthCheckNodePort: 30021  # manual defined to ensure the value stays stable 
  ports:
    - port: 80
      targetPort: 8080
apiVersion: v1
kind: Service
metadata:
  name: my-service
  annotations:
    # Per-port configuration
    service.beta.kubernetes.io/scw-loadbalancer-health-check-port: "80:10080;443:10443"
spec:
  type: LoadBalancer
  ports:
    - port: 80
      targetPort: 8080
    - port: 443
      targetPort: 8443
apiVersion: v1
kind: Service
metadata:
  name: my-service
  annotations:
    # Mixed: specific ports + default fallback
    # port 80 or 8080 → 10080, all others → 9090
    service.beta.kubernetes.io/scw-loadbalancer-health-check-port: "80,8080:10080;9090"
spec:
  type: LoadBalancer
  ports:
    - port: 80
    - port: 443
    - port: 8080

Testing

  • Added unit tests covering:
    • Default behavior (no annotation, returns nodePort)
    • Minimum valid port (1)
    • Maximum valid port (65535)
    • Error cases: port too low (0), port too high (65536), negative port, non-numeric value

Future Work

For full resolution of #192, a follow-up PR could automatically detect and use spec.healthCheckNodePort when externalTrafficPolicy: Local is set, without requiring manual annotation.

@aslafy-z
feat(loadbalancer): add health check port annotation
25de738 
Signed-off-by: Zadkiel AHARONIAN <hello@zadkiel.fr>
@aslafy-z aslafy-z marked this pull request as ready for review November 27, 2025 10:54
This was referenced Nov 27, 2025
Draft
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Feature request: Support service.beta.kubernetes.io/scw-loadbalancer-healthcheck-port

1 participant

@aslafy-z