Skip to content

feat(loadbalancer): add healthCheckNodePort opt-in support #196

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

feat(loadbalancer): add healthCheckNodePort opt-in support #196

wants to merge 2 commits into from

Conversation

@aslafy-z
Copy link

@aslafy-z aslafy-z commented Nov 27, 2025
edited
Loading

Description

This PR extends the service.beta.kubernetes.io/scw-loadbalancer-health-check-port annotation (introduced in #195) with support for automatic detection of Kubernetes' healthCheckNodePort.

Problem

When using externalTrafficPolicy: Local, kube-proxy (or cilium) allocates a dedicated spec.healthCheckNodePort on each node specifically for load balancer health probes. While #195 added the ability to manually specify a health check port, users still had to look up and hardcode the healthCheckNodePort value.

Fixes #192
Depends on #195

Solution

Added support for the special value "auto" which:

  • When externalTrafficPolicy: Local and spec.healthCheckNodePort is set → uses healthCheckNodePort
  • Otherwise → falls back to nodePort (default behavior)

This aligns with native Kubernetes LoadBalancer health check behavior and enables seamless client source IP preservation.

Example Usage

apiVersion: v1
kind: Service
metadata:
  name: my-service
  annotations:
    # Automatic detection: uses healthCheckNodePort when available
    service.beta.kubernetes.io/scw-loadbalancer-health-check-port: "auto"
spec:
  type: LoadBalancer
  externalTrafficPolicy: Local 
  ports:
    - port: 80
      targetPort: 8080

Per-port configuration is also supported:

service.beta.kubernetes.io/scw-loadbalancer-health-check-port: "80:auto;443:31234"

Future Work

In the next major release, "auto" will become the default behavior.

@aslafy-z
feat(loadbalancer): add health check port annotation
25de738 
Signed-off-by: Zadkiel AHARONIAN <hello@zadkiel.fr>
@aslafy-z aslafy-z changed the title feat(loadbalancer): add health check port annotation feat(loadbalancer): add healthCheckNodePort opt-in support Nov 27, 2025
@aslafy-z
feat(loadbalancer): add healthCheckNodePort opt-in support
be4b495 
Signed-off-by: Zadkiel AHARONIAN <hello@zadkiel.fr>
@aslafy-z aslafy-z force-pushed the feat/healthechecknodeport branch from 9be5683 to be4b495 Compare November 27, 2025 11:34
This was referenced Nov 27, 2025
Closed
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Feature request: Support dynamic healthCheckNodePort for LoadBalancers

1 participant

@aslafy-z