Skip to content

Load Balancer Health Probe Configuration and Generation

Jump to bottom Edit New page
Vito Sabella edited this page Apr 19, 2022 · 3 revisions

Goals

  • Ensure that users have access to the full capability of Azure Load Balancer health probes to deploy any Load Balancer Service scenario in K8s including:
    • Independent per-port health probes
    • externalTrafficPolicy: Local / podPresence health probe
    • Single health probe endpoint used for multiple service ports
    • MultiProtocolLB
    • High Availability Ports mode
  • Generate load balancer health probes that are efficient - reducing duplication where possible
  • Allow for Standard and Basic Azure Load Balancers
  • Describe how cloud-controller-azure should reconcile changes between the current state of the Azure Load Balancer and the desired state in the configuration.

Scenarios

Independent health probes for each service port

One of the most common LoadBalancer service scenarios is basic HTTP/HTTPS ingress using popular ingress controllers like ingress-nginx. In this scenario

  • A single LoadBalancer service contains multiple ports, such as HTTP and HTTPS
  • Each port's health is independent of the other.
  • The listening service (ingress-nginx) In this circumstance the ideal health probe would leverage either HTTP or HTTPS probes
apiVersion: v1
kind: Service
metadata:
  name: demo-lb
  namespace: ingress-nginx
  annotations:
    service.beta.kubernetes.io/azure-load-balancer-internal: 'true'
spec:
  ports:
    - name: http
      protocol: TCP
      appProtocol: http
      port: 80
      targetPort: http
    - name: https
      protocol: TCP
      appProtocol: https
      port: 443
      targetPort: https
  selector:
    app.kubernetes.io/component: controller
    app.kubernetes.io/instance: nginx-ingress
    app.kubernetes.io/name: ingress-nginx
  type: LoadBalancer
  sessionAffinity: None
  externalTrafficPolicy: Cluster
  ipFamilies:
    - IPv4
  ipFamilyPolicy: SingleStack
  allocateLoadBalancerNodePorts: true
  internalTrafficPolicy: Cluster

Single health probe endpoint for all ports in a service

externalTrafficPolicy: Local

Design

  • The system should select the most specific, correct load balancer rule available for the port in question. In this question

Appendix

	// support podPresence health check when External Traffic Policy is local
	// take precedence over user defined probe configuration
	// healthcheck proxy server serves http requests
	// https://github.com/kubernetes/kubernetes/blob/7c013c3f64db33cf19f38bb2fc8d9182e42b0b7b/pkg/proxy/healthcheck/service_health.go#L236
Add a custom footer
Add a custom sidebar
Clone this wiki locally