DevFW-CICD/ingress-nginx-helm
16
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #1749 from aledbf/cloud-health-check

Browse source 
Automatic merge from submit-queue

[nginx-ingress-controller] Readiness probe that works behind a CP lb

fixes #1507
This commit is contained in:
Kubernetes Submit Queue 2016-09-26 15:44:12 -07:00 committed by GitHub
commit 741ac710cd
16 changed files with 148 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
controllers/nginx/controller.go
View file

@ -89,24 +89,31 @@ func (npm namedPortMapping) getPortMappings() map[string]string {
// loadBalancerController watches the kubernetes api and adds/removes services // loadBalancerController watches the kubernetes api and adds/removes services
// from the loadbalancer // from the loadbalancer
type loadBalancerController struct { type loadBalancerController struct {
client *client.Client client *client.Client
ingController *framework.Controller
endpController *framework.Controller ingController *framework.Controller
svcController *framework.Controller endpController *framework.Controller
secrController *framework.Controller svcController *framework.Controller
mapController *framework.Controller secrController *framework.Controller
ingLister StoreToIngressLister mapController *framework.Controller
svcLister cache.StoreToServiceLister
endpLister cache.StoreToEndpointsLister ingLister StoreToIngressLister
secrLister StoreToSecretsLister svcLister cache.StoreToServiceLister
mapLister StoreToConfigmapLister endpLister cache.StoreToEndpointsLister
nginx *nginx.Manager secrLister StoreToSecretsLister
podInfo *podInfo mapLister StoreToConfigmapLister
defaultSvc string
nxgConfigMap string nginx *nginx.Manager
tcpConfigMap string podInfo *podInfo
udpConfigMap string
defaultSvc string
nxgConfigMap string
tcpConfigMap string
udpConfigMap string
defSSLCertificate string defSSLCertificate string
defHealthzURL string
recorder record.EventRecorder recorder record.EventRecorder
@ -127,7 +134,7 @@ type loadBalancerController struct {
// newLoadBalancerController creates a controller for nginx loadbalancer // newLoadBalancerController creates a controller for nginx loadbalancer
func newLoadBalancerController(kubeClient *client.Client, resyncPeriod time.Duration, func newLoadBalancerController(kubeClient *client.Client, resyncPeriod time.Duration,
defaultSvc, namespace, nxgConfigMapName, tcpConfigMapName, udpConfigMapName, defaultSvc, namespace, nxgConfigMapName, tcpConfigMapName, udpConfigMapName,
defSSLCertificate string, runtimeInfo *podInfo) (*loadBalancerController, error) { defSSLCertificate, defHealthzURL string, runtimeInfo *podInfo) (*loadBalancerController, error) {
eventBroadcaster := record.NewBroadcaster() eventBroadcaster := record.NewBroadcaster()
eventBroadcaster.StartLogging(glog.Infof) eventBroadcaster.StartLogging(glog.Infof)
@ -143,6 +150,7 @@ func newLoadBalancerController(kubeClient *client.Client, resyncPeriod time.Dura
udpConfigMap: udpConfigMapName, udpConfigMap: udpConfigMapName,
defSSLCertificate: defSSLCertificate, defSSLCertificate: defSSLCertificate,
defaultSvc: defaultSvc, defaultSvc: defaultSvc,
defHealthzURL: defHealthzURL,
recorder: eventBroadcaster.NewRecorder(api.EventSource{ recorder: eventBroadcaster.NewRecorder(api.EventSource{
Component: "nginx-ingress-controller", Component: "nginx-ingress-controller",
}), }),
@ -450,6 +458,7 @@ func (lbc *loadBalancerController) sync(key string) error {
} }
ngxConfig := lbc.nginx.ReadConfig(cfg) ngxConfig := lbc.nginx.ReadConfig(cfg)
ngxConfig.HealthzURL = lbc.defHealthzURL
ings := lbc.ingLister.Store.List() ings := lbc.ingLister.Store.List()
upstreams, servers := lbc.getUpstreamServers(ngxConfig, ings) upstreams, servers := lbc.getUpstreamServers(ngxConfig, ings)

13
controllers/nginx/examples/custom-configuration/rc-custom-configuration.yaml
View file

@ -19,13 +19,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/custom-errors/rc-custom-errors.yaml
View file

@ -19,13 +19,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/custom-template/custom-template.yaml
View file

@ -19,13 +19,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/daemonset/as-daemonset.yaml
View file

@ -13,13 +13,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/default/rc-default.yaml
View file

@ -19,13 +19,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/full/rc-full.yaml
View file

@ -24,13 +24,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/proxy-protocol/nginx-rc.yaml
View file

@ -19,13 +19,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/sysctl/change-proc-values-rc.yaml
View file

@ -92,13 +92,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/tcp/rc-tcp.yaml
View file

@ -19,13 +19,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/tls/rc-ssl.yaml
View file

@ -19,13 +19,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

13
controllers/nginx/examples/udp/rc-udp.yaml
View file

@ -19,13 +19,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME

5
controllers/nginx/main.go
View file

@ -79,6 +79,9 @@ var (
defSSLCertificate = flags.String("default-ssl-certificate", "", `Name of the secret that contains a SSL defSSLCertificate = flags.String("default-ssl-certificate", "", `Name of the secret that contains a SSL
certificate to be used as default for a HTTPS catch-all server`) certificate to be used as default for a HTTPS catch-all server`)
defHealthzURL = flags.String("health-check-path", "/ingress-controller-healthz", `Defines the URL to
be used as health check inside in the default server in NGINX.`)
) )
func main() { func main() {
@ -121,7 +124,7 @@ func main() {
lbc, err := newLoadBalancerController(kubeClient, *resyncPeriod, lbc, err := newLoadBalancerController(kubeClient, *resyncPeriod,
*defaultSvc, *watchNamespace, *nxgConfigMap, *tcpConfigMapName, *defaultSvc, *watchNamespace, *nxgConfigMap, *tcpConfigMapName,
*udpConfigMapName, *defSSLCertificate, runtimePodInfo) *udpConfigMapName, *defSSLCertificate, *defHealthzURL, runtimePodInfo)
if err != nil { if err != nil {
glog.Fatalf("%v", err) glog.Fatalf("%v", err)
} }

6
controllers/nginx/nginx.tmpl
View file

@ -267,6 +267,12 @@ http {
{{ end }} {{ end }}
{{ if eq $server.Name "_" }} {{ if eq $server.Name "_" }}
# health checks in cloud providers require the use of port 80
location {{ $cfg.healthzUrl }} {
access_log off;
return 200;
}
# this is required to avoid error if nginx is being monitored # this is required to avoid error if nginx is being monitored
# with an external software (like sysdig) # with an external software (like sysdig)
location /nginx_status { location /nginx_status {

3
controllers/nginx/nginx/config/config.go
View file

@ -78,6 +78,9 @@ type Configuration struct {
// Sets the maximum allowed size of the client request body // Sets the maximum allowed size of the client request body
BodySize string `structs:"body-size,omitempty"` BodySize string `structs:"body-size,omitempty"`
// HealthzURL defines the URL should be used in probes
HealthzURL string
// EnableDynamicTLSRecords enables dynamic TLS record sizes // EnableDynamicTLSRecords enables dynamic TLS record sizes
// https://blog.cloudflare.com/optimizing-tls-over-tcp-to-reduce-latency // https://blog.cloudflare.com/optimizing-tls-over-tcp-to-reduce-latency
// By default this is enabled // By default this is enabled

13
controllers/nginx/rc.yaml
View file

@ -71,13 +71,18 @@ spec:
- image: gcr.io/google_containers/nginx-ingress-controller:0.8.3 - image: gcr.io/google_containers/nginx-ingress-controller:0.8.3
name: nginx-ingress-lb name: nginx-ingress-lb
imagePullPolicy: Always imagePullPolicy: Always
readinessProbe:
httpGet:
path: /ingress-controller-healthz
port: 80
scheme: HTTP
livenessProbe: livenessProbe:
httpGet: httpGet:
path: /healthz path: /ingress-controller-healthz
port: 10254 port: 80
scheme: HTTP scheme: HTTP
initialDelaySeconds: 30 initialDelaySeconds: 10
timeoutSeconds: 5 timeoutSeconds: 1
# use downward API # use downward API
env: env:
- name: POD_NAME - name: POD_NAME