New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add HealthCheck for KubernetesCRD ExternalName services #10467
base: master
Are you sure you want to change the base?
Conversation
Hi @emilevauge, This PR is related to issue #8147 for which you requested help from the community. Then, if it is ok, I'll add unit tests and documentation. I tested these modifications and it answers my need. Thanks for your help. Marc |
Hello, Do I have to rebase it on v2.11 or can I keep it on master ? Thanks. |
Hey @marcmognol, No need to rebase the PR (it's an enhancement). |
Hello @marcmognol and thanks for this contribution, Instead of allowing the user to define the server URLs in a TraefikService, we would prefer to leverage K8s As explained in #8541 (comment), I think you can get some inspiration from #8663. If that is ok for you, could you please also give some credits to @StephanSalas in the pull request description? |
Hello @kevinpollet Thank you for your reply. I choose to do this way, because I thought it is easier to configure with the CRD only. So, I followed your advice, and thanks to the PR of @StephanSalas I was able to add some changes to this PR. Could you please tell me if I am in the right direction before going further ? Editing the title of this PR and add reference to the previous PR of @StephanSalas. So, with this method, I can define Health Check on the service level. Is there any performance downside compared to a single service of type Load Balancer? Thanks for your answers. Marc |
Hello @kevinpollet I can achieve having single LoadBalancer with CRD when I use static Endpoints object for a Service. But I can only use IP address, I am not able to use FQDN of external services on the Endpoint. That's why I think addind CRD LoadBalancer type can be a great idea. Please let me know if we could also implement CRD for LoadBalancer? Thanks |
Hello @marcmognol and sorry for the late answer,
There is not a real performance downside. This is because, in the IngressRoute configuration, it is possible to configure a weight for the service, which implies using a WRR. This is not true anymore since #10372, but this should not be changed in this PR.
Here I am not sure to follow can you elaborate? Regarding the code, here https://github.com/traefik/traefik/pull/10467/files#diff-7d5c919304c65587ab6f978e73008d6d268e9bbb6db829eadf8d72f4f492e28fR306 the health check has to be set up only for external name services. For other services, we want to rely only on K8s healtcheck, did I miss something? |
Hello @kevinpollet, Thanks for your reply. In fact I would need to convert the following file configuration into CRDs:
Where keeping sticky cookie and health checks are mandatory. Thanks for your help on this. |
Hello @marcmognol, I think there is a misunderstanding, #8147 and #8541 are about adding the health check feature for ExternalName services. For other K8s service types, we want to use the orchestrator health check which adds or removes endpoints dynamically to the corresponding services. If I am not missing something by using ExternalName services it is already possible to do what you want, we are just missing the healtcheck feature (please note that the following option has to be enabled). Something like: ---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: foo
spec:
routes:
- match: Host(`foo.com`)
kind: Rule
services:
- name: wrr
kind: TraefikService
---
apiVersion: traefik.io/v1alpha1
kind: TraefikService
metadata:
name: wrr
spec:
weighted:
services:
- name: external-svc1
scheme: https
port: 443
- name: external-svc2
scheme: https
port: 443
---
apiVersion: v1
kind: Service
metadata:
name: external-svc1
spec:
externalName: localserver-1.asf.pri
type: ExternalName
---
apiVersion: v1
kind: Service
metadata:
name: external-svc2
spec:
externalName: localserver-2.asf.pri
type: ExternalName Does it make sense? |
Hello @kevinpollet Yes it makes sense thank you. What about the sticky cookie which is required for me to ensure each request is routed to right service ? If it is possible, then I'll update actual PR to add HealthCheck feature. Marc |
Hello @marcmognol,
I missed to add the sticky configuration in the example, as explained in https://doc.traefik.io/traefik/routing/providers/kubernetes-crd/#stickiness-and-load-balancing it is possible to configure the stickiness at the WRR level. |
Hello @kevinpollet Thanks. |
Hello @marcmognol, did I miss something, the code is still adding the health check configuration for all services? (https://github.com/traefik/traefik/pull/10467/files#diff-7d5c919304c65587ab6f978e73008d6d268e9bbb6db829eadf8d72f4f492e28fR306) |
Hello @kevinpollet Thanks |
@kevinpollet I rebased my branch and now tests are failing. Could you please tell me if I am in the right direction before fixing my code to fit new unit tests ? Thanks |
Hello @marcmognol, Sorry for the late answer, you are in the right direction, I added some suggestions. |
Hi @kevinpollet Thanks for your feedback. Marc |
Hi @marcmognol, Last thing, could you add some documentation in the following section https://doc.traefik.io/traefik/routing/providers/kubernetes-crd/#kind-ingressroute? Could you also rebase the pull request to fix the CI? |
909d572
to
06b92e7
Compare
3bcd690
to
b6eb02b
Compare
Thanks for your comment. Marc |
317a55c
to
0f38e4a
Compare
What does this PR do?
This PR adds the possibility to configure HealthChecks for external named services.
Motivation
In some cases, we need to be able to configure HealthChecks on ExternalName services configured with CRD.
With this PR it will be possible to do the following :
Big thanks to @StephanSalas for the inspiration.
Closes #8147
Closes #8541
More
Additional Notes