无法在 GKE 上配置 hazelcast 监控中心健康检查(不同端口)
Can not configure hazelcast monitoring center health check (different port) on GKE
我对 K8s 有点陌生,现在 运行 遇到无法在 Google 云 ingress/load 平衡器上配置运行状况检查的问题。 hazelcast man-center 在端口 8081 上进行健康检查,但工作端口是 8080。当我将应用程序部署到 GKE 中时,健康检查是在指工作端口 (8080) 的工作节点端口上完成的。在文档 here and here 中说我需要添加自定义 BackendConfig 并在服务中为引用应用程序健康检查端口 (8081) 的健康检查 nodePort 配置。我这样做了,但它没有覆盖工作端口上的默认健康检查。所以它失败了。
这些是我的 yaml 文件:
hazelcast-mc-后端-config.yaml
apiVersion: cloud.google.com/v1
kind: BackendConfig
metadata:
name: hazelcast-mc-backend-config
spec:
healthCheck:
checkIntervalSec: 60
timeoutSec: 60
healthyThreshold: 1
unhealthyThreshold: 10
type: HTTP2
requestPath: /hazelcast-mc/health
port: 31111
timeoutSec: 86400
connectionDraining:
drainingTimeoutSec: 30
customRequestHeaders:
headers:
- "X-Client-Region:{client_region}"
- "X-Client-City:{client_city}"
- "X-Origin-Request-Header:{origin_request_header}"
- "X-TLS-Version:{tls_version}"
hazelcast-mc-service.yaml
apiVersion: v1
kind: Service
metadata:
annotations:
cloud.google.com/backend-config: '{"ports": {"8081":"hazelcast-mc-backend-config"}}'
cloud.google.com/app-protocols: '{"hazelcast-management-center":"HTTP2"}'
name: hazelcast-management-center
spec:
ports:
- name: hazelcast-management-center
port: 443
targetPort: 8080
- name: hazelcast-management-center-health
port: 8081
targetPort: 8081
nodePort: 31111
selector:
app: hazelcast-management-center
tier: backend
type: NodePort
hazelcast-mc-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: hazelcast-management-center
labels:
app: hazelcast-management-center
tier: backend
spec:
replicas: 1
selector:
matchLabels:
app: hazelcast-management-center
strategy:
rollingUpdate:
maxSurge: 3
maxUnavailable: 50%
type: RollingUpdate
template:
metadata:
labels:
app: hazelcast-management-center
tier: backend
spec:
containers:
- name: hazelcast-management-center
image: hazelcast/management-center:5.1.3
imagePullPolicy: "Always"
securityContext:
runAsUser: 2 # non-root user
allowPrivilegeEscalation: false
resources:
requests:
memory: 128Mi
cpu: 20m
limits:
memory: 256Mi
cpu: 200m
env:
- name: MC_ADMIN_USER
value: admin
- name: MC_ADMIN_PASSWORD
value: random
- name: MC_CONTEXT_PATH
value: /hazelcast-mc
- name: MC_HEALTH_CHECK_ENABLE
value: "true"
ports:
- name: mancenter
containerPort: 8080
- name: health
containerPort: 8081
livenessProbe:
httpGet:
path: /hazelcast-mc/health
port: 8081
initialDelaySeconds: 45
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 10
readinessProbe:
httpGet:
path: /hazelcast-mc/health
port: 8081
initialDelaySeconds: 45
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
我做错了什么?
问题已通过将 Backendconfig 配置为服务的默认配置解决。外部负载均衡器的健康检查正在使用 nodePort,所以我必须指定它。
apiVersion: v1
kind: Service
metadata:
annotations:
cloud.google.com/backend-config: '{"default": "hazelcast-mc-backend-config"}'
name: hazelcast-management-center
spec:
ports:
- name: hazelcast-management-center
port: 80
targetPort: 8080
- name: hazelcast-management-health
port: 8081
targetPort: 8081
nodePort: 31111
selector:
app: hazelcast-management-center
tier: backend
type: NodePort
我对 K8s 有点陌生,现在 运行 遇到无法在 Google 云 ingress/load 平衡器上配置运行状况检查的问题。 hazelcast man-center 在端口 8081 上进行健康检查,但工作端口是 8080。当我将应用程序部署到 GKE 中时,健康检查是在指工作端口 (8080) 的工作节点端口上完成的。在文档 here and here 中说我需要添加自定义 BackendConfig 并在服务中为引用应用程序健康检查端口 (8081) 的健康检查 nodePort 配置。我这样做了,但它没有覆盖工作端口上的默认健康检查。所以它失败了。
这些是我的 yaml 文件:
hazelcast-mc-后端-config.yaml
apiVersion: cloud.google.com/v1
kind: BackendConfig
metadata:
name: hazelcast-mc-backend-config
spec:
healthCheck:
checkIntervalSec: 60
timeoutSec: 60
healthyThreshold: 1
unhealthyThreshold: 10
type: HTTP2
requestPath: /hazelcast-mc/health
port: 31111
timeoutSec: 86400
connectionDraining:
drainingTimeoutSec: 30
customRequestHeaders:
headers:
- "X-Client-Region:{client_region}"
- "X-Client-City:{client_city}"
- "X-Origin-Request-Header:{origin_request_header}"
- "X-TLS-Version:{tls_version}"
hazelcast-mc-service.yaml
apiVersion: v1
kind: Service
metadata:
annotations:
cloud.google.com/backend-config: '{"ports": {"8081":"hazelcast-mc-backend-config"}}'
cloud.google.com/app-protocols: '{"hazelcast-management-center":"HTTP2"}'
name: hazelcast-management-center
spec:
ports:
- name: hazelcast-management-center
port: 443
targetPort: 8080
- name: hazelcast-management-center-health
port: 8081
targetPort: 8081
nodePort: 31111
selector:
app: hazelcast-management-center
tier: backend
type: NodePort
hazelcast-mc-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: hazelcast-management-center
labels:
app: hazelcast-management-center
tier: backend
spec:
replicas: 1
selector:
matchLabels:
app: hazelcast-management-center
strategy:
rollingUpdate:
maxSurge: 3
maxUnavailable: 50%
type: RollingUpdate
template:
metadata:
labels:
app: hazelcast-management-center
tier: backend
spec:
containers:
- name: hazelcast-management-center
image: hazelcast/management-center:5.1.3
imagePullPolicy: "Always"
securityContext:
runAsUser: 2 # non-root user
allowPrivilegeEscalation: false
resources:
requests:
memory: 128Mi
cpu: 20m
limits:
memory: 256Mi
cpu: 200m
env:
- name: MC_ADMIN_USER
value: admin
- name: MC_ADMIN_PASSWORD
value: random
- name: MC_CONTEXT_PATH
value: /hazelcast-mc
- name: MC_HEALTH_CHECK_ENABLE
value: "true"
ports:
- name: mancenter
containerPort: 8080
- name: health
containerPort: 8081
livenessProbe:
httpGet:
path: /hazelcast-mc/health
port: 8081
initialDelaySeconds: 45
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 10
readinessProbe:
httpGet:
path: /hazelcast-mc/health
port: 8081
initialDelaySeconds: 45
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
我做错了什么?
问题已通过将 Backendconfig 配置为服务的默认配置解决。外部负载均衡器的健康检查正在使用 nodePort,所以我必须指定它。
apiVersion: v1
kind: Service
metadata:
annotations:
cloud.google.com/backend-config: '{"default": "hazelcast-mc-backend-config"}'
name: hazelcast-management-center
spec:
ports:
- name: hazelcast-management-center
port: 80
targetPort: 8080
- name: hazelcast-management-health
port: 8081
targetPort: 8081
nodePort: 31111
selector:
app: hazelcast-management-center
tier: backend
type: NodePort