无法在 GKE 上配置 hazelcast 监控中心健康检查(不同端口)

Can not configure hazelcast monitoring center health check (different port) on GKE

我对 K8s 有点陌生,现在 运行 遇到无法在 Google 云 ingress/load 平衡器上配置运行状况检查的问题。 hazelcast man-center 在端口 8081 上进行健康检查,但工作端口是 8080。当我将应用程序部署到 GKE 中时,健康检查是在指工作端口 (8080) 的工作节点端口上完成的。在文档 here and here 中说我需要添加自定义 BackendConfig 并在服务中为引用应用程序健康检查端口 (8081) 的健康检查 nodePort 配置。我这样做了,但它没有覆盖工作端口上的默认健康检查。所以它失败了。

这些是我的 yaml 文件:

hazelcast-mc-后端-config.yaml

apiVersion: cloud.google.com/v1
kind: BackendConfig
metadata:
  name: hazelcast-mc-backend-config
spec:
  healthCheck:
    checkIntervalSec: 60
    timeoutSec: 60
    healthyThreshold: 1
    unhealthyThreshold: 10
    type: HTTP2
    requestPath: /hazelcast-mc/health
    port: 31111
  timeoutSec: 86400
  connectionDraining:
    drainingTimeoutSec: 30
  customRequestHeaders:
    headers:
      - "X-Client-Region:{client_region}"
      - "X-Client-City:{client_city}"
      - "X-Origin-Request-Header:{origin_request_header}"
      - "X-TLS-Version:{tls_version}"

hazelcast-mc-service.yaml

apiVersion: v1
kind: Service
metadata:
  annotations:
    cloud.google.com/backend-config: '{"ports": {"8081":"hazelcast-mc-backend-config"}}'
    cloud.google.com/app-protocols: '{"hazelcast-management-center":"HTTP2"}'
  name: hazelcast-management-center
spec:
  ports:
    - name: hazelcast-management-center
      port: 443
      targetPort: 8080
    - name: hazelcast-management-center-health
      port: 8081
      targetPort: 8081
      nodePort: 31111
  selector:
    app: hazelcast-management-center
    tier: backend
  type: NodePort

hazelcast-mc-deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: hazelcast-management-center
  labels:
    app: hazelcast-management-center
    tier: backend
spec:
  replicas: 1
  selector:
    matchLabels:
      app: hazelcast-management-center
  strategy:
    rollingUpdate:
      maxSurge: 3
      maxUnavailable: 50%
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: hazelcast-management-center
        tier: backend
    spec:
      containers:
        - name: hazelcast-management-center
          image: hazelcast/management-center:5.1.3
          imagePullPolicy: "Always"
          securityContext:
            runAsUser: 2  # non-root user
            allowPrivilegeEscalation: false
          resources:
            requests:
              memory: 128Mi
              cpu: 20m
            limits:
              memory: 256Mi
              cpu: 200m
          env:
            - name: MC_ADMIN_USER
              value: admin
            - name: MC_ADMIN_PASSWORD
              value: random
            - name: MC_CONTEXT_PATH
              value: /hazelcast-mc
            - name: MC_HEALTH_CHECK_ENABLE
              value: "true"
          ports:
            - name: mancenter
              containerPort: 8080
            - name: health
              containerPort: 8081
          livenessProbe:
            httpGet:
              path: /hazelcast-mc/health
              port: 8081
            initialDelaySeconds: 45
            periodSeconds: 10
            timeoutSeconds: 5
            successThreshold: 1
            failureThreshold: 10
          readinessProbe:
            httpGet:
              path: /hazelcast-mc/health
              port: 8081
            initialDelaySeconds: 45
            periodSeconds: 10
            timeoutSeconds: 1
            successThreshold: 1
            failureThreshold: 3

我做错了什么?

问题已通过将 Backendconfig 配置为服务的默认配置解决。外部负载均衡器的健康检查正在使用 nodePort,所以我必须指定它。

apiVersion: v1
kind: Service
metadata:
  annotations:
    cloud.google.com/backend-config: '{"default": "hazelcast-mc-backend-config"}'
  name: hazelcast-management-center
spec:
  ports:
    - name: hazelcast-management-center
      port: 80
      targetPort: 8080
    - name: hazelcast-management-health
      port: 8081
      targetPort: 8081
      nodePort: 31111
  selector:
    app: hazelcast-management-center
    tier: backend
  type: NodePort