You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
By default, the Application Gateway Ingress Controller (AGIC) provisions an HTTP GET probe for exposed Azure Kubernetes Service (AKS) pods. You can customize the probe properties by adding a [readiness or liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) to your deployment or pod specification.
From my understanding, the AGIC health probe take precedence AGIC custom Annotations > Readiness Probe > Liveness Probe > AGIC default health probe (fallback)
For our case, we are not using any AGIC annotations, and our application (kestrel server) is listening on port 8443, while the AGIC health probe won't use Readiness probe or liveness probe unless the containerPort matches 8443.
Before the docs mentioned, the k8s container port is more like informational but this is misleading -
Quoting
- When using a Service with a targetPort that references a name in the ports arrays of the pod.
- Some software (ab)uses this API to get which ports are used (See https://github.com/kubernetes/kubernetes/issues/108131 Although unfixable, my goal is to fix the documentation so other people don't have the same problem). The Azure Load Balancer implementation does this for instance.
- Some other network/security software might use this information.
From this issue: #987.
AGIC is using containerPort when filtering container from pods. Would like to add to the AGIC docs mentioning about the containerPort needs to match the port on application server is listening on to make sure the readiness/liveness probe work.
To Reproduce
Steps to reproduce the behavior:
Application listens port on 8443
Set ContainerPort w/ 8443 or w/o using i.e: 443
Go to Azure Portal AGW Health Probes
The fallback to readiness probe works only when containerPort matches application ports listen on.
The text was updated successfully, but these errors were encountered:
Describe the bug
A clear and concise description of what the bug is.
According to the doc https://learn.microsoft.com/en-us/azure/application-gateway/ingress-controller-add-health-probes
By default, the Application Gateway Ingress Controller (AGIC) provisions an HTTP GET probe for exposed Azure Kubernetes Service (AKS) pods. You can customize the probe properties by adding a [readiness or liveness probe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) to your deployment or pod specification.From my understanding, the AGIC health probe take precedence
AGIC custom Annotations > Readiness Probe > Liveness Probe > AGIC default health probe (fallback)For our case, we are not using any AGIC annotations, and our application (kestrel server) is listening on port 8443, while the AGIC health probe won't use Readiness probe or liveness probe unless the containerPort matches 8443.
From the k8s docs: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#ports See known issue posts: kubernetes/kubernetes#108255
Before the docs mentioned, the k8s container port is more like informational but this is misleading -
Quoting
From this issue: #987.
AGIC is using containerPort when filtering container from pods. Would like to add to the AGIC docs mentioning about the containerPort needs to match the port on application server is listening on to make sure the readiness/liveness probe work.
To Reproduce
Steps to reproduce the behavior:
The text was updated successfully, but these errors were encountered: