Why are all the droplets connected to my load balancer down?

May 1, 2019 428 views
Kubernetes Load Balancing

All the droplets connected to my load balancer are down and I'm trying to find out how to make the health check pass. My setup is like this: DigitalOcean load balancer -> kubernetes ingress -> my application. The kubernetes ingress has no IP and my digitalocean load balancer returns 503.

kkubectl get ingress
NAME             HOSTS   ADDRESS   PORTS   AGE
my-ingress   *                 80      49s
NAME            TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)                      AGE
load-balancer   LoadBalancer   10.245.245.143   [removed]   80:30948/TCP,443:32699/TCP   24h

The healthcheck is to tcp://0.0.0.0:30948.

Here is my yaml configuration:

---
kind: Service
apiVersion: v1
metadata:
  name: load-balancer
  annotations:
    service.beta.kubernetes.io/do-loadbalancer-protocol: "http"
    service.beta.kubernetes.io/do-loadbalancer-algorithm: "round_robin"
    # No need to provide a port annotation if another tls annotation is present
    service.beta.kubernetes.io/do-loadbalancer-certificate-id: "[removed]"
    service.beta.kubernetes.io/do-loadbalancer-redirect-http-to-https: "true"
spec:
  type: LoadBalancer
  externalTrafficPolicy: Local
  selector:
    app: my-ingress
  ports:
    - name: http
      protocol: TCP
      port: 80
      targetPort: 80
    - name: https
      protocol: TCP
      port: 443
      targetPort: 80

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: my-ingress
  annotations:
    nginx.ingress.kubernetes.io/use-regex: "true"
spec:
  rules:
  - http:
      paths:
      - path: /
        backend:
          serviceName: my-api
          servicePort: 80

Thanks.

1 Answer

Hi,

quite some time has gone by since you have posted your question, so I am not sure if this is still relevant to you. In case it is, here is my response:

Based on the way the DigitalOcean Load-Balancer health check is configured right now, it is expected that your (Nginx) pods identified by the my-ingress label selector return a 200 OK response when the / endpoint is being hit via HTTP. Can you verify that this is the case? One way to do this is to send a request to a node running an Nginx pod on the configured NodePort (30948 in the example you showed). Alternatively, you can set up a kubectl port-forward tunnel to the Nginx pod's service port (80) and directly send an HTTP request there.

Hope this helps,

Timo

Have another answer? Share your knowledge.