Hi everyone,
I am using Azure Application Gateway to expose a service running in my private AKS cluster, with Traefik Ingress as the ingress controller. The setup works except for the health probe, which keeps failing with 502 errors. The Application Gateway logs suggest that the issue is with the backend—specifically, the Traefik configuration.
Setup Details
- AKS is private (no public IP on nodes).
- Traefik is deployed as an Ingress Controller.
- Application Gateway (AGW) is set to forward traffic to Traefik as the backend.
- AGW Health Probe is failing with 502, leading to no traffic being served.
What I Have Tried
- Verified that the Traefik ingress routes are working internally (accessing the service inside the cluster works).
- Checked that the backend pool (Traefik) is reachable from AGW.
- Used
curlfrom within the cluster to ensure Traefik responds to requests properly. - Looked into AGW logs, which pointed to "backend not responding".
Questions
- How should Traefik be configured to properly respond to the health probe?
- Do I need to expose a separate endpoint in Traefik for the AGW health probe?
- Are there any specific headers or settings required for AGW to accept responses from Traefik?
- Any recommended debugging steps to further diagnose this?
Thanks in advance for any guidance!