perosb
September 17, 2019, 7:10pm
1
Hi,
in traefik v1, it was enough to just enable
[ping]
entryPoint = "https"
It seems something else is required on v2 to expose the ping endpoint?
I've tried
ping: {}
as well as
ping:
entryPoint: "https"
I have the api@internal running. The healthcheck seem to be working in the container when using entryPoint traefik:
/ # traefik healthcheck
INFO[0000] Configuration loaded from file: /etc/traefik/traefik.yml
OK: http://:38000/ping
Also
curl http://127.0.0.1:38000/ping
OK
But anything on a "real" entryPoint is just 404:
$ curl -k https://127.0.0.1/ping
404 page not found
What am I missing here?
thanks!
ldez
September 17, 2019, 7:49pm
2
Hello,
The ping works as the v1:
ping: {}
-> Expose the ping on the port 8080 (like the v1)
ping:
entryPoint: test
-> Expose the ping on the port related to the entry point test
(like the v1)
https://docs.traefik.io/v2.0/operations/ping/
perosb
September 17, 2019, 8:13pm
3
Thanks, well, not for me at least.
Will try on a default config then
perosb
September 17, 2019, 8:43pm
4
I took the default toml config from git, and only made these to changes (changed ports and set entryPoint for ping):
[entryPoints]
[entryPoints.web]
address = ":3380"
[entryPoints.websecure]
address = ":33443"
[api]
insecure = true
[ping]
entryPoint = "websecure"
But still gives 404:
$ curl -k https://localhost:33443
404 page not found
ldez
September 17, 2019, 8:51pm
5
The /ping
health-check URL is enabled with the command-line --ping
or config file option [ping]
.
With your configuration:
[entryPoints]
[entryPoints.web]
address = ":3380"
[entryPoints.websecure]
address = ":33443"
[api]
insecure = true
[ping]
entryPoint = "websecure"
$ curl http://localhost:33443/ping
OK
The ping does not work in HTTPS even when then endpoint has TLS.
The documentation does not specify this limitation but it's a known issue according to the source code:
return nil, errors.New("please enable `ping` to use health check")
}
pingEntryPoint, ok := staticConfiguration.EntryPoints[staticConfiguration.Ping.EntryPoint]
if !ok {
return nil, errors.New("missing `ping` entrypoint")
}
client := &http.Client{Timeout: 5 * time.Second}
protocol := "http"
// FIXME Handle TLS on ping etc...
// if pingEntryPoint.TLS != nil {
// protocol = "https"
// tr := &http.Transport{
// TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
// }
// client.Transport = tr
// }
path := "/"
ldez
March 22, 2020, 9:51pm
7
@JPerman this code is the code of the healthcheck
command, it's not related to ping or healthcheck behavior.
https://docs.traefik.io/v2.1/operations/cli/#healthcheck
ldez
March 22, 2020, 9:53pm
8
To handle TLS on the ping, you have to use the manualrouting and create a router with TLS.
Hi I have a same problem but i try to update ping config to manualrouting and add router with TLS, but seems still not working
[entryPoints]
[entryPoints.https]
address = ":443"
[entryPoints.https.forwardedHeaders]
trustedIPs = ["10.0.0.0/8"]
[entrypoints.traefik]
address = ":8081"
[tls]
[tls.options]
[tls.options.default]
minVersion = "VersionTLS12"
maxVersion = "VersionTLS13"
[[tls.certificates]]
certFile = "/secret/server.chained.crt"
keyFile = "/secret/server.key"
[ping]
manualRouting = true
[http.routers]
[http.routers.https]
service = "traefik"
[http.routers.ping]
rule = "HostRegexp(`{any:.*}`) && PathPrefix(`/ping`)"
service = "traefik"
[http.routers.ping.tls]
taro
September 25, 2020, 8:28pm
10
ping on TLS will work.
You have to do these 3 steps:
1.in the traefik deployment, enable ping and add entryPoint=traefik
2. add a service that points to port 9000 and targetport: "traefik" and the selector has to be the traefik deployment.
3. create an ingress that has the websecure entrypoint router and tls to true. Add path /ping and backend name to that service and add "traefik" to the servicePort"
system
Closed
September 28, 2020, 8:28pm
11
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.