Expose ping to external load balancer

Hi,

in traefik v1, it was enough to just enable

[ping]
  entryPoint = "https"

It seems something else is required on v2 to expose the ping endpoint?
I've tried

ping: {}

as well as

ping:
  entryPoint: "https"

I have the api@internal running. The healthcheck seem to be working in the container when using entryPoint traefik:

/ # traefik healthcheck
INFO[0000] Configuration loaded from file: /etc/traefik/traefik.yml 
OK: http://:38000/ping

Also

curl http://127.0.0.1:38000/ping
OK

But anything on a "real" entryPoint is just 404:

$ curl -k https://127.0.0.1/ping
404 page not found

What am I missing here?

thanks!

Hello,

The ping works as the v1:

ping: {}

-> Expose the ping on the port 8080 (like the v1)

ping:
  entryPoint: test

-> Expose the ping on the port related to the entry point test (like the v1)

https://docs.traefik.io/v2.0/operations/ping/

Thanks, well, not for me at least.
Will try on a default config then

I took the default toml config from git, and only made these to changes (changed ports and set entryPoint for ping):

[entryPoints]
  [entryPoints.web]
    address = ":3380"
  [entryPoints.websecure]
    address = ":33443"

[api]
  insecure = true
[ping]
  entryPoint = "websecure"

But still gives 404:

$ curl -k https://localhost:33443
404 page not found

The /ping health-check URL is enabled with the command-line --ping or config file option [ping] .

https://docs.traefik.io/v2.0/operations/ping/

With your configuration:

[entryPoints]
  [entryPoints.web]
    address = ":3380"
  [entryPoints.websecure]
    address = ":33443"

[api]
  insecure = true
[ping]
  entryPoint = "websecure"
$ curl http://localhost:33443/ping
OK 

The ping does not work in HTTPS even when then endpoint has TLS.

The documentation does not specify this limitation but it's a known issue according to the source code:

@JPerman this code is the code of the healthcheck command, it's not related to ping or healthcheck behavior.

https://docs.traefik.io/v2.1/operations/cli/#healthcheck

To handle TLS on the ping, you have to use the manualrouting and create a router with TLS.

Hi I have a same problem but i try to update ping config to manualrouting and add router with TLS, but seems still not working

[entryPoints]
  [entryPoints.https]
    address = ":443"
      [entryPoints.https.forwardedHeaders]
      trustedIPs = ["10.0.0.0/8"]

  [entrypoints.traefik]
    address = ":8081"

[tls]
  [tls.options]
    [tls.options.default]
      minVersion = "VersionTLS12"
      maxVersion = "VersionTLS13"
  [[tls.certificates]]
    certFile = "/secret/server.chained.crt"
    keyFile = "/secret/server.key"

[ping]
  manualRouting = true

[http.routers]
  [http.routers.https]
    service = "traefik"

  [http.routers.ping]
    rule = "HostRegexp(`{any:.*}`) && PathPrefix(`/ping`)"
    service = "traefik"
    [http.routers.ping.tls]

ping on TLS will work.
You have to do these 3 steps:
1.in the traefik deployment, enable ping and add entryPoint=traefik
2. add a service that points to port 9000 and targetport: "traefik" and the selector has to be the traefik deployment.
3. create an ingress that has the websecure entrypoint router and tls to true. Add path /ping and backend name to that service and add "traefik" to the servicePort"

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.