I'm trying to deploy a grafana instance inside Kubernetes (server 1.6.4) in GCE. I'm using the following manifests:
Deployment (full version):
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: grafana
spec:
replicas: 1
template:
metadata:
labels:
name: grafana
spec:
initContainers:
…
containers:
- name: grafana
image: grafana/grafana
readinessProbe:
httpGet:
path: /login
port: 3000
…
Service:
apiVersion: v1
kind: Service
metadata:
name: grafana
spec:
selector:
name: grafana
ports:
- protocol: TCP
port: 3000
type: NodePort
Ingress:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: grafana
spec:
tls:
- secretName: grafana.example.com
backend:
serviceName: grafana
servicePort: 3000
It turns out that grafana serves a 302 on /
but the default GCE ingress healthcheck expects a 200 on /
(source). As you can see, there is a custom readinessProbe in the Deployment (line 22).
Once I post these resources to the kube-apiserver, everything is created without error. Concretely, the Ingress gets a public ip4 address but the healtcheck is set up with the default /
path instead of the custom one configured in the readinessProbe
. Because of this, I get a 502 if I curl
the public ip4 address of the Ingress.
The problem is fixable by manually changing the probe path to /login
in the GCE console.
Quoting from here:
The GLBC requires that you define the port (in your case 3000) within the Pod specification.
The solution is to declare the port used for the healthcheck in ports
besides adding a custom readinessProbe
:
containers:
- name: grafana
readinessProbe:
httpGet:
path: /login
port: 3000
ports:
- name: grafana
containerPort: 3000
…