Need support for https health check endpoint

[nazmulnaim]

Currently we have support for endpoint type http but most of the time application export https API which can not be used as health check endpoint with is plugin. At least I have not been able to feature out. We have type ssl_hello but this serves different purpose.

[vsfomin]

any updates? @nazmulnaim have you resolved your issue with https configuration? I need some suggestions related to this.

[krushik]

Our workaround is to serve the actual traffic via https, but make healthchecks on http endpoint (using port=80 type=http parameters of check directive). Your application would need to provide both endpoints for this to work, though

[vsfomin]

Our workaround is to serve the actual traffic via https, but make healthchecks on http endpoint (using port=80 type=http parameters of check directive). Your application would need to provide both endpoints for this to work, though

but how you configure it in case of your backend servers serve HTTPS, but /healthcheck uri server HTTP? if one of healthCheck return 503, for instance, does it affect my_https_pool? I mean this:

location /my_https_service { proxy_pass https://my_https_pool; }

location /healthCheck { proxy_pass http://my_http_pool; }

upstream my_https_pool { server 1.2.3.4:443; server 3.4.5.6:443; }

upstream my_http_pool { server 1.2.3.4:80;
server 3.4.5.6:80; check interval=3000 rise=2 fall=5 timeout=1000 type=http; check_http_send "GET /healthCheck HTTP/1.0\r\n\r\n"; check_http_expect_alive http_2xx http_3xx; }

[krushik]

@vsfomin, there is no need to define location /healthCheck and the separate upstream pool for http. 'check' directive supports the parameter 'port=', overriding the original servers' port for making healthchecks. so it should look like this:

upstream my_https_pool {
  server 1.2.3.4:443;
  server 3.4.5.6:443;
  check interval=3000 rise=2 fall=5 timeout=1000 port=80 type=http;
  check_http_send "GET /healthCheck HTTP/1.0\r\n\r\n";
  check_http_expect_alive http_2xx http_3xx;
}