This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

GKE service directory and private uptime checks

Posted on 02-28-2023 05:55 AM
charithe
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

Is it possible to create private uptime checks for GKE services exposed using service directory integration? I am struggling to debug an uptime check created for a private GKE service.  The error code in the logs is VPC_REQUEST_TIMEOUT. I have the firewall rules created to allow ingress from the uptime check IP range so I don't think it's firewall related. Since GKE service directory integration is in preview, could this be a limitation arising from that? 

0 5 838
Topic Labels
0 Likes
5 REPLIES 5

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

Hi @charithe,

@charithe wrote:

Is it possible to create private uptime checks for GKE services exposed using service directory integration

To answer your question, yes. This should support service directory integration for GKE since uptime check has option for Kubernetes Load Balancer. 

@charithe wrote:

I have the firewall rules created to allow ingress from the uptime check IP range so I don't think it's firewall related.

I just want to check on this part, how was ingress created? Based from the documentation for Service Directory for GKE, the ingress and other resources should be manually registered using the the API. 

@charithe wrote:

Since GKE service directory integration is in preview, could this be a limitation arising from that? 

Yes, it can be. But for now, having it's limitations, you may want to check and register the ingress using the Service Directory API.

0 Likes

Posted on --/--/---- --:-- AM
charithe
Bronze 1
Bronze 1
In response to Marvin_Lucero
Reply posted on --/--/---- --:-- AM

Hi @Marvin_Lucero, thanks for replying. I am not trying to create an uptime check for a Kubernetes load balancer. IIUC, it's possible to create "Internal IP" uptime checks for services registered in the  service directory. I have registered my k8s services (ClusterIP kind) with service directory and trying to create uptime checks for them.

To give you some context, these services are already connected to a GCLB through an ingress. However, I don't want to expose the health checks of those services publicly through the GCLB/Ingress so that's why I want to create the private uptime checks using the service directory method.

Posted on --/--/---- --:-- AM
Ischca
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

@charithe @Marvin_Lucero 

Is there any progress on this issue?
I am trying the same configuration.
However, I am not getting any requests to the host from the uptime check.

0 Likes

Posted on --/--/---- --:-- AM
charithe
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I haven't found a satisfactory solution yet. My understanding is that it requires an internal load balancer or a NodePort service (you have to remember to update the IP addresses manually if you use a NodePort).

Posted on --/--/---- --:-- AM
Ischca
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Thank you for your quick response, charithe. Your advice was of great value to me. I have made progress but it would be great if Google could provide a more streamlined solution.

0 Likes
Top Labels in this Space
Top Solution Authors
View all