Solved: Re: Regional internal proxy Network Load Balancer ...

abelmatos · 04-05-2024 09:26 AM

Hi all,

I have this setup in place.
https://cloud.google.com/load-balancing/docs/tcp/set-up-int-tcp-proxy-hybrid

I have the following issue.
After creation I need to way for a long time ( + 1h) until I have a success connection.
e.g. after LB recreation

until a success connection I have
(56) Recv failure: Connection reset by peer
(52) Empty reply from server

What I think is coming from the health check unhealthy for the backends.

https://cloud.google.com/load-balancing/docs/tcp/internal-proxy#failover

Because this are proxy only + envoy proxies there is no way to check logs/metric for the health check.

I will like to have a idea where I can find logs/metric.
To identify the root cause of this delay.

For the connection test I have this

abelmatos

moving health check to tcp resolve the issue.

{
"insertId": "....",
"jsonPayload": {
"projectId": "....",
"healthCheckProbeResult": {
"targetPort": ....,
"probeCompletionTime": "2024-04-08T09:23:34.224Z",
"targetIp": "....",
"healthCheckProtocol": "HEALTH_CHECK_PROTOCOL_TCP",
"previousHealthState": "UNHEALTHY",
"healthState": "HEALTHY",
"ipAddress": "....",
"probeSourceIp": "...."
},
"@type": "type.googleapis.com/google.api.servicecontrol.type.ActiveHealthCheckEvent",
"zone": "europe-west6-a",
"networkEndpointGroupId": "...."
},
"resource": {
"type": "gce_network_endpoint_group",
"labels": {
"network_endpoint_group_id": "....",
"zone": "europe-west6-a",
"project_id": "...."
}
},
"timestamp": "2024-04-08T09:23:34.224Z",
"logName": "projects/..../logs/compute.googleapis.com%2Fhealthchecks",
"receiveTimestamp": "2024-04-08T09:23:42.548487274Z"
}

View solution in original post

abelmatos

I can see some single log when the envoy proxy are created with unhealthy state.

filter for logs:
jsonPayload.@type="type.googleapis.com/google.api.servicecontrol.type.ActiveHealthCheckEvent"

Even if I edit the health check for a valid one. this take hours to became health.
And there is no more logs after the initial one.

I have use cases where the integration will not provide health check endpoints. I will need to go for a solution outside GCP services to achieve this ?
I need a Proxy Network Load Balancers. I cannot use a passthrough Network Load Balancers ( I can expose all the internal IP ranges for the multiple subnetwork that are consuming this resources )

There is any work around to disable/ignore health check for this cases ?

Proxy Network Load Balancers -> Terminate client connections when all backends are unhealthy.

abelmatos

moving health check to tcp resolve the issue.

{
"insertId": "....",
"jsonPayload": {
"projectId": "....",
"healthCheckProbeResult": {
"targetPort": ....,
"probeCompletionTime": "2024-04-08T09:23:34.224Z",
"targetIp": "....",
"healthCheckProtocol": "HEALTH_CHECK_PROTOCOL_TCP",
"previousHealthState": "UNHEALTHY",
"healthState": "HEALTHY",
"ipAddress": "....",
"probeSourceIp": "...."
},
"@type": "type.googleapis.com/google.api.servicecontrol.type.ActiveHealthCheckEvent",
"zone": "europe-west6-a",
"networkEndpointGroupId": "...."
},
"resource": {
"type": "gce_network_endpoint_group",
"labels": {
"network_endpoint_group_id": "....",
"zone": "europe-west6-a",
"project_id": "...."
}
},
"timestamp": "2024-04-08T09:23:34.224Z",
"logName": "projects/..../logs/compute.googleapis.com%2Fhealthchecks",
"receiveTimestamp": "2024-04-08T09:23:42.548487274Z"
}

Regional internal proxy Network Load Balancer with hybrid connectivity