0

I am trying to run ejabberd on google kubernetes engine. As I am using daemonset as kubernetes resource to deploy manage kubernetes pods of ejabberd, I need to setup custom healthcheck(which must receive status code 200 to be successful) for ejabberd container. (:5280/admin doesn't work as there is basic auth there, :5222 and :5269 send response that libcurl cannot parse, thus both doesn't work). Tried to configure api and set custom healthcheck an api irl, but actually it's not secure and more configuration to be done. does anyone passed through this problem and what solution can be done for this?

Ahnenerbe
  • 303
  • 1
  • 3
  • 16
  • Have you looked at https://github.com/ecliptic/helm-charts/blob/master/ejabberd/templates/deployment.yaml ? – Ryan Dawson Aug 25 '18 at 09:53
  • Actually the link you've provided is deployment creation one instead of which I am using daemon set. exposing the daemon set or deployment is done via services. Here is the service template from the same repo https://github.com/ecliptic/helm-charts/blob/master/ejabberd/templates/service.yaml which is actually loadbalancer type. I got this working with loadbalancer service, but it's not actual thing I wat to do. I want to have NodePort type service and then expose it via Ingress. in this case I am running into the issue I've described above. – Ahnenerbe Aug 25 '18 at 17:53
  • have you managed to run ejabberd on google kubernetes engine? – Ahnenerbe Aug 25 '18 at 17:54
  • You can configure your Kubernetes check to pass extra HTTP headers. This will allow you to pass Authorization header for basic auth, so it is possible to use admin API for your check. But even though it's possible, it seems strange to use admin credentials for just to check health status. – Hitobat Aug 25 '18 at 18:03
  • Presumably you can do the same readiness and liveness probes for LoadBalancer or via Ingress as they can just do internal check. By health check do you mean on the ingress like https://github.com/kubernetes/contrib/blob/master/ingress/controllers/gce/examples/health_checks/README.md ? If so I wonder if it would be any easier to use a post-install helm hook. – Ryan Dawson Aug 25 '18 at 18:45
  • @Hitobat agree, using admin creds to pass healthcheck isn't the best way to do this. – Ahnenerbe Aug 26 '18 at 11:41
  • @RyanDawson yes, I mean healthcheck when using Ingress to expose the service to outside the cluster using external IP. Actually found the solution for this particular case with ejabberd image. There is a way to add a new module to ejabberd to server specific url for healthchecks. Currently implementing it. I'll update here once it's ready. – Ahnenerbe Aug 26 '18 at 11:46

0 Answers0