0

I have an EKS cluster with an application load balancer with a target group setup for each application environment. In my cluster I am building my application from a base docker image that is stored in a private ECR repository. I have confirmed that my pods are able to pull from the private ECR repo due to a secret I have setup to allow the private ECR image to be pulled. I am having a problem with the base docker image being able to get into a healthy state in the target group. I updated to containerPort in my deployment to match the port of the target group. I am not sure if that is how it needs to be configured. Below is how I defined everything for this namespace. I also have my dockerfile for the base image. Any advice how I can get a base docker image into a healthy state for me to build my application would be helpful.

dev.yaml

---
apiVersion: v1
kind: Namespace
metadata:
        name: dev
---
apiVersion: apps/v1
kind: Deployment
metadata:
        namespace: dev
        name: dev-deployment
spec:
        selector:
                matchLabels:
                        app.kubernetes.io/name: dev-app
        replicas: 2
        template:
                metadata:
                        labels:
                                app.kubernetes.io/name: dev-app
                spec:
                        containers:
                          - name: dev-app
                            image: xxxxxxxxxxxx.dkr.ecr.us-east-2.amazonaws.com/private/base-docker-image:latest
                            imagePullPolicy: Always
                            ports:
                                    - containerPort: 30411
                        imagePullSecrets:
                        - name: dev
---
apiVersion: v1
kind: Service
metadata:
        namespace: dev
        name: dev-service
spec:
        ports:
                - port: 80
                  targetPort: 80
                  protocol: TCP
        type: NodePort
        selector:
                app.kubernetes.io/name: dev-app
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
        namespace: dev
        name: dev-ingress
        annotations:
                kubernetes.io/ingress.class: alb
                alb.ingress.kubernetes.io/scheme: internet-facing
                alb.ingress.kubernetes.io/target-type: instance
spec:
        rules:
                - http:
                        paths:
                                - path: /*
                                  backend:
                                          serviceName: dev-service
                                          servicePort: 80
---

dockerfile

FROM private/base-docker-image:latest

COPY . /apps
WORKDIR /apps
RUN npm run build

ENV ML_HOST=$HOST ML_PORT=$PORT ML_USER=$USER ML_PASSWORD=$PASSWORD

CMD ["npm", "run", "dockerstart"]

Registered Targets enter image description here

Health Check Settings enter image description here

Dave Michaels
  • 847
  • 1
  • 19
  • 51

1 Answers1

1

This is a community wiki answer posted for better visibility.

As confirmed in the comments the solution is to set the targetPort to the port opened by the application which is 30411 as mentioned in the deployment's yaml configuration.

Wytrzymały Wiktor
  • 11,492
  • 5
  • 29
  • 37