Application Gateway V2 issue

Anil 0 Reputation points
2023-05-08T09:24:30.3433333+00:00

I am trying to host Telecom Applications on AKS behind Application gateway. Inherently these applications use http2 protocol for communication hence I am trying to setup https communication between application gateway and app to app communication. I am using self signed certificates for both application gateway and Applications. I followed the certs generation page from Azure for Application gateway

openssl pkcs12 -export -in diagserverCA.pem -inkey diagserverCA.key -out appgw.pfx -password pass:****

openssl x509 -outform der -in diagserverCA.pem -out appgw.cer

However, Health probes are failing even If I input correct end points in probes with this error " Received invalid response 404. As per health probe 200-399 is acceptable"

Below is the config of Ingress.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nf-nrf-ingress
  annotations:
    kubernetes.io/ingress.class: azure/application-gateway
    appgw.ingress.kubernetes.io/use-private-ip: "true"
    appgw.ingress.kubernetes.io/backend-protocol: "https"
    appgw.ingress.kubernetes.io/appgw-ssl-certificate: "appgw-cert"
    appgw.ingress.kubernetes.io/appgw-trusted-root-certificate: "appgwroot"
spec:
  tls:
    - secretName: tls-secret
  rules:
  - http:
      paths:
      - path: /nnrf-*
        pathType: Prefix
        backend:
          service:
            name: hpe-nf-nrf-nnrf
            port:
              number: 8443

Azure Kubernetes Service (AKS)
Azure Kubernetes Service (AKS)
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
1,931 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

  2. vipullag-MSFT 25,441 Reputation points
    2023-05-16T05:41:09.7933333+00:00

    Hello Anil

    Welcome to Microsoft Q&A Platform, thanks for posting your query here.
    Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.

    Based on the details shared, looks like the probed endpoint is returning a 404 error, which would prevent the health probe from returning back healthy. Application Gateway expects a 200 response for the default health probe.

    You'll either need to define a custom health probe to assume 404 as the expected response as healthy, or change the path of the health probe to an endpoint that would return a 200 response.

    Please check this if you need to customize the health probe: https://azure.github.io/application-gateway-kubernetes-ingress/features/probes/

    Hope this helps.

    If you need further help on this, tag me in a comment.

    If the suggested response helped you resolve your issue, please 'Accept as answer', so that it can help others in the community looking for help on similar topics.

    0 comments No comments