Health Check

This policy enables Kuma to keep track of the health of every data plane proxy, with the goal of minimizing the number of failed requests in case a data plane proxy is temporarily unhealthy.

By creating an HealthCheck resource we can instruct a data plane proxy to keep track of the health status for any other data plane proxy. When health-checks are properly configured, a data plane proxy will never send a request to another data plane proxy that is considered unhealthy. When an unhealthy data plane returns to a healthy state, Kuma will resume sending requests to it again. The data plane proxy will explicitly send requests to other data plane proxies (as described in the policy configuration) to determine if a target data plane is healthy or not. This will generate extra traffic to other data plane proxies and services.

Usage

As usual, we can apply sources and destinations selectors to determine how health-checks will be performed across our data plane proxies.

At the moment, the HealthCheck policy supports L4 checks that validate the health status of the underlying TCP connections.

Below an example:

  1. apiVersion: kuma.io/v1alpha1
  2. kind: HealthCheck
  3. mesh: default
  4. metadata:
  5.   namespace: default
  6.   name: web-to-backend-check
  7. mesh: default
  8. spec:
  9.   sources:
  10.   - match:
  11.       service: web
  12.   destinations:
  13.   - match:
  14.       service: backend
  15.   conf:
  16.     interval: 10s
  17.     timeout: 2s
  18.     unhealthyThreshold: 3
  19.     healthyThreshold: 1

We will apply the configuration with kubectl apply -f [..].

  1. type: HealthCheck
  2. name: web-to-backend-check
  3. mesh: default
  4. sources:
  5. - match:
  6.     service: web
  7. destinations:
  8. - match:
  9.     service: backend
  10. conf:
  11.   interval: 10s
  12.   timeout: 2s
  13.   unhealthyThreshold: 3
  14.   healthyThreshold: 1

We will apply the configuration with kumactl apply -f [..] or via the HTTP API.