Guest

Preview Tool

Cisco Bug: CSCvs53896 - (cancel) coredns and nginx-ingress-controller healthchecks fail due to missing port

Last Modified

Jan 22, 2020

Products (1)

  • Cisco Container Platform

Known Affected Releases

5.1.0

Description (partial)

Symptom:
coredns deployment has health and liveness probes to a port that does not exist, and no sidecar container running that would respond
------
...
    spec:
      containers:
      - args:
        - -conf
        - /etc/coredns/Corefile
        image: registry.ci.ciscolabs.com/cpsg_ccp/k8s.gcr.io/coredns:1.3.1
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 5
          httpGet:
            path: /health
            port: 8080
            scheme: HTTP
          initialDelaySeconds: 60
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 5
        name: coredns
...
        ports:
        - containerPort: 53
          name: dns
          protocol: UDP
        - containerPort: 53
          name: dns-tcp
          protocol: TCP
        - containerPort: 9153
          name: metrics
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /health
            port: 8080
            scheme: HTTP
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
-------------

ccp/nginx-ingress-controller daemonset
...
        image: registry.ci.ciscolabs.com/cpsg_base-apps/nginx-ingress-controller/releases/nginx-ingress-controller:0.25.0-ccp1
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: nginx-ingress-controller
        ports:
        - containerPort: 80
          name: http
          protocol: TCP
        - containerPort: 443
          name: https
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: 10254
            scheme: HTTP
          initialDelaySeconds: 10
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources: {}
...
--------

Conditions:
Brand new install of CCP 5.1 cluster using ACI-CNI and ubuntu 1.14.x image
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.