0

I'm trying to launch Rancher with the AWS LB controller and i'm getting health checks failed for the ingress. Can someone please look at my set up and let me know if something that's obvious?

EKS cluster version: 1.28 EndPointAcces: Public and Private Nodegroup: Private Subnet Security Group ALB-Ingress allows Inbound & Outbound traffic from 0.0.0.0/0 on port 80 and 443. Outbound rule allows traffic to the security group created for the EKS nodegroup. I updated the rancher service to a NodePort. Error message for healthcheck failed "request timed out"

Type:                     NodePort                                                                                                                                                                                                         │
│ IP Family Policy:         SingleStack                                                                                                                                                                                                      │
│ IP Families:              IPv4                                                                                                                                                                                                             │
│ IP:                       <>                                                                                                                                                                                                   │
│ IPs:                      <>                                                                                                                                                                                                   │
│ Port:                     http  80/TCP                                                                                                                                                                                                     │
│ TargetPort:               80/TCP                                                                                                                                                                                                           │
│ NodePort:                 http  30182/TCP                                                                                                                                                                                                  │
│ Endpoints:               <>:80,<>:80,<>:80                                                                                                                                                                  │
│ Port:                     https-internal  443/TCP                                                                                                                                                                                          │
│ TargetPort:               444/TCP                                                                                                                                                                                                          │
│ NodePort:                 https-internal  32303/TCP                                                                                                                                                                                        │
│ Endpoints:                <>:444,<>:444,<>:444                                                                                                                                                               │
│ Session Affinity:         None                                                                                                                                                                                                             │
│ External Traffic Policy:  Cluster

Helm Install:

helm install rancher rancher-stable/rancher \
   --version 2.8.3 \ 
   --namespace cattle-system \ 
   --set hostname=<hostname> \ 
   --set bootstrapPassword=<passwd> \ 
   --set tls=external \ 
   --set ingress.enabled=false

Ingress.yaml

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: aws-rancher
  namespace: cattle-system
  annotations:
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/certificate-arn : "<cert>"
    alb.ingress.kubernetes.io/security-groups : "<ALB-Ingress>"
    alb.ingress.kubernetes.io/listen-ports : "[{ \"HTTPS\" : 443 }, { \"HTTPS\" : 80 }]"
    alb.ingress.kubernetes.io/success-codes : "200,401,301,302"
    alb.ingress.kubernetes.io/healthcheck-interval-seconds : "60"
    alb.ingress.kubernetes.io/subnets : "subnet-public1,subnet-public2"
    alb.ingress.kubernetes.io/healthcheck-path: "/healthz"

spec:
  ingressClassName: alb
  rules:
    - host: <hostname>
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: rancher
                port:
                  number: 80

0

You must log in to answer this question.

Browse other questions tagged .