Liveness probe failed: connect: connection refused

Enter image description here I created cluster with eksctl. Eksctl created vpc and security groups. So my target group return unhealthy status from worker nodes here are my manifest files: Deployment

apiVersion: apps/v1
kind: Deployment
metadata:
  name: techcare-apigw
  labels:
    app.kubernetes.io/name: techcare-apigw
  annotations:
    linkerd.io/inject: enabled
  namespace: techcare
spec:
  replicas: 1
  selector:
    matchLabels:
      app: techcare-apigw
  template:
    metadata:
      labels:
        app: techcare-apigw
    spec:
      containers:
        - image: 435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway:1.0.66
          imagePullPolicy: Always
          name: techcare-apigw
          ports:
            - containerPort: 3000
          env:
            - name: PORT
              value: "3000"
          resources:
            requests:
              memory: "500Mi"  # Set the requested memory
              cpu: "0.4"      # Set the requested CPU
            limits:
              memory: "500Mi"  # Set the requested memory
              cpu: "0.4"       # Set the CPU limit
          livenessProbe:
            httpGet:
              path: /health
              port: 3000
            initialDelaySeconds: 180
            periodSeconds: 180
            timeoutSeconds: 180
            failureThreshold: 180
          readinessProbe:
            httpGet:
              path: /healthz
              port: 3000
            timeoutSeconds: 180
            initialDelaySeconds: 180
            periodSeconds: 180

Service:

apiVersion: v1
kind: Service
metadata:
  name: techcare-apigw-s
  namespace: techcare # Specify the correct namespace here
  labels:
    app.kubernetes.io/name: techcare-apigw-s
    app: techcare-apigw-s
spec:
  selector:
    app: techcare-apigw
  ports:
    - protocol: TCP
      port: 80
      targetPort: 3000
  type: NodePort

ALB ingress:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: techcare-apigw
  annotations:
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: instance
spec:
  ingressClassName: alb # Corrected Ingress class name
  defaultBackend: # Define default backend here
    service:
      name: techcare-apigw-s  # Replace with the name of your default backend service
      port:
        number: 80  # Replace with the port number of your default backend service
  rules:
    - http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: techcare-apigw-s
                port:
                  number: 80

Desccribe pod:

ubectl describe pod techcare-apigw-7f5487b86c-flf8p -n techcare                                                                                                               ✔  18.10.0 Node  18.10.0 Node  nbozic@techcare.eu-central-1.eksctl.io ○  12:21:22  
Name:         techcare-apigw-7f5487b86c-flf8p
Namespace:    techcare
Priority:     0
Node:         ip-192-168-93-25.eu-central-1.compute.internal/192.168.93.25
Start Time:   Sun, 10 Dec 2023 12:15:07 +0100
Labels:       app=techcare-apigw
              pod-template-hash=7f5487b86c
Annotations:  <none>
Status:       Running
IP:           192.168.72.84
IPs:
  IP:           192.168.72.84
Controlled By:  ReplicaSet/techcare-apigw-7f5487b86c
Containers:
  techcare-apigw:
    Container ID:   containerd://2f2b2cf4870d783d9572307f8f3729f4e3fdd40722771d91b1e92b65eb3fcc76
    Image:          435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway:1.0.66
    Image ID:       435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway@sha256:1cdeab8e0a1db87ad79652b5887d0b961498dcf43a7f06a3ff4e05aec792306a
    Port:           3000/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Sun, 10 Dec 2023 12:15:08 +0100
    Ready:          False
    Restart Count:  0
    Limits:
      cpu:     400m
      memory:  500Mi
    Requests:
      cpu:      400m
      memory:   500Mi
    Liveness:   http-get http://:3000/health delay=180s timeout=180s period=180s #success=1 #failure=180
    Readiness:  http-get http://:3000/healthz delay=180s timeout=180s period=180s #success=1 #failure=3
    Environment:
      PORT:  3000
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-n28wz (ro)
Conditions:
  Type              Status
  Initialized       True 
  Ready             False 
  ContainersReady   False 
  PodScheduled      True 
Volumes:
  kube-api-access-n28wz:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   Guaranteed
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason     Age                   From               Message
  ----     ------     ----                  ----               -------
  Normal   Scheduled  12m                   default-scheduler  Successfully assigned techcare/techcare-apigw-7f5487b86c-flf8p to ip-192-168-93-25.eu-central-1.compute.internal
  Normal   Pulling    12m                   kubelet            Pulling image "435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway:1.0.66"
  Normal   Pulled     12m                   kubelet            Successfully pulled image "435109652403.dkr.ecr.eu-central-1.amazonaws.com/api-gateway:1.0.66" in 131.403771ms (131.413766ms including waiting)
  Normal   Created    12m                   kubelet            Created container techcare-apigw
  Normal   Started    12m                   kubelet            Started container techcare-apigw
  Warning  Unhealthy  16s (x10 over 8m13s)  kubelet            Readiness probe failed: Get "http://192.168.72.84:3000/healthz": dial tcp 192.168.72.84:3000: connect: connection refused
  Warning  Unhealthy  16s (x3 over 6m16s)   kubelet            Liveness probe failed: Get "http://192.168.72.84:3000/health": dial tcp 192.168.72.84:3000: connect: connection refused

Describe Service

 kubectl describe service techcare-apigw-s -n techcare                                                                                                                    ✔  16s  18.10.0 Node  18.10.0 Node  nbozic@techcare.eu-central-1.eksctl.io ○  12:45:06  

Name:                     techcare-apigw-s
Namespace:                techcare
Labels:                   app=techcare-apigw-s
                          app.kubernetes.io/name=techcare-apigw-s
Annotations:              <none>
Selector:                 app=techcare-apigw
Type:                     NodePort
IP Family Policy:         SingleStack
IP Families:              IPv4
IP:                       10.100.86.89
IPs:                      10.100.86.89
Port:                     <unset>  80/TCP
TargetPort:               3000/TCP
NodePort:                 <unset>  32437/TCP
Endpoints:                
Session Affinity:         None
External Traffic Policy:  Cluster
Events:                   <none>

desctribe ingress:

ubectl describe ing techcare-apigw -n techcare                                                                                                                                ✔  18.10.0 Node  18.10.0 Node  nbozic@techcare.eu-central-1.eksctl.io ○  12:56:08  

Name:             techcare-apigw
Labels:           <none>
Namespace:        techcare
Address:          k8s-techcare-techcare-398c60dce3-83765040.eu-central-1.elb.amazonaws.com
Default backend:  techcare-apigw-s:80 ()
Rules:
  Host        Path  Backends
  ----        ----  --------
  *           
              /   techcare-apigw-s:80 ()
Annotations:  alb.ingress.kubernetes.io/scheme: internet-facing
              alb.ingress.kubernetes.io/target-type: instance
Events:
  Type    Reason                  Age                From     Message
  ----    ------                  ----               ----     -------
  Normal  SuccessfullyReconciled  46m (x2 over 46m)  ingress  Successfully reconciled

When i do port forward kubectl port-forward techcare-apigw-7f5487b86c-flf8p -n techcare 2000:3000 i get 200 response And when i pull the image and start the container also get 200 response

Manoj Kengudelu
5 months ago
could you please fix the indentation of namespace? It should be under annotations. The indentation is used to represent hierarchy, and incorrect indentation can lead to misinterpretation by Kubernetes.

apiVersion: apps/v1 kind: Deployment metadata: name: techcare-apigw labels: app.kubernetes.io/name: techcare-apigw annotations: linkerd.io/inject: enabled namespace: techcare

Topics

Management & Governance Networking & Content Delivery Containers

Relevant content

Static IP For Network Load Balancer in front of EKS Cluster created with eksctl
Mike
asked 7 months ago
[EKS] Use Multus with existing cluster created by eksctl
AWS-User-8277318
asked 2 years ago
Error on AWS when Launching command : eksctl create cluster -f ./eks.yaml
AWS-User-2995601
asked 10 months ago
How eksctl assume a CloudFormation execution role?
hai
asked a year ago
How do I clean up EKS Anywhere resources without eksctl when cluster creation fails?
AWS OFFICIALUpdated 7 days ago
How do I create multiple node groups for Amazon EKS nodes with eksctl?
AWS OFFICIALUpdated 2 months ago
How do I troubleshoot liveness and readiness probe issues with my Amazon EKS clusters?
AWS OFFICIALUpdated a year ago
How do I troubleshoot eksctl issues with Amazon EKS clusters and node groups?
AWS OFFICIALUpdated a year ago
Connect to your Amazon Aurora MySQL DB cluster
EXPERT
Gayathri Krishnamoorthy
published 9 months ago
Enabling Secure Connectivity between Overlapping On-Premise Networks and AWS VPC through Pilot VPC and Advanced Twice NAT Technology
EXPERT
Vinay Gugueoth
published 9 months ago