investigate ingress health check not coming up green on fscloud

Question

vburckhardt opened this issue 6 months ago · 2 comments

Whilst we know that the underlaying private LB is working, the fact that the health check is red has been a regular source of questions. I suspect there is a need to slightly open up some more network flow in the fscloud example at to get the ingress health check green. https://github.com/terraform-ibm-modules/terraform-ibm-base-ocp-vpc/tree/main/examples/fscloud

Answer 1 · 2024-06-28T14:27:52.000Z

to confirm that the issue is now solved

Answer 2 · 2024-07-25T13:28:01.000Z

issues is confirmed as solved, examples are correctly updated with configurations allowing to get the ingress healthcheck green.

Summary of the requirements for the ingress healthcheck:

for private only endpoint and cluster with private LB, the default ACLs and SGs provided by current configuration of base-ocp and vpc modules allow to have the ingress healthcheck green (requests on private LB endpoint on port 443 are correctly working.
for public endpoint cluster, using public LB for ingress healthcheck, all the cluster zones with edge subnet and hosting edge workers pool must be provided with public gateway and with ACLs allowing to perform requests on port 443 and to get the traffic back