Is it possible to configure an http healtcheck on a port bound to the private network ip?
Use case: webserver with two ports: one for incoming requests, and an admin port for metrics.
If I bind the admin port to fly-local-6pn, I can access the admin interface via a WireGuard connection.
But it seems that by doing so, the http health check I have configured is no longer reachable.
Second question: how many failed healtchecks before an app is considered unhealthy and restarted/rescheduled?
Oh great question. This is something we’ve been thinking about, but we don’t have a great answer. We do have a workaround, though, and it’s a script check. What I’d probably do is put a script check on your public port like this:
That command could just be a curl, or a more sophisticated script.
Instances restart if there are 5 failures within 25 seconds. You can control the count with restart_limit. If you set it to 3, for example, it’ll restart after 3 failures within 15 seconds.