Healthchecks and private networks

pims · December 24, 2020, 1:48am

Hi ,

Is it possible to configure an http healtcheck on a port bound to the private network ip?

Use case: webserver with two ports: one for incoming requests, and an admin port for metrics.
If I bind the admin port to fly-local-6pn, I can access the admin interface via a WireGuard connection.
But it seems that by doing so, the http health check I have configured is no longer reachable.

Second question: how many failed healtchecks before an app is considered unhealthy and restarted/rescheduled?

Happy Holidays

kurt · December 24, 2020, 2:04am

Oh great question. This is something we’ve been thinking about, but we don’t have a great answer. We do have a workaround, though, and it’s a script check. What I’d probably do is put a script check on your public port like this:

  [[services.script_checks]]
    interval = 10000
    timeout = 1000
    command = "/fly/check-nodes.sh"
    restart_limit = 0

That command could just be a curl, or a more sophisticated script.

Instances restart if there are 5 failures within 25 seconds. You can control the count with restart_limit. If you set it to 3, for example, it’ll restart after 3 failures within 15 seconds.

Kikobeats · April 22, 2021, 9:59pm

Hey kurt, thanks for this reply. I noted services.script_checks isn’t documented at
https://fly.io/docs/reference/configuration

Could be cool to add it!

Topic		Replies	Views
How to healthcheck in a different port than main application	3	378	April 25, 2021
Ensuring My Server Live Checks Don't Break With My Weird Set Up	2	499	November 29, 2020
Is there a way to disable health checks?	10	2186	February 11, 2023
Healthcheck-based Routing Fresh Produce	18	1241	July 2, 2023
Health check not passing even though local request to the url returns an 200 OK http response	11	534	March 28, 2023

Healthchecks and private networks

Related Topics