Strange healthcheck behaviour

vbessonov · November 15, 2019, 7:43am

Hello! I am trying to set up a healthcheck for cli (traefik healthcheck) but it fails for some reason with 404 error. I have the following global config:

[global]
  checkNewVersion = true

[providers]
  providersThrottleDuration = 10
  [providers.docker]
    endpoint = "unix:///var/run/docker.sock"
    useBindPortIP = false
    exposedByDefault = false
    swarmMode = true
    watch = true

  [providers.file]
    directory = "/etc/traefik/services"
    filename = "dynamic.toml"
    watch = true    

[api]
  dashboard = true
  insecure = false

[ping]
  entryPoint = "ping"

[log]
  format = "common"
  level = "ERROR"

[entryPoints]
  [entryPoints.web]
    address = ":80"
  [entryPoints.websecure]
    address = ":443"
  [entryPoints.traefik]
    address = ":8080"
  [entryPoints.ping]
    address = ":8082"
  [entryPoints.metrics]
    address = ":8083"

[certificatesResolvers.default.acme]
  email = "admin@CHANGE.ME"
  storage = "/etc/traefik/acme/acme.json"
  caServer = "https://acme-v02.api.letsencrypt.org/directory"
  keytype = "EC256"
  [certificatesResolvers.default.acme.tlsChallenge]

[tls.options]
  [tls.options.default]
    minVersion = "VersionTLS12"
  [tls.options.mintls13]
    minVersion = "VersionTLS13"

[metrics]
  [metrics.prometheus]
    buckets = [0.1,0.3,1.2,5.0]
    addEntryPointsLabels = true
    addServicesLabels = true
    entryPoint = "metrics"

I am running latest traefik:montdor (2.0.5) in docker with bind-mounted file config and no arguments.
Now, when I get into container with docker exec and try probe the health with

traefik healthcheck

I get this:

INFO[0000] Configuration loaded from file: /etc/traefik/traefik.toml 
Bad healthcheck status: 404 Not Found

Of course I can manually wget localhost:8082/ping and it returns my 200 code, but why the cli command is failing? Am I doing something wrong?

jbd · November 19, 2019, 11:18am

Hi @vbessonov,

The healthcheck command uses the static configuration to know how to reach the ping endpoint.
The entrypoint configured in the static configuration wasn't applied, a PR https://github.com/containous/traefik/pull/5867 will fix the issue.

Some comments on your configuration:

If you define a directory in the providers.file, all files in this directory will be loaded, you can't specify a filename.
The tls.options is a dynamic configuration and you defined it in the static configuration. You need to move it in your dynamic configuration.

zespri · November 19, 2019, 7:18pm

@jpd what confuses me about traefik healthcheck is that it seems that it only works if you give the same configuration to the traefik you are checking and the traefik you are checking the first traefik with. So if your traefik instance runs with, say command line paramters that were supplied in docker-compose, you will need the same parameter with healthcheck? At this point curl works as well...

ldez · November 19, 2019, 8:46pm

@zespri the command has been created for the v1 where the default Docker image was a FROM SCRATCH image: no curl.

zespri · November 19, 2019, 8:53pm

Thank you. Not directly related and very minor: the docs for healthcheck say healthcheck [command] but there is no commands healthcheck accepts, at least nothing obvious.

ldez · November 19, 2019, 8:59pm

This doc section have been generated based on the CLI help, so it's just a generic help.

vbessonov · November 20, 2019, 7:15am

Oh, thank you! One more thing. I'm not sure I am getting this "dynamic/static" correctly. Am I right if I say that traefik.toml palced in /etc/traefik and loaded on traefik loading (with entrypoints and some basic config) is static and pluggable file (like dynamic.toml in my config above) is dynamic? So I should move all the [tls.options] block to that dynamic.toml file?

jbd · November 20, 2019, 8:29am

Yes, the traefik.toml will be used as default configuration and contains the static configuration. It will be loaded once at startup. And yes, you have to move the tls.options configuration to your dynamic.toml file or to any configuration file that is watched by the File Provider.
You can find more details in the documentation.

PackElend · December 31, 2019, 6:10pm

Hi there,
I still don't get it.
I have a traefik container running started by means of a docker-compose file and do later on

root@Ubuntu18:~# docker exec -it traefik traefik healthcheck --ping
INFO[0000] Configuration loaded from flags.
Bad healthcheck status: 404 Not Found

how can I pass the test?

Topic		Replies	Views
Error calling healthcheck: please enable `ping` to use health check Traefik v2 docker , ping	16	3300	October 5, 2023
Can't get healthcheck to work Traefik v2 docker	0	587	February 2, 2021
Traefik returns me a 404 with HTTPS Traefik v2 docker , file , dashboard-api , cli	3	421	May 16, 2022
How to do `healthcheck` on traefik itself? Traefik v2 docker-swarm	6	12589	December 31, 2019
Need help with securing Traefik dashboard Traefik v2 docker-swarm	8	1670	May 30, 2020

Strange healthcheck behaviour

Related Topics