GCE ingress health checks

[hmeerlo]

Not sure if this is the correct place, but it seems like this is the project most likely to be able to answer my question.
I have a GKE cluster in which I deployed a wordpress helm chart. It has created a GCE ingress controller which in turn created an Google L7 Load balancer. The LB terminates the HTTPS with a certificate created by cert-manager. So far so good. But the health check MUST receive a 200 OK on / which it doesn't because the Wordpress install tries to enforce HTTPS on the call, so it redirects with a 301. This in turn causes the health check to fail. Is it somehow possible to let the load balancer health check add a "x-forwarded-proto: https" header to prevent the 301?

[rramkumar1]

@hmeerlo GCE health checks have a hard requirement that a 200 must be returned on the configured path (we do not control this). However, we allow for manually tuning the health check path so that you can serve a 200 on a different path. Can you try manually modifying your health check (via gcloud or the cloud console) and changing the path to something other than "/"?

[joncotton]

Same situation here—from Kube specs, the generated infrastructure yields a Backend with a Health Check that doesn't work.

(More specifically, I have a Pod with 2 ports. There's a readinessProbe for the first port. 2 Services and then 2 Ingresses. The first Ingress works fine because its Health Check generates off the readinessProbe. It's the second Service/Ingress/Backend with the problem because, while it has its own HC, that HC doesn't have the necessary customization of the readinessProbe.)

Thank you @rramkumar1 ! I manually modified the HC to change the path, the timings and to add a custom Host header. All those changes stuck, i.e. didn't get automatically reverted. (I was trying to assign a different HC to the Backend and it reverted to the Kube-generated HC within 5 minutes or so.) I do wish to specify this in code, but it's a workable manual task for now.