Just wondering if anyone else run into this, or on the flip side - has had success with active healthchecks for upstreams, where they can go from unhealthy to healthy / and back again? Currently I’m having to manually get things back to healthy if a target has gone unhealthy, active checks aren’t detecting things properly.
1 Like
after investigating ive found that i hit one particular weird scenario. All normal scenarios are working
if the target requires a client cert and the best status you can get back is http 400…
eg if the nginx test service has something like
listen 8443 ssl;
ssl_certificate /etc/nginx/certs/server.crt;
ssl_certificate_key /etc/nginx/certs/server.key;
ssl_client_certificate /etc/nginx/certs/client_ca.crt;
ssl_verify_client on;
ssl_verify_depth 2;
And the way around it is to add 400s to the healthy statuses list eg
healthy:
successes: 1
interval: 2
http_statuses:
- 200
- 302
- 400