Backend Service Timeouts on GCP

dbasner · December 4, 2023, 12:07pm

Hi!

I have found something missing in the doc. I first suspected an error on server/client side but it actually had something to do with my cluster, which is:

On GCP, when deploying mender using helm, the ssh connection always timeouts after ~ 30 seconds. The reason for that is a missing backendConfig in kubernetes. What needs to be done is applying the following yaml to k8s

apiVersion: cloud.google.com/v1beta1
kind: BackendConfig
metadata:
  name: ws-timeout-backend-config
spec:
  timeoutSec: 90

followed by an additional annotation to the mender-api-gateway service, which is

cloud.google.com/backend-config: '{"default": "ws-timeout-backend-config"}'

Hope this helps some of you out there. Of course, you can set the timeout to more than 90 seconds, more information can be found here in the load-balancing doc

robgio · December 4, 2023, 1:05pm

Hi @dbasner ,
thanks for your note and the solution, this is really helpful!

oldev · December 6, 2023, 9:00am

Hi,

I ran into a similar issue on Azure with AKS and Application Gateway as Ingress.

Here’s the fix for the Applicaiton Gateway Backend Setting using an annitation:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:  
  annotations:
    kubernetes.io/ingress.class: azure/application-gateway
    appgw.ingress.kubernetes.io/request-timeout: "90"
...

TheYoctoJester · December 6, 2023, 9:02am

Thanks @dbasner and @oldev for the feedback. Is this something that could go into the helm charts? Or am I mistaken here?

Greetz,
Josef

oldev · December 6, 2023, 9:10am

Looks like it does not make much sense to include these in the helm chart.

AFAIK, the Ingress.yaml is not part of the helm chart. And exposing the cluster is the responsibility of the operator.

see section Exposing the service:
https://docs.mender.io/3.6/server-installation/production-installation-with-kubernetes/mender-server#exposing-the-service

But there could be a hint in the " Exposing the service" documentation, that the mender-connect ping is hardcoded to 60 seconds.
https://docs.mender.io/add-ons/remote-terminal/troubleshoot#remote-terminal-sometimes-not-working

robgio · December 6, 2023, 9:36am

I agree that exposing the cluster is the responsibility of the operator. However, the ingress is actually included in the Helm Chart: https://github.com/mendersoftware/mender-helm/blob/master/mender/values.yaml#L79

By default it’s disabled, but you can enabled it and provide custom annotations as required.

Topic		Replies	Views
Deployment of AKS based mender-server Version 3.6.2 not completely successful General Discussions mender-server	31	465	September 8, 2023
Mender on K8S problems General Discussions mender-server	31	1518	April 10, 2024
Mender-api-gateway liveness fails (seems like?) General Discussions mender-server	8	466	September 17, 2021
Mender server production installation failed with "Couldn't load deployments. Error: Bad Gateway Retrying in 26 seconds" General Discussions	8	317	July 12, 2023
Mender helm chart enhancements for self hosted mender General Discussions	1	283	June 23, 2021

Backend Service Timeouts on GCP

Related Topics