Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: add correct health check endpoint for acs-mirror in check-network script #5532

Open
wants to merge 3 commits into
base: ccoa/2024-2025
Choose a base branch
from
Open

fix: add correct health check endpoint for acs-mirror in check-network script #5532

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
eb4b848
fix: add correct health check endpoint for acs-mirror in check-networ…
Jan 9, 2025
11d6c9a
fix: use --head when allowed
Jan 9, 2025
65ef360
Merge branch 'dev' into mikolaj/update-aks-check-network
UtheMan Jan 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 13 additions & 8 deletions parts/linux/cloud-init/artifacts/aks-check-network.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ declare -A URL_LIST=(
["eastus.data.mcr.microsoft.com"]="FQDN *.data.mcr.microsoft.com is required for MCR storage backed by the Azure content delivery network (CDN)."\
["login.microsoftonline.com"]="This is equired for Microsoft Entra authentication."\
["packages.microsoft.com"]="This is required to download packages (like Moby, PowerShell, and Azure CLI) using cached apt-get operations."\
["acs-mirror.azureedge.net"]="This is required to download and install required binaries like kubenet and Azure CNI."\
["acs-mirror.azureedge.net/acs-mirror/healthz"]="This checks connection to CDN which is required to download and install required binaries like kubenet and Azure CNI."\
UtheMan marked this conversation as resolved.
Show resolved Hide resolved
)

function logs_to_events {
Expand Down Expand Up @@ -81,26 +81,31 @@ function check_and_curl {
local url=$1
local error_msg=$2

# check DNS
nslookup $url > /dev/null
# check DNS - cut here to extract domain since acs-mirror health check endpoint is a full URL
dnsLookupURL=$(echo $url | cut -d'/' -f1)
nslookup $dnsLookupURL > /dev/null
if [ $? -eq 0 ]; then
logs_to_events "AKS.testingTraffic.success" "echo '$(date) - SUCCESS: Successfully tested DNS resolution to $url'"
logs_to_events "AKS.testingTraffic.success" "echo '$(date) - SUCCESS: Successfully tested DNS resolution to $dnsLookupURL'"
else
logs_to_events "AKS.testingTraffic.failure" "echo '$(date) - ERROR: Failed to test DNS resolution to $url. $error_msg'"
dns_trace $url
logs_to_events "AKS.testingTraffic.failure" "echo '$(date) - ERROR: Failed to test DNS resolution to $dnsLookupURL. $error_msg'"
dns_trace $dnsLookupURL
return 1
fi

local i=0
while true;
do
# curl the url and capture the response code
response=$(curl -s -m $MAX_TIME -o /dev/null -w "%{http_code}" "https://${url}" -L)
if [ "$url" == "mcr.microsoft.com" ]; then
response=$(curl -s -m $MAX_TIME -o /dev/null -w "%{http_code}" "https://${url}" -L)
else
response=$(curl -s -m $MAX_TIME -o /dev/null -w "%{http_code}" "https://${url}" -L --head)
fi

if [ $response -ge 200 ] && [ $response -lt 400 ]; then
logs_to_events "AKS.testingTraffic.success" "echo '$(date) - SUCCESS: Successfully tested $url with returned status code $response'"
break
elif [ $response -eq 400 ] && ([ $url == "acs-mirror.azureedge.net" ] || [ $url == "eastus.data.mcr.microsoft.com" ]); then
elif [ $response -eq 400 ] && ([ $url == "eastus.data.mcr.microsoft.com" ]); then
UtheMan marked this conversation as resolved.
Show resolved Hide resolved
UtheMan marked this conversation as resolved.
Show resolved Hide resolved
logs_to_events "AKS.testingTraffic.success" "echo '$(date) - SUCCESS: Successfully tested $url with returned status code $response. This is expected since $url is a repository endpoint which requires a full package path to get 200 status code.'"
break
else
Expand Down
Loading