I have a question Regarding ”Health Check” of an Application. I am referring to document : https://docs.cloudfoundry.org/devguide/deploy-apps/healthchecks.html and I understand that when we deploy an application a default “health check” is created which is of type PORT. CloudFoundry automatically checks this port for health status.
My question is:
ssh into the deployed application , and try to search the available ports using command lsof -i -P -n, I see the following response : COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
java 7 vcap 47u IPv4 474318791 0t0 TCP *:8080 (LISTEN)
diego-ssh 8 vcap 3u IPv4 474330297 0t0 TCP *:2222 (LISTEN)
diego-ssh 8 vcap 7u IPv4 474330524 0t0 TCP 10.XXX.XX.XXX:2222->10.YYY.YY.YYY:58858 (ESTABLISHED)
Can you tell me which one of the above response acts as the health check port ? ( or am I looking at the wrong place ??)
Can you tell me which one of the above response acts as the health check port ? ( or am I looking at the wrong place ??)
I suspect that this is your application.
java 7 vcap 47u IPv4 474318791 0t0 TCP *:8080 (LISTEN)
It is listening on port 8080, which is almost always the port on which Cloud Foundry will tell your app to listen (i.e. $PORT).
This isn't a response though. It's your application listening for connections on that port. The health check (a TCP health check) will periodically run and make a TCP connection to the value assigned through $PORT (i.e. 8080). If that TCP connection is successful then the health check passes. If it cannot connect or times out, then the health check fails and the platform determines your application has crashed. It will then restart the application instance.
I understand that CF connects this port to do a health check for the deployed app. Is it possible to connect to this Health Check Port of a deployed application manually ( similar to what CF does internally) ?
Yes. cf ssh into your application. Then run nc -v localhost 8080. That will make a TCP connection. The -v flag gives you verbose output.
Ex:
> nc -v localhost 8080 # successful
Connection to localhost port 8080 [tcp/http-alt] succeeded!
> nc -v localhost 8081 # failure
nc: connectx to localhost port 8081 (tcp) failed: Connection refused
nc: connectx to localhost port 8081 (tcp) failed: Connection refused
How to do so from a Mac system ( which has the cf cli installed )
By default, you won't have access to do this directly. It's not really a fair comparison either. The health check runs from inside the container, so technically running nc from inside the container after you cf ssh is the most accurate comparison.
If you wanted to make this work, you could probably use the tunneling capability in cf ssh. I didn't test, but I think something like this would work: cf ssh -L 8080:localhost:8080 YOUR-HOST-APP.
You could then nc -v localhost 8080 and nc would connect to the local port on which ssh is listening (i.e. <local-port>:<destination>:<destination-port>). Again, if you want accuracy, then you should cf ssh into the container and run nc from there.