HealthMonitor cannot connect to backend server

I use HealthMonitor in LoadBalacer to switch to <isFallBack>true</isFallBack> server when primary server is down. However, APIGEE cannot check if back-end server is down so it constantly redirect to <isFallBack>true</isFallBack> server even though one of back-end server is up. Target servers are one-way SSL enabled by using API

Anyone can help? thanks.

Route Rule:
<RouteRule name="region1">
        <Condition>conditionA</Condition>
        <TargetEndpoint>region1_TargetEndpoint</TargetEndpoint>
    </RouteRule>
    <RouteRule name="region2">
        <Condition>conditionB</Condition>
        <TargetEndpoint>region2_TargetEndpoint</TargetEndpoint>
    </RouteRule>

region1_TargetEndpoint:

<HTTPTargetConnection>
        <LoadBalancer>
            <Server name="region1_TargetServer"/>
            <Server name="region2_TargetServer">
                <IsFallback>true</IsFallback>
            </Server>
            <MaxFailures>1</MaxFailures>
        </LoadBalancer>
        <Path>xxx-service</Path>
        <HealthMonitor>
            <IsEnabled>true</IsEnabled>
            <IntervalInSec>5</IntervalInSec>
            <HTTPMonitor>
                <Request>
                    <ConnectTimeoutInSec>100</ConnectTimeoutInSec>
                    <SocketReadTimeoutInSec>60</SocketReadTimeoutInSec>
                    <Port>8043</Port>
                    <Verb>GET</Verb>
                    <Path>/check-service/health</Path>
                </Request>
                <SuccessResponse>
                    <ResponseCode>200</ResponseCode>
                </SuccessResponse>
            </HTTPMonitor>
        </HealthMonitor>
    </HTTPTargetConnection>

region2_TargetEndpoint:

<HTTPTargetConnection>
        <LoadBalancer>
            <Server name="region2_TargetServer"/>
            <Server name="region1_TargetServer">
                <IsFallback>true</IsFallback>
            </Server>
            <MaxFailures>1</MaxFailures>
        </LoadBalancer>
        <Path>xxx-service</Path>
        <HealthMonitor>
            <IsEnabled>true</IsEnabled>
            <IntervalInSec>5</IntervalInSec>
            <HTTPMonitor>
                <Request>
                    <ConnectTimeoutInSec>100</ConnectTimeoutInSec>
                    <SocketReadTimeoutInSec>60</SocketReadTimeoutInSec>
                    <Port>8043</Port>
                    <Verb>GET</Verb>
                    <Path>/check-service/health</Path>
                </Request>
                <SuccessResponse>
                    <ResponseCode>200</ResponseCode>
                </SuccessResponse>
            </HTTPMonitor>
        </HealthMonitor>
    </HTTPTargetConnection>
0 4 217
4 REPLIES 4

APIGEE cannot check if back-end server is down so it constantly redirect to <isFallBack>true</isFallBack> server even though one of back-end server is up.

Why? What do you mean by "Apigee cannot check" ?

The normal behavior is that Apigee Edge does check the backend server. And if the check doesn't receive a response, or if the response is negative (doesn't match the configured "healthy" pattern), then Apigee Edge will mark the server down.

This works and people are using it. So if you think it does not work, then it seems likely that the cause is a misconfiguration. One possible cause for the symptoms you report: your backend server is not actually listening at the endpoint and path that you've configured.

In fact, in the majority of cases I've seen in which the Healthcheck never seems to register a server as healthy, this is exactly the problem.

So please double check that.

Thanks, the health monitor works, the issue resides in my back-end server TLS certificate

Not applicable

Hi @futurexv 2020, I tested the code you have shared, and it works for me. The first target is again serving once its up. To be noted the error code shouldn't be 500, for that retry won't work, so it will always connect through the fallback. I was able to produce your case as well. Thanks..

Thanks, the health monitor works, the issue resides in my back-end server TLS certificate