Fixing kubernetes service redeploy errors with keep-alive enabled
The issue happens if the proxying/load balancing happens in layer 4 instead of layer 7. For the internal services (Kubernetes service of type ClusterIP), since the Kube-proxy does the proxying using layer 4 proxying, the clients will keep the connection even after the pod isn't ready to serve anymore. Similarly, for the services of type LoadBalancer, if the backend type is set to TCP (which is by default with AWS ELB), the same issue happens. Please see this issue for more details.
The solution to this problem as of now is:
- If you are using a cloud LoadBalancer, go ahead and set the backend to HTTP. For example, You can add
service.beta.kubernetes.io/aws-load-balancer-backend-protocolannotation to kubernetes service and set it to HTTP so that ELB uses HTTP proxying instead of TCP. - Use a layer 7 proxy/ingress controller within the cluster to route the traffic instead of sending it via
kube-proxy
We're running into the same issue, so just wondering if you figured out a way around this issue. According to this link it should be possible to do so by having a Load Balancer in front of the service which will make direct requests to the pods and handle Keep-Alive connections on it's own.
We will continue to investigate this issue and see if we can find a way of doing zero downtime deployments with keep-alive connections.