Health check

Proxy

Proxy provides health endpoint at GET /api/v1/health which checks whether the application is running.

Example request:

curl "https://enroll.example.com/api/v1/health"

Response:

"alive" - with status code 200 - Proxy is working

To verify gRPC services for Proxy are alive, there is endpoint at GET /api/v1/health-grpc that verify it.

Example request:

curl "https://enroll.example.com/api/v1/health-grpc"

Response:

"alive" with status code 200 - Proxy is working and is connected to CORE
"Not connected to Defguard Core" - with status code 503 - Proxy is working but is not connected to CORE

Core

To check if Core is working, you can use endpoint at GET /api/v1/health which verify it.

Example request:

curl "https://defguard.example.com/api/v1/health"

Response:

"alive" - with status code 200 - Core is working

To check if core gRPC service is alive, we recommend to use community tools like grpc_health_probe.

Example request for core:

./grpc_health_probe -addr=defguard.example.com:50055

Example response:

status: SERVING

Gateway

You can enable in gateway config (example config) a health check port, by adding the following line:

health_port = 55003

In this example, gateway will open an additional HTTP port number 55003. Now we can use GET /api/v1/health endpoint to verify whether gateway is working correctly.

Example request:

curl "http://gateway.example.com:55003/api/v1/health"

Response:

"alive" - with status code 200 - Gateway is working and is connected to CORE
"Not connected to core" - with status code 503 - Gateway is working but is not connected to CORE

By default, no health check ports are open.