Health check

Proxy

Proxy provides health endpoint at GET /api/v1/health which checks whether the application is running.

Example request:

curl "https://enroll.example.com/api/v1/health"

Response:

"alive" - with status code 200 - Proxy is working

To verify gRPC services for Proxy are alive, there is endpoint at GET /api/v1/health-grpc that verify it.

Example request:

curl "https://enroll.example.com/api/v1/health-grpc"

Response:

"alive" with status code 200 - Proxy is working and is connected to CORE
"Not connected to Defguard Core" - with status code 503 - Proxy is working but is not connected to CORE

Core

To check if Core is working, you can use endpoint at GET /api/v1/health which verify it.

Example request:

curl "https://defguard.example.com/api/v1/health"

Response:

To check if core gRPC service is alive, we recommend to use community tools like grpc_health_probe.

Example request for core:

Example response:

Gateway

You can enable in gateway config (example config) a health check port, by adding the following line:

In this example, gateway will open an additional HTTP port number 55003. Now we can use GET /api/v1/health endpoint to verify whether gateway is working correctly.

If running in Docker you can also enable it by setting the HEALTH_PORT environment variable.

By default the HTTP server will listen on all interfaces, but if you prefer to bind only a specific IP you can set it by using the http_bind_address config option (or DEFGUARD_HTTP_BIND_ADDRESS environment variable). For example:

Example request:

Response:

By default, no health check ports are open.