Skip to content

Commit

Permalink
configurable liveness and readiness probes (#40)
Browse files Browse the repository at this point in the history 
* configurable liveness and readiness probes

Liveness and Readiness probes break if deploying krakend with tls enabled.

If enabled, the httpGet of both need to be updated to have `scheme: HTTPS`

Signed-off-by: Mike Mason <mimason@equinix.com>

* expand schema to include liveness and readiness probe details

---------

Signed-off-by: Mike Mason <mimason@equinix.com>
  • Loading branch information
@mikemrm
mikemrm authored Feb 7, 2023
1 parent e810097 commit 544ea1d
Show file tree
Hide file tree
Showing 4 changed files with 264 additions and 8 deletions.
2 changes: 2 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,10 +56,12 @@ please refer to [the official krakend documentation](https://www.krakend.io/docs
| krakend.partials | Object | `{"endpoints.tmpl":"[\n {\n \"endpoint\": \"/test\",\n \"method\": \"GET\",\n \"backend\": [\n {\n \"method\": \"GET\",\n \"host\": [],\n \"url_pattern\": \"/__debug/roots\",\n \"encoding\": \"json\",\n \"deny\": [\n \"message\"\n ]\n }\n ],\n \"extra_config\": {\n \"proxy\": {\n \"static\": {\n \"data\": {\n \"collection\": [\n {\n \"directories\": [\n \"Graceland\"\n ]\n }\n ],\n \"version\": \"deficient\"\n },\n \"strategy\": \"always\"\n }\n }\n },\n \"output_encoding\": \"json\"\n }\n]","input_headers.tmpl":"\"input_headers\": [\n \"Content-Type\",\n \"ClientId\"\n]","rate_limit_backend.tmpl":"\"qos/ratelimit/proxy\": {\n \"max_rate\": 0.5,\n \"capacity\": 1\n}"}` | The default configuration has a partials files that will be used to load several aspects of the configuration. If you want to include expra partials, add or remove them here. |
| krakend.settings | object | `{"service.json":"{\n\t\"environment\": \"PRODUCTION\",\n\t\"default_host\": \"http://localhost:8080\",\n\t\"timeout\": \"3s\",\n\t\"cache_ttl\": \"3s\",\n\t\"output_encoding\": \"json\"\n}"}` | The default configuration has a settings files that will be used to load several aspects of the configuration. |
| krakend.templates | object | `{}` | While default configuration does not take into use templates; you may want to add your own templates here. Note that you'd need to set a custom configuration file to use them. |
| livenessProbe | object | `{"httpGet":{"path":"/__health","port":"http"}}` | The livenessProbe to use for the krakend pod |
| nameOverride | string | `""` | |
| nodeSelector | object | `{}` | The nodeSelector to use for the krakend pod |
| podAnnotations | object | `{}` | The annotations to use for the krakend pod |
| podSecurityContext | object | `{}` | The securityContext to use for the krakend pod |
| readinessProbe | object | `{"httpGet":{"path":"/__health","port":"http"}}` | The readinessProbe to use for the krakend pod |
| replicaCount | int | `1` | Number of replicas to deploy |
| resources | object | `{}` | The resources to use for the krakend pod |
| securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"add":["NET_BIND_SERVICE"],"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsNonRoot":true,"runAsUser":1000}` | The securityContext to use for the krakend container |
Expand Down
14 changes: 6 additions & 8 deletions templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,14 +75,12 @@ spec:
- name: http
containerPort: {{ .Values.service.targetPort }}
protocol: TCP
livenessProbe:
httpGet:
path: /__health
port: http
readinessProbe:
httpGet:
path: /__health
port: http
{{- with .Values.livenessProbe }}
livenessProbe: {{ toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.readinessProbe }}
readinessProbe: {{ toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- name: tmp
mountPath: /tmp
Expand Down
244 changes: 244 additions & 0 deletions values.schema.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,128 @@
}
}
},
"livenessProbe": {
"description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.",
"properties": {
"exec": {
"description": "ExecAction describes a \"run in container\" action.",
"properties": {
"command": {
"description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.",
"items": {
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"failureThreshold": {
"description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.",
"format": "int32",
"type": "integer"
},
"httpGet": {
"description": "HTTPGetAction describes an action based on HTTP Get requests.",
"properties": {
"host": {
"description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.",
"type": "string"
},
"httpHeaders": {
"description": "Custom headers to set in the request. HTTP allows repeated headers.",
"items": {
"description": "HTTPHeader describes a custom header to be used in HTTP probes",
"properties": {
"name": {
"description": "The header field name",
"type": "string"
},
"value": {
"description": "The header field value",
"type": "string"
}
},
"required": [
"name",
"value"
],
"type": "object"
},
"type": "array"
},
"path": {
"description": "Path to access on the HTTP server.",
"type": "string"
},
"port": {
"description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.",
"oneOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"scheme": {
"description": "Scheme to use for connecting to the host. Defaults to HTTP.",
"type": "string"
}
},
"required": [
"port"
],
"type": "object"
},
"initialDelaySeconds": {
"description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes",
"format": "int32",
"type": "integer"
},
"periodSeconds": {
"description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.",
"format": "int32",
"type": "integer"
},
"successThreshold": {
"description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.",
"format": "int32",
"type": "integer"
},
"tcpSocket": {
"description": "TCPSocketAction describes an action based on opening a socket",
"properties": {
"host": {
"description": "Optional: Host name to connect to, defaults to the pod IP.",
"type": "string"
},
"port": {
"description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.",
"oneOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
}
},
"required": [
"port"
],
"type": "object"
},
"timeoutSeconds": {
"description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes",
"format": "int32",
"type": "integer"
}
},
"type": "object"
},
"nameOverride": {
"type": "string"
},
Expand All @@ -118,6 +240,128 @@
"podSecurityContext": {
"type": "object"
},
"readinessProbe": {
"description": "Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.",
"properties": {
"exec": {
"description": "ExecAction describes a \"run in container\" action.",
"properties": {
"command": {
"description": "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.",
"items": {
"type": "string"
},
"type": "array"
}
},
"type": "object"
},
"failureThreshold": {
"description": "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1.",
"format": "int32",
"type": "integer"
},
"httpGet": {
"description": "HTTPGetAction describes an action based on HTTP Get requests.",
"properties": {
"host": {
"description": "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead.",
"type": "string"
},
"httpHeaders": {
"description": "Custom headers to set in the request. HTTP allows repeated headers.",
"items": {
"description": "HTTPHeader describes a custom header to be used in HTTP probes",
"properties": {
"name": {
"description": "The header field name",
"type": "string"
},
"value": {
"description": "The header field value",
"type": "string"
}
},
"required": [
"name",
"value"
],
"type": "object"
},
"type": "array"
},
"path": {
"description": "Path to access on the HTTP server.",
"type": "string"
},
"port": {
"description": "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.",
"oneOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
},
"scheme": {
"description": "Scheme to use for connecting to the host. Defaults to HTTP.",
"type": "string"
}
},
"required": [
"port"
],
"type": "object"
},
"initialDelaySeconds": {
"description": "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes",
"format": "int32",
"type": "integer"
},
"periodSeconds": {
"description": "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1.",
"format": "int32",
"type": "integer"
},
"successThreshold": {
"description": "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.",
"format": "int32",
"type": "integer"
},
"tcpSocket": {
"description": "TCPSocketAction describes an action based on opening a socket",
"properties": {
"host": {
"description": "Optional: Host name to connect to, defaults to the pod IP.",
"type": "string"
},
"port": {
"description": "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.",
"oneOf": [
{
"type": "string"
},
{
"type": "integer"
}
]
}
},
"required": [
"port"
],
"type": "object"
},
"timeoutSeconds": {
"description": "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes",
"format": "int32",
"type": "integer"
}
},
"type": "object"
},
"replicaCount": {
"type": "integer"
},
Expand Down
12 changes: 12 additions & 0 deletions values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -191,3 +191,15 @@ extraVolumeMounts: []

# -- (array) extraVolumes allows you to mount extra volumes to the krakend pod
extraVolumes: []

# -- (object) The livenessProbe to use for the krakend pod
livenessProbe:
httpGet:
path: /__health
port: http

# -- (object) The readinessProbe to use for the krakend pod
readinessProbe:
httpGet:
path: /__health
port: http

0 comments on commit 544ea1d

Please sign in to comment.