feat(helm): Update health checks for consistent ALB and Statef (#61)

charts/dotcms/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: dotcms
 description: A Helm chart for DotCMS cluster
 type: application
-version: 1.0.26
+version: 1.0.30
 appVersion: 1.0.0
 maintainers:
   - name: dcolina

charts/dotcms/templates/ingress-dotcms-cluster.yaml

@@ -13,16 +13,21 @@ metadata:
     alb.ingress.kubernetes.io/scheme: internet-facing
     alb.ingress.kubernetes.io/target-type: ip
     alb.ingress.kubernetes.io/tags: dotcms.client.name.short={{ .Values.customerName }}, VantaOwner=example@dotcms.com, VantaDescription=ALB for {{ .Values.customerName }} {{ .Values.environment }}, VantaNonProd=true
-    alb.ingress.kubernetes.io/backend-protocol: HTTP
-    alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
-    alb.ingress.kubernetes.io/healthcheck-port: '8082'
-    alb.ingress.kubernetes.io/healthcheck-path: /api/v1/appconfiguration
-    alb.ingress.kubernetes.io/healthcheck-interval-seconds: '30'
-    alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '5'
-    alb.ingress.kubernetes.io/success-codes: '200'
-    alb.ingress.kubernetes.io/healthy-threshold-count: '5'
-    alb.ingress.kubernetes.io/unhealthy-threshold-count: '2'
-    alb.ingress.kubernetes.io/target-group-attributes: stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=18000
+    alb.ingress.kubernetes.io/backend-protocol: {{ .Values.ingress.alb.healthcheck.backendProtocol | default "HTTP" }}
+    alb.ingress.kubernetes.io/healthcheck-protocol: {{ .Values.ingress.alb.healthcheck.protocol | default "HTTP" }}
+    alb.ingress.kubernetes.io/healthcheck-port: '{{ .Values.readinessProbe.httpGet.port }}'
+    alb.ingress.kubernetes.io/healthcheck-path: '{{ .Values.readinessProbe.httpGet.path }}'
+    alb.ingress.kubernetes.io/healthcheck-interval-seconds: '{{ .Values.ingress.alb.healthcheck.intervalSeconds | default "10" }}'
+    alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '{{ .Values.ingress.alb.healthcheck.timeoutSeconds | default "5" }}'
+    alb.ingress.kubernetes.io/success-codes: '{{ .Values.ingress.alb.healthcheck.successCodes | default "200" }}'
+    alb.ingress.kubernetes.io/healthy-threshold-count: '{{ .Values.ingress.alb.healthcheck.healthyThresholdCount | default "3" }}'
+    alb.ingress.kubernetes.io/unhealthy-threshold-count: '{{ .Values.ingress.alb.healthcheck.unhealthyThresholdCount | default "2" }}'
+    alb.ingress.kubernetes.io/target-group-attributes: >-
+      stickiness.enabled={{ .Values.ingress.alb.targetGroup.stickiness.enabled | default true }},
+      stickiness.lb_cookie.duration_seconds={{ .Values.ingress.alb.targetGroup.stickiness.cookieDuration | default "18000" }},
+      slow_start.duration_seconds={{ .Values.ingress.alb.targetGroup.slowStart.durationSeconds | default "120" }},
+      deregistration_delay.timeout_seconds={{ .Values.ingress.alb.targetGroup.deregistrationDelay.timeoutSeconds | default "60" }},
+      load_balancing.algorithm.type={{ .Values.ingress.alb.targetGroup.loadBalancing.algorithmType | default "least_outstanding_requests" }}
     alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
     alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
     {{- if eq .Values.ingress.type "alb" }}

charts/dotcms/templates/statefulset.yaml

@@ -32,6 +32,7 @@ spec:
       annotations:
         {{- if $.Values.linkerd.enabled }}
         linkerd.io/inject: enabled
+        config.alpha.linkerd.io/proxy-wait-before-exit-seconds: {{ $.Values.linkerd.proxyWaitBeforeExitSeconds | quote }}
         {{- end }}
         {{- if $.Values.prometheus.enabled }}
         prometheus.io/scrape: {{ $.Values.prometheus.annotations.scrape | quote }}

charts/dotcms/values.yaml

@@ -143,6 +143,54 @@ ingress:
       # -- ARN of the WAF to associate with the ALB
       # @default -- ""
       wafArn: ""
+      # Health check configuration for ALB
+      healthcheck:
+        # -- Backend protocol for health checks (HTTP or HTTPS)
+        # @default -- HTTP
+        backendProtocol: HTTP
+        # -- Protocol for health checks (HTTP or HTTPS)
+        # @default -- HTTP
+        protocol: HTTP
+        # -- Interval between health checks in seconds
+        # @default -- 10
+        intervalSeconds: 10
+        # -- Timeout for health checks in seconds
+        # @default -- 5
+        timeoutSeconds: 5
+        # -- Success codes for health checks
+        # @default -- "200"
+        successCodes: "200"
+        # -- Number of consecutive successful health checks before marking healthy
+        # @default -- 3
+        healthyThresholdCount: 3
+        # -- Number of consecutive failed health checks before marking unhealthy
+        # @default -- 2
+        unhealthyThresholdCount: 2
+      # Target group attributes for ALB
+      targetGroup:
+        # Stickiness configuration
+        stickiness:
+          # -- Enable sticky sessions
+          # @default -- true
+          enabled: true
+          # -- Cookie duration for sticky sessions in seconds
+          # @default -- 18000
+          cookieDuration: 18000
+        # Slow start configuration
+        slowStart:
+          # -- Slow start duration in seconds
+          # @default -- 120
+          durationSeconds: 120
+        # Deregistration delay configuration
+        deregistrationDelay:
+          # -- Deregistration delay timeout in seconds
+          # @default -- 60
+          timeoutSeconds: 60
+        # Load balancing algorithm configuration
+        loadBalancing:
+          # -- Load balancing algorithm type
+          # @default -- least_outstanding_requests
+          algorithmType: least_outstanding_requests
 
 # Database configuration settings
 database:
@@ -438,48 +486,48 @@ backup:
 startupProbe:
   httpGet:
     # -- Path to check for readiness
-    # @default -- /api/v1/appconfiguration
-    path: /api/v1/appconfiguration
-    # -- Port used for the readiness probe
-    # @default -- 8082
-    port: 8082
+    # @default -- /dotmgmt/readyz
+    path: /dotmgmt/readyz
+    # -- Port used for the readiness probe (defaults to management port if enabled)
+    # @default -- 8090
+    port: 8090
   # -- Initial delay before the first probe is initiated
-  # @default -- 60
-  initialDelaySeconds: 60
+  # @default -- 30
+  initialDelaySeconds: 30
   # -- Frequency of probe checks in seconds
-  # @default -- 5
-  periodSeconds: 5
+  # @default -- 10
+  periodSeconds: 10
   # -- Number of successful checks required before marking as healthy
   # @default -- 1
   successThreshold: 1
   # -- Number of failed checks before container is restarted
-  # @default -- 60
-  failureThreshold: 60
+  # @default -- 90
+  failureThreshold: 90
   # -- Time in seconds after which the probe times out
-  # @default -- 20
-  timeoutSeconds: 20
+  # @default -- 5
+  timeoutSeconds: 5
 
 # Liveness probe to determine if the container should be restarted
 livenessProbe:
   httpGet:
     # -- Path to check liveness
-    # @default -- /api/v1/appconfiguration
-    path: /api/v1/appconfiguration
+    # @default -- /dotmgmt/livez
+    path: /dotmgmt/livez
     # -- Port used for the liveness probe
-    # @default -- 8082
-    port: 8082
+    # @default -- 8090
+    port: 8090
   # -- Initial delay before the first liveness check
-  # @default -- 1
-  initialDelaySeconds: 1
+  # @default -- 120
+  initialDelaySeconds: 120
   # -- Frequency of liveness checks
   # @default -- 30
   periodSeconds: 30
   # -- Number of successes needed for the container to be considered alive
   # @default -- 1
   successThreshold: 1
   # -- Number of failures before restarting the container
-  # @default -- 1
-  failureThreshold: 1
+  # @default -- 3
+  failureThreshold: 3
   # -- Timeout for the probe request
   # @default -- 10
   timeoutSeconds: 10
@@ -488,23 +536,23 @@ livenessProbe:
 readinessProbe:
   httpGet:
     # -- Path to check readiness
-    # @default -- /api/v1/appconfiguration
-    path: /api/v1/appconfiguration
+    # @default -- /dotmgmt/readyz
+    path: /dotmgmt/readyz
     # -- Port used for the readiness probe
-    # @default -- 8082
-    port: 8082
+    # @default -- 8090
+    port: 8090
   # -- Initial delay before the first readiness check
-  # @default -- 1
-  initialDelaySeconds: 1
-  # -- Frequency of readiness checks
   # @default -- 10
-  periodSeconds: 10
+  initialDelaySeconds: 10
+  # -- Frequency of readiness checks
+  # @default -- 5
+  periodSeconds: 5
   # -- Number of successes required to be considered ready
   # @default -- 1
   successThreshold: 1
   # -- Number of failures before marking the pod as not ready
-  # @default -- 1
-  failureThreshold: 1
+  # @default -- 2
+  failureThreshold: 2
   # -- Timeout for the readiness probe
   # @default -- 5
   timeoutSeconds: 5
@@ -545,8 +593,8 @@ prometheus:
     # @default -- "true"
     scrape: "true"
     # -- Port for Prometheus to scrape metrics (uses management port by default)
-    # @default -- management.port
-    port: "{{ .Values.management.port }}"
+    # @default -- 8090
+    port: 8090
     # -- Path for Prometheus to scrape metrics
     # @default -- "/dotmgt/metrics"
     path: "/dotmgt/metrics"
@@ -556,6 +604,9 @@ linkerd:
   # -- Enable Linkerd sidecar injection
   # @default -- false
   enabled: false
+  # -- Proxy wait before exit seconds (allows graceful shutdown)
+  # @default -- 90
+  proxyWaitBeforeExitSeconds: 90
 
 # Map of environment-specific configurations. You can define multiple environments (e.g., prod, staging, auth),
 # each with its own env var overrides and removed keys.
@@ -568,3 +619,52 @@ environments:
     # @ignore -- Keys to remove from environment variables in the 'prod' environment
     # @default -- {}
     removeKeys: {}
+    # Ensure ingress configuration is available in environment context
+    ingress:
+      alb:
+        healthcheck:
+          # -- Backend protocol for health checks (HTTP or HTTPS)
+          # @default -- HTTP
+          backendProtocol: HTTP
+          # -- Protocol for health checks (HTTP or HTTPS)
+          # @default -- HTTP
+          protocol: HTTP
+          # -- Interval between health checks in seconds
+          # @default -- 10
+          intervalSeconds: 10
+          # -- Timeout for health checks in seconds
+          # @default -- 5
+          timeoutSeconds: 5
+          # -- Success codes for health checks
+          # @default -- "200"
+          successCodes: "200"
+          # -- Number of consecutive successful health checks before marking healthy
+          # @default -- 3
+          healthyThresholdCount: 3
+          # -- Number of consecutive failed health checks before marking unhealthy
+          # @default -- 2
+          unhealthyThresholdCount: 2
+        targetGroup:
+          # Stickiness configuration
+          stickiness:
+            # -- Enable sticky sessions
+            # @default -- true
+            enabled: true
+            # -- Cookie duration for sticky sessions in seconds
+            # @default -- 18000
+            cookieDuration: 18000
+          # Slow start configuration
+          slowStart:
+            # -- Slow start duration in seconds
+            # @default -- 120
+            durationSeconds: 120
+          # Deregistration delay configuration
+          deregistrationDelay:
+            # -- Deregistration delay timeout in seconds
+            # @default -- 60
+            timeoutSeconds: 60
+          # Load balancing algorithm configuration
+          loadBalancing:
+            # -- Load balancing algorithm type
+            # @default -- least_outstanding_requests
+            algorithmType: least_outstanding_requests