-
Notifications
You must be signed in to change notification settings - Fork 16.7k
[incubator/vault] Remove liveness probe #11320
Conversation
The readiness probe already runs throughout the lifetime of the pod and will also signal the health of the pod. Also, using a "bare" TCP probe results in many error messages from Vault in the form of `2019-02-11T08:51:56.900Z [INFO] http: TLS handshake error from 172.19.9.1:49392: EOF` There is probably no point in duplicating the same `httpGet` check in the liveness probe too. Signed-off-by: Yong Wen Chua <lawliet89@users.noreply.github.com>
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: lawliet89 If they are not already assigned, you can assign the PR to them by writing The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Yong Wen Chua <lawliet89@users.noreply.github.com>
06f8905
to
bf0d420
Compare
Can I get someone to review/merge this please? I've fixed the conflicts. |
the readiness probe run just one to let k8s know it is ready to accept traffic and liveness run during the lifetime of the pod to let the scheduler it is alive otherwise kill the pod. |
Doesn't the readiness probe run for the entire lifetime of the pod? At least that's what the docs says. In any case I could always add it back but it shouldn't be a bare tcp connection because it causes a lot of noise in the logs wrt bad tls handshakes. |
@lawliet89 my understanding readiness |
@lawliet89 I just got my PR merged (#9462) that should address the tcp handshake errors by hitting the vault health endpoint using http/https. |
Great. Then I guess there's no need for this PR. |
@jbialy please check my review here: #9462 (review) |
What this PR does / why we need it:
The readiness probe already runs throughout the lifetime of the pod and
will also signal the health of the pod.
Also, using a "bare" TCP probe results in many error messages from Vault
in the form of
2019-02-11T08:51:56.900Z [INFO] http: TLS handshake error from 172.19.9.1:49392: EOF
There is probably no point in duplicating the same
httpGet
check inthe liveness probe too.
This is an alternative to #9462. I don't see a point in doing the exact same check.
Checklist
[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]