Understanding Kubernetes Probes: Better Apps Health checks š
Guide to Liveness, Readiness, and Startup Probes ā»ļø
š Introduction:
Kubernetes offers a feature called probes, which play an important role in ensuring the health of applications running within its environment.
These probes, categorized into liveness, readiness, and startup, enable Kubernetes to monitor the state of applications and take appropriate actions to maintain their optimal functioning.
In this blog post, we will explore the significance of these probes in enhancing the self-healing capabilities of Kubernetes and providing a comprehensive understanding of how they work.
We will explore each probe type, their specific purposes, and how they contribute to the overall resilience of containerized applications.
š¢ Announcement: I have just launched a GitHub repository dedicated to gathering resources, exercises, and labs to aid in learning Kubernetes from the ground up. This repository aims to provide practical exercises that guide users in deploying, managing, and scaling containerized applications using Kubernetes. Your feedback contributions are welcomed to enhance and improve the learning experience. š
Link: https://github.com/seifrajhi/Kubernetes-practical-exercises-Hands-on
Table of Contents:
. Health Check
Ā· Kubernetes probes
Ā· Kubernetes probe types
Ā· Sequence of health probes
. Startup probes
. Readiness probes
. Liveness probes
Health Check:
Health checks are a simple way to let the system know whether an instance of your app is working. If the instance of your app is not working, the other services should not access it or send requests to it. Instead, requests should be sent to another instance that is ready or you should retry sending requests.
The system should be able to bring your app to a healthy state. By default, Kubernetes will start sending traffic to the pod when all the containers inside the pod have started. Kubernetes will restart containers when they crash. This default behavior should be enough to get started. Making deployments more robust becomes relatively straightforward as Kubernetes helps create custom health checks.
Kubernetes probes:
Kubernetes probes are a mechanism for providing the Kubernetes control plane with information about the internal state of your applications. They let your cluster identify running pods that are in an unhealthy state.
Probes are kubeletās answer to the health checks, there are three handlers:
- ExecAction: Command execution check, if the commandās exit status is 0, it is considered a success.
- TCPSocketAction: TCP check to determine if the port is open, if open, it is considered a success.
- HTTPGetAction: HTTP check to determine if the status code is equal to or above 200 and below 400.
Each type of probe has common configurable fields:
- initialDelaySeconds: Probes start running after
initialDelaySeconds
after container is started (default: 0) - periodSeconds: How often probe should run (default: 10)
- timeoutSeconds: Probe timeout (default: 1)
- successThreshold: Required number of successful probes to mark container healthy/ready (default: 1)
- failureThreshold: When a probe fails, it will try
failureThreshold
times before deeming unhealthy/not ready (default: 3)
These parameters need to be configured per your applicationās spec.
Kubernetes probe types:
Kubernetes has three basic probe types:
Liveness probes:
they detect whether a pod is healthy by running a command or making a network request inside the container. Containers that fail the check are restarted.Readiness probes:
they identify when a container is able to handle external traffic received from a service. Containers donāt become part of their services until they pass a readiness probe.Startup probes:
they provide a way to defer the execution of liveness and readiness probes until a container indicates itās able to handle them. Kubernetes wonāt direct the other probe types to a container if it has a startup probe that hasnāt yet succeeded.
Sequence of health probes:
This diagram effectively illustrates the workflow of Kubernetes health probes and their impact on a containerās lifecycle.
The process begins with the deployment of the container in Kubernetes. After the container starts, the startup probe checks if the application within the container is ready to run. If the startup probe succeeds, it proceeds to the readiness probe. If the startup probe fails, Kubernetes restarts the container.
When the startup probe is successful, the readiness probe is executed. This probe determines if the container is ready to serve traffic. If the readiness probe is successful, Kubernetes initiates the liveness probe to continually monitor the containerās health. If the readiness probe fails, traffic to the container is stopped. Kubernetes will retry the readiness probe until it succeeds or the failure threshold is exceeded. If the failure threshold is exceeded, Kubernetes restarts the container.
Once the startup probe and the readiness probes are successful, Kubernetes continuously checks the health of the container during its runtime. If the liveness probe is successful, it will continue to monitor at defined intervals. If the liveness probe fails, Kubernetes will restart the container. After restarting the container, the process begins again with the startup probe.
Startup probes:
Startup probes should be used when the application in your container could take a significant amount of time to reach its normal operating state. Applications that would crash or throw an error if they handled a liveness or readiness probe during startup need to be protected by a startup probe.
This ensures the container doesnāt enter a restart loop due to failing healthiness checks before itās finished launching.
Creating a startup probe:
Startup probes are created by adding a startupProbe
field within the spec.containers
portion of a podās manifest.
Exec Probe:
Exec probe runs a command inside the container as a health check; the commandās exit code determines the success.
startupProbe:
initialDelaySeconds: 1
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
exec:
command:
- cat
- /etc/nginx/nginx.conf
TCP Probe:
TCP probe checks if the specified port is open or not; an open port points to success.
startupProbe:
initialDelaySeconds: 1
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
tcpSocket:
host:
port: 80
HTTP Probe:
HTTP probe sends an HTTP GET request with defined parameters.
HTTP Probe has additional options to configure.
- host: Host/IP to connect to (default: pod IP)
- scheme: Scheme to use when making the request (default: HTTP)
- path: Path
- httpHeaders: An array of headers defined as header/value tuples.
- port: Port to connect to
Tip: Host header should be set in httpHeaders.
startupProbe:
initialDelaySeconds: 1
periodSeconds: 2
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
httpGet:
host:
scheme: HTTP
path: /
httpHeaders:
- name: Host
value: myapplication1.com
port: 80
initialDelaySeconds: 5
periodSeconds: 5
Readiness probes:
Similar to other probes, it checks to ensure the container is ready to accept traffic. Unlike the liveness probe which checks to see if things remain ship-shape, the readiness probe makes sure things are in a state that traffic can start flowing.
This is at the pod level. Meaning all of the containers must be in a ready state prior to anything being passed to the service. The startup probe, while also similar, is at the application level. It would be active prior to any liveness or readiness probes.
Creating a Readiness probe:
Readiness probes are created by adding a readinessProbe
field within the spec.containers
portion of a podās manifest.
Exec Probe:
Exec action has only one field, and that is command.
Exit status of the command is checked, and the status of zero (0) means it is healthy, and another value means it is unhealthy.
readinessProbe:
initialDelaySeconds: 1
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
exec:
command:
- cat
- /etc/nginx/nginx.conf
TCP Probe:
We need to define host
and port
parameters, host
parameter defaults to the cluster-internal pod IP.
readinessProbe:
initialDelaySeconds: 1
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
tcpSocket:
host:
port: 80
HTTP Probe:
HTTP Probe has additional options to configure.
- host: Host/IP to connect to (default: pod IP)
- scheme: Scheme to use when making the request (default: HTTP)
- path: Path
- httpHeaders: An array of headers defined as header/value map
- port: Port to connect to
Tip: If you need to set the Host header of the HTTP, please do so on httpHeaders, instead of the host parameter.
readinessProbe:
initialDelaySeconds: 1
periodSeconds: 2
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 1
httpGet:
host:
scheme: HTTP
path: /
httpHeaders:
- name: Host
value: myapplication1.com
port: 80
initialDelaySeconds: 5
periodSeconds: 5
Liveness probes:
Liveness probes enhance Kubernetesā ability to manage workloads on your behalf. Without probes, you need to manually monitor your pods to distinguish which application instances are healthy and which are not. This becomes time-consuming and error-prone when youāre working with hundreds or thousands of pods.
Allowing unhealthy pods to continue without detection degrades your serviceās stability over time. Pods that are silently failing as they age, perhaps due to race conditions, deadlocks, or corrupted caches, will gradually reduce your serviceās capacity to handle new requests. Eventually, your entire pod fleet could be affected, even though all the containers report as running.
Creating a Liveness probe:
Liveness probes are defined by a podās spec.containers.livenessProbe
field.
There are three types of actions kubelet performs on a pod, which are:
- Executes a command inside the container
- Checks for a state of a particular port on the container
- Performs a GET request on containerās IP
Define a liveness command:
livenessProbe:
exec:
command:
- sh
- /tmp/status_check.sh
initialDelaySeconds: 10
periodSeconds: 5
Define a liveness HTTP request:
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 5
periodSeconds: 3
Define a TCP liveness probe:
---
initialDelaySeconds: 15
livenessProbe: ~
periodSeconds: 20
port: 8080
tcpSocket: ~
Conclusion:
In conclusion, Kubernetes probes are essential for ensuring the health and resilience of your applications.
They provide a more streamlined, data-driven approach to monitoring, which facilitates informed decision-making and responsive adjustments to changes in your applicationās usage patterns.
By using health checks, you can improve your application availability, reduce your maintenance burden, and make certain that your application is not only running but also accessible to your users.
Until next time šµšø š
Thank you for Reading !! šš»šš, see you in the next blog.š¤šµšø
š Thank you for sticking up till the end. If you have any questions/feedback regarding this blog feel free to connect with me :
ā»ļø šµšøLinkedIn: https://www.linkedin.com/in/rajhi-saif/
ā»ļøšµšø Twitter : https://twitter.com/rajhisaifeddine
The end āš»