From f6190e200a0bf37a2317e9c587c22cf8518315db Mon Sep 17 00:00:00 2001 From: Joao Marcal Date: Wed, 23 Mar 2022 16:51:15 +0000 Subject: [PATCH 1/2] Adds readinessProbe and livenessProbe to prometheus-adapter jsonnet Problem: Currently the prometheus-adapter pods are restarted at the same time even though the deployment is configured with strategy RollingUpdate. This happens because the kubelet does not know when the prometheus-adapter pods are ready to start receiving requests. Solution: Add both readinessProbe and livenessProbe to the prometheus-adapter, this way the kubelet will know when either the pod stoped working and should be restarted or simply when it ready to start receiving requests. Issue: https://bugzilla.redhat.com/show_bug.cgi?id=2048333 --- .../components/prometheus-adapter.libsonnet | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet b/jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet index 1ac3aced0c..4a4d6850fa 100644 --- a/jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet +++ b/jsonnet/kube-prometheus/components/prometheus-adapter.libsonnet @@ -220,6 +220,26 @@ function(params) { '--tls-cipher-suites=' + std.join(',', pa._config.tlsCipherSuites), ], resources: pa._config.resources, + readinessProbe: { + httpGet: { + path: '/readyz', + port: 'https', + scheme: 'HTTPS', + }, + initialDelaySeconds: 30, + periodSeconds: 5, + failureThreshold: 5, + }, + livenessProbe: { + httpGet: { + path: '/livez', + port: 'https', + scheme: 'HTTPS', + }, + initialDelaySeconds: 30, + periodSeconds: 5, + failureThreshold: 5, + }, ports: [{ containerPort: 6443 }], volumeMounts: [ { name: 'tmpfs', mountPath: '/tmp', readOnly: false }, From 652c6d538e1c10b541594aee763b26530e46bae6 Mon Sep 17 00:00:00 2001 From: Joao Marcal Date: Wed, 30 Mar 2022 07:23:05 +0100 Subject: [PATCH 2/2] Adds YAML for jsonnet modified in the previous commit --- manifests/prometheusAdapter-deployment.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/manifests/prometheusAdapter-deployment.yaml b/manifests/prometheusAdapter-deployment.yaml index a15128d098..9ff5a3333f 100644 --- a/manifests/prometheusAdapter-deployment.yaml +++ b/manifests/prometheusAdapter-deployment.yaml @@ -38,9 +38,25 @@ spec: - --secure-port=6443 - --tls-cipher-suites=TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA image: k8s.gcr.io/prometheus-adapter/prometheus-adapter:v0.9.1 + livenessProbe: + failureThreshold: 5 + httpGet: + path: /livez + port: https + scheme: HTTPS + initialDelaySeconds: 30 + periodSeconds: 5 name: prometheus-adapter ports: - containerPort: 6443 + readinessProbe: + failureThreshold: 5 + httpGet: + path: /readyz + port: https + scheme: HTTPS + initialDelaySeconds: 30 + periodSeconds: 5 resources: limits: cpu: 250m