helm: provide option to disable startup- and liveness probes on Envoy #39527
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Currently, the Cilium Envoy DaemonSet uses the `/ready` endpoint of Envoys admin interface as HTTP startup- and liveness probe. (`/healthz` redirects to `/ready` in the bootstrap config). But using this endpoint for startup- and liveness probes isn't ideal as it can lead to situations where the k8s kubelet tries to restart the Envoy Pod even if Envoy is just in state `DRAINING` (This is a possible state that also leads to responding with HTTP response code `503`). Therefore, this commit adds the possibility to disable the startup- and liveness probe via the Helm values `envoy.startupProbe.enabled` & `envoy.livenessProbe.enabled`. Envoy `/ready` API: https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--ready Modes: https://www.envoyproxy.io/docs/envoy/latest/api-v3/admin/v3/server_info.proto#enum-admin-v3-serverinfo-state Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
|
/test |
joamaki
approved these changes
May 14, 2025
jrajahalme
approved these changes
May 14, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently, the Cilium Envoy DaemonSet uses the
/readyendpoint of Envoys admin interface as HTTP startup- and liveness probe. (/healthzredirects to/readyin the bootstrap config).But using this endpoint for startup- and liveness probes isn't ideal as it can lead to situations where the k8s kubelet tries to restart the Envoy Pod even if Envoy is just in state
DRAINING(This is a possible state that also leads to responding with HTTP response code503for endpoint/ready).Therefore, this commit adds the possibility to disable the startup- and liveness probe via the Helm values
envoy.startupProbe.enabled&envoy.livenessProbe.enabled.Note: The Pod still gets restarted if an error occurs during startup (or later). This should be enough for most usecases.
Envoy
/readyAPI: https://www.envoyproxy.io/docs/envoy/latest/operations/admin#get--readyStates: https://www.envoyproxy.io/docs/envoy/latest/api-v3/admin/v3/server_info.proto#enum-admin-v3-serverinfo-state