Kubernetes offers two types of health checks: readiness probes and liveness probes.
Readiness probes are designed to ensure that an application has reached a "ready" state. In many cases there is a period of time between when a web server process starts and when it is ready to receive traffic.
29% of Kubernetes deployments lack readiness probes Source: Fairwinds Insights findings across thousands of monitored deployments
If a readiness probe is missing, Kubernetes doesn't know if your pod is completely ready to receive traffic. The pod could receive requests before it can accurately handle them. A readiness probe can ensure the traffic is not sent to a pod until it is actually ready to receive traffic.
How to Identify Apps with Missing Readiness Probes
Missing readiness probes can be a problem for application reliability. Manually auditing all pods for these probes can be time consuming. It’s also something that will have to be revisited as users copy and paste YAML or if there are no existing processes to verify readiness probes.
Fairwinds Insights, a policy-driven configuration validation platform (community version is free to use) allows teams responsible for Kubernetes to identify missing readiness probes and ensure both liveness and readiness probes are set from dev to production.
Fairwinds Insights community edition is free to use forever. Try the full edition for 30 days by signing up here. Test in GKE, AKS or EKS or run on a test cluster.
A SaaS solution, Fairwinds Insights automatically scans clusters to check for deployments where the readiness probe is missing. Instead of spending time identifying the missing probes, you can spend your time on including these probes.
Once the Fairwinds Insights agent is installed you’ll get results in 5-10 minutes. You easily check if liveness probes are missing as well as other health checks such as image pull policies not being set to “Always” or missing tags.
Prevent Missing Readiness or Liveness Probes
By using Fairwinds Insights throughout your CI/CD process, you can ensure that your policy-as-code (OPA policies) are enforced along with out of the box checks to prevent missing readiness or liveness probes. You can use it:
As a CI/CD hook, auditing Infrastructure-as-Code as part of the code review process
As an Admission Controller (aka Validating Webhook), which will stop problematic resources from entering the cluster
As an in-cluster agent, repeatedly scanning for problematic resources
Fairwinds Insights can take the same OPA policies and federate them out to all three contexts, and to as many clusters as you’d like.
Using Fairwinds Insights will dramatically improve the health of your clusters from CI/CD to production. The policy-driven configuration validation platform ensures that reliability best practices are followed organization-wide.