Skip to content
This repository has been archived by the owner on Mar 22, 2024. It is now read-only.

Commit

Permalink
Align healthz ports and checks across containers
Browse files Browse the repository at this point in the history 
Signed-off-by: Marco Franssen <marco.franssen@gmail.com>
  • Loading branch information
@marcofranssen
marcofranssen committed Feb 24, 2023
1 parent 156052a commit 495d9d6
Show file tree
Hide file tree
Showing 6 changed files with 22 additions and 10 deletions.
6 changes: 3 additions & 3 deletions charts/spire/charts/spiffe-oidc-discovery-provider/templates/deployment.yaml
View file
Expand Up @@ -38,7 +38,7 @@ spec:
- /run/spire/oidc/config/oidc-discovery-provider.conf
ports:
- containerPort: 8008
name: health
name: healthz
{{- if not .Values.insecureScheme.enabled }}
- containerPort: 443
name: https
Expand All @@ -57,13 +57,13 @@ spec:
readinessProbe:
httpGet:
path: /ready
port: health
port: healthz
initialDelaySeconds: 5
periodSeconds: 5
livenessProbe:
httpGet:
path: /live
port: health
port: healthz
initialDelaySeconds: 5
periodSeconds: 5
resources:
Expand Down
1 change: 1 addition & 0 deletions charts/spire/charts/spire-agent/README.md
View file
Expand Up @@ -13,6 +13,7 @@ A Helm chart to install the SPIRE agent.
| bundleConfigMap | string | `"spire-bundle"` | |
| clusterName | string | `"example-cluster"` | |
| fullnameOverride | string | `""` | |
| healthChecks.port | int | `9980` | override the host port used for health checking |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.registry | string | `"ghcr.io"` | |
| image.repository | string | `"spiffe/spire-agent"` | |
Expand Down
2 changes: 1 addition & 1 deletion charts/spire/charts/spire-agent/templates/configmap.yaml
View file
Expand Up @@ -47,7 +47,7 @@ data:
health_checks {
listener_enabled = true
bind_address = "0.0.0.0"
bind_port = "8080"
bind_port = {{ .Values.healthChecks.port | quote }}
live_path = "/live"
ready_path = "/ready"
}
7 changes: 5 additions & 2 deletions charts/spire/charts/spire-agent/templates/daemonset.yaml
View file
Expand Up @@ -43,6 +43,9 @@ spec:
image: {{ template "spire-agent.image" (dict "appVersion" $.Chart.AppVersion "image" .Values.image) }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
args: ["-config", "/run/spire/config/agent.conf"]
ports:
- containerPort: {{ .Values.healthChecks.port }}
name: healthz
volumeMounts:
- name: spire-config
mountPath: /run/spire/config
Expand All @@ -58,13 +61,13 @@ spec:
livenessProbe:
httpGet:
path: /live
port: 8080
port: healthz
initialDelaySeconds: 15
periodSeconds: 60
readinessProbe:
httpGet:
path: /ready
port: 8080
port: healthz
initialDelaySeconds: 15
periodSeconds: 60
resources:
Expand Down
4 changes: 4 additions & 0 deletions charts/spire/charts/spire-agent/values.yaml
View file
Expand Up @@ -61,6 +61,10 @@ bundleConfigMap: spire-bundle
server:
port: 8081

healthChecks:
# -- override the host port used for health checking
port: 9980

waitForIt:
image:
registry: cgr.dev
Expand Down
12 changes: 8 additions & 4 deletions charts/spire/charts/spire-server/templates/statefulset.yaml
View file
Expand Up @@ -43,18 +43,20 @@ spec:
- name: grpc
containerPort: 8081
protocol: TCP
- containerPort: 8080
name: healthz
livenessProbe:
httpGet:
path: /live
port: 8080
port: healthz
failureThreshold: 2
initialDelaySeconds: 15
periodSeconds: 60
timeoutSeconds: 3
readinessProbe:
httpGet:
path: /ready
port: 8080
port: healthz
initialDelaySeconds: 5
periodSeconds: 5
resources:
Expand Down Expand Up @@ -88,15 +90,17 @@ spec:
- name: https
containerPort: 9443
protocol: TCP
- containerPort: 8008
name: healthz
# TODO: implement probes
# livenessProbe:
# httpGet:
# path: /
# port: https
# port: healthz
# readinessProbe:
# httpGet:
# path: /
# port: https
# port: healthz
resources:
{{- toYaml .Values.controllerManager.resources | nindent 12 }}
volumeMounts:
Expand Down

0 comments on commit 495d9d6

Please sign in to comment.