Kubernetes Probe Configuration for Different Scenarios

Overview

Kubernetes is a powerful container orchestration platform, relies on various mechanisms to manage and maintain the health of containers in a cluster. Among the most vital features for ensuring the stability of applications running in a Kubernetes environment are liveness probes, readiness probes, and startup probes. These probes continuously monitor the state of containers and help the Kubernetes scheduler decide when to restart, route traffic to, or start containers.

In this blog, we will dive into configuring Kubernetes probes for different scenarios. Understanding how to use and configure probes appropriately will improve the availability, resilience, and overall reliability of applications in Kubernetes.

Kubernetes Probes

Probes are diagnostic checks that Kubernetes uses to assess the health of containers. There are three primary types of probes:

• Liveness Probe: Ensures that the container is running. If the liveness probe fails, Kubernetes will restart the container.
• Readiness Probe: Determines if a container is ready to accept traffic. A failed readiness probe prevents the container from receiving traffic.
• Startup Probe: Checks if the container has started successfully. This is especially useful for containers that need more time to start, preventing them from being prematurely marked as unhealthy. Liveness and readiness probes are not initiated until the startup probe succeeds.

Each probe can be configured using three methods:

• HTTP GET: Kubernetes makes an HTTP request to a specified path on a container.
• TCP Socket: Kubernetes tries to open a TCP socket on a specified port.
• Exec: Kubernetes executes a command inside the container.

Basic Configuration for Probes

Before diving into specific use cases, let’s review how to define probes in a Kubernetes manifest.

Here’s an example of a simple Liveness Probe for a web application:

In this example, the livenessProbe checks the /healthz endpoint of the container every 30 seconds, starting 10 seconds after the container starts.

Scenario 1: Application That Takes Time to Start

Some applications, particularly those with complex startup processes like initializing databases or loading data into memory, can take a long time to prepare. In these cases, Kubernetes’ default probe settings may not suffice, and you may encounter premature failures.

Problem: Your application might be marked as unhealthy or unavailable if the startup time is longer than the default probe settings.

Solution: You can adjust the startupProbe to give your container sufficient time to start. A startup probe is useful because it prevents other probes (like readiness and liveness probes) from marking your container as unhealthy while it is still starting up.

Example of using a startupProbe:

In this case, the startupProbe checks every 5 seconds, with a failure threshold of 30 attempts. If the probe fails 30 times (or for 150 seconds), Kubernetes will restart the container. This ensures that Kubernetes doesn’t prematurely restart your container if it is still in the process of starting up.

Scenario 2: Short-Lived Jobs

Short-lived jobs require careful probe configuration, such as batch processes or jobs that are completed within minutes or seconds. If a readiness probe or liveness probe is not configured correctly, Kubernetes might incorrectly determine that the container is unhealthy and trigger unnecessary restarts.

Problem: If you have short-lived jobs that complete quickly, the readiness and liveness probes might cause Kubernetes to mark the container as unhealthy before it completes its job.

Solution: Configure the readinessProbe to be minimally invasive, or skip it if it’s unnecessary for jobs that don’t need traffic routing.

Example configuration for a short-lived job:

In this case, the readinessProbe is configured to start immediately and execute every 5 seconds, with a timeout of 2 seconds. Adjusting the initial delay and probe frequency ensures Kubernetes doesn’t prematurely assume the job has failed or is incomplete.

Alternatively, you could omit the readiness probe entirely for jobs that don’t require continuous health checks.

Scenario 3: Applications with External Dependencies

Many modern applications depend on external services like databases, caching systems, or third-party APIs. If any of these services go down, the application might become unresponsive. In such cases, the readiness and liveness probes should be configured to account for service dependencies.

Problem: If your application relies on external services that might experience intermittent failures or slowdowns, Kubernetes might incorrectly restart or fail to route traffic to your container.

Solution: Use readiness probes to ensure traffic isn’t routed to the container until all dependencies are met, and configure liveness probes to handle more resilient responses if a dependency fails.

Example configuration for an app depending on a database:

Here, the readinessProbe uses an exec command to run an nc (netcat) check to see if the PostgreSQL database is reachable on port 5432. This ensures the app only accepts traffic when the database is available.

Scenario 4: Stateless Web Applications

Stateless web applications generally require simpler probes, which don’t depend on external services or complex initialization. For such cases, a liveness and readiness probe configuration can be straightforward.

Problem: While these apps don’t have complex requirements, improperly configured probes can still lead to unnecessary downtime or restarts.

Solution: Ensure that livenessProbe and readinessProbe are simple and configured with appropriate delays.

Example configuration for a stateless web app:

In this case, the livenessProbe checks every 20 seconds, starting 10 seconds after the container starts. The readinessProbe ensures the container can handle traffic 5 seconds after startup.

Best Practices for Probe Configuration

Regardless of your specific scenario, there are some best practices to keep in mind when configuring Kubernetes probes:

• Use Initial Delays: Always use initialDelaySeconds to allow your container time to start up properly before probes begin.
• Tune Timeout and Period: Adjust the timeoutSeconds and periodSeconds based on how long your application typically takes to respond.
• Use Multiple Probe Types: In more complex applications, you might use combinations of liveness, readiness, and startup probes to ensure robust health checks.
• Monitor Logs and Metrics: Continuously monitor your probes’ success and failure rates to understand how your application behaves under different conditions.

Conclusion

Always fine-tune your probe configurations based on real-world behavior to ensure that Kubernetes can make the best decisions to maintain your cluster’s reliability.

Drop a query if you have any questions regarding Kubernetes Probes and we will get back to you quickly.

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

CloudThat is the first Indian Company to win the prestigious Microsoft Partner 2024 Award and is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, Microsoft Gold Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, AWS GenAI Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner,  AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, Amazon ECS Service Delivery Partner, AWS Glue Service Delivery Partner, Amazon Redshift Service Delivery Partner, AWS Control Tower Service Delivery Partner, AWS WAF Service Delivery Partner, Amazon CloudFront Service Delivery Partner, Amazon OpenSearch Service Delivery Partner, AWS DMS Service Delivery Partner, AWS Systems Manager Service Delivery Partner, Amazon RDS Service Delivery Partner, AWS CloudFormation Service Delivery Partner and many more.