Readiness and Liveness Probes

Overview

Goal	Configure Readiness and Liveness Probes of Microgateway correctly.
Notes	-

Preparation

Deploy the Kubernetes exercise
1.
Run the following commands:

copy

cd readiness-and-liveness-probes/exercise/

copy

kubectl apply -k .

The exercise has been deployed successfully.

The exercise does not contain any licenses. Therefore, Airlock Microgateway runs as Community Edition

For more details see Features and support.

To run the exercise as Premium Edition, copy a valid license to .templates/microgateway/secret/microgateway.lic and execute kubectl apply -k . to re-deploy the Microgateway.

Instruction

Change the Microgateway configuration
1.
Watch the logs of the Microgateway pod.

details...

Check the logs of the Microgateway configbuilder.

copy

kubectl logs -l app=microgateway -c configbuilder -f

Follow the logs of the Microgateway runtime container.

copy

kubectl logs -l app=microgateway -c microgateway -f

Follow the logs of the Microgateway runtime container and filter for interesting log messages. Mainly these are the log messages with the log_id WR-SG-SUMMARY and WR-SG-BLOCK. Under some circumstances, WR-SG-REJECT or WR-SG-BACK is also very interesting.

copy

kubectl logs -l app=microgateway -c microgateway -f | grep -iE "WR-SG-(SUMMARY|BLOCK|REJECT|BACK)"

Check the following
●
Did the Microgateway configbuilder start successfully?
●
Did the Microgateway runtime container start sucessfully?

details...

The following should be noticed:
●
The Microgateway configbuilder processed the configuration without any problems.
●
The Microgateway runtime container started without any problems.

2.
Check the status of the Microgateway pod.

Check the following:
●
Is the Microgateway pod ready?
●
What are the events shown for the Microgateway pod?

details...

The following should be noticed:
●
The kubectl describe command shows that the Pod is not ready.
●
The events listed show that the Readiness and Liveness Probe checks failed.

●
Kubernetes tried to reach the probe endpoint of the container on port 443.
●
The container is not deployed to accept any traffic on port 443. Adapt the Readiness and Liveness Probe configuration in the Microgateway deployment.

details...

List the Microgateway pods:

copy

kubectl get pod

copy

kubectl get pod -l app=microgateway

Show Microgateway pod details:

copy

kubectl describe pod -l app=microgateway

Once the pod is ready to process requests, the output of the kubectl describe command shows that the pod is ready.

...
   Conditions: 
  Type              Status 
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True
...

3.
Edit the Microgateway deployment definition.

Configure the following settings for the Microgateway deployment:
●
deployment.spec.template.spec.containers.readinessProbe.httpGet.port
●
deployment.spec.template.spec.containers.livenessProbe.httpGet.port

Use the (Microgateway) Liveness and Readiness probes to accomplish this task.

details...

Modify the deployment:
1.
Retrieve the current deployment definition:

copy

kubectl get deployments microgateway -o yaml > microgateway-deployment.yaml

2.
Adapt the file microgateway-deployment.yaml to your needs.
3.
Update the Microgateway deployment.

copy

kubectl apply -f microgateway-deployment.yaml

A new Microgateway pod will be deployed automatically after updating the Microgateway deployment.

details...

The modified part of the microgateway-deployment.yaml file looks as follow:

copy

      containers: 
        - name: microgateway
          ...            
          ports: 
            - name: http
              containerPort: 8080
            - name: https
              containerPort: 8443
            - name: probes
              containerPort: 9090
            - name: metrics
              containerPort: 9102
          readinessProbe: 
            ... 
            httpGet: 
              path: /healthy 
              port: probes 
            ... 
          livenessProbe: 
            ... 
            httpGet: 
              path: /alive 
              port: probes
            ...

4.
Check the status of the Microgateway pod.

details...

List the Microgateway pods:

copy

kubectl get pod

copy

kubectl get pod -l app=microgateway

Show Microgateway pod details:

copy

kubectl describe pod -l app=microgateway

Once the pod is ready to process requests, the output of the kubectl describe command shows that the pod is ready.

...
   Conditions: 
  Type              Status 
  Initialized       True 
  Ready             True 
  ContainersReady   True 
  PodScheduled      True
...

5.
Connect to the website:

●
Open the URL in your browser: https://<MINIKUBE_IP>/

The web application should be reachable from the browser.
6.
Watch the logs of the Microgateway pod.

details...

Check the logs of the Microgateway configbuilder.

copy

kubectl logs -l app=microgateway -c configbuilder -f

Follow the logs of the Microgateway runtime container.

copy

kubectl logs -l app=microgateway -c microgateway -f

copy

kubectl logs -l app=microgateway -c microgateway -f | grep -iE "WR-SG-(SUMMARY|BLOCK|REJECT|BACK)"

The log message WR-SG-SUMMARY with the key action:allowed indicates that the request has successfully proceeded.

Cleanup

Delete Kubernetes resources from previously exercises or solutions
1.
Run the following commands:

copy

kubectl delete all,ing,cm,secrets,pv,pvc,sa,roles,rolebindings,clusterroles,clusterrolebindings -l purpose=microgateway-tutorial

All relevant Kubernetes resources in the namespace have been deleted successfully.

Overview

Preparation

Instruction

Cleanup

Further information and links