Skip to main content

☑️ Ensure each container has a configured liveness probe

Liveness probes allow Kubernetes to determine when a pod should be replaced. They are fundamental in configuring a resilient cluster architecture.

Targeted objects by this rule (types of kind): Deployment / Pod / DaemonSet / StatefulSet / ReplicaSet / CronJob / Job

Complexity: hard (What does this mean?)

Policy as code identifier: CONTAINERS_MISSING_LIVENESSPROBE_KEY


This rule will fail

If a container doesn't have livenessProbe configured

spec:
containers:
- name: app
image: nginx:1.19.8

Rule output in the CLI

$ datree test *.yaml

>> File: failExample.yaml
❌ Ensure each container has a configured liveness probe [1 occurrence]
💡 Missing property object `livenessProbe` - add a properly configured livenessProbe to catch possible deadlocks

How to fix this failure

Configure a liveness probe with an HTTP request, TCP protocol or exec command (the least recommended option)

spec:
containers:
- name: app
image: nginx:1.19.8
livenessProbe:
httpGet:
path: /healthz
port: 8080
spec:
containers:
- name: app
image: nginx:1.19.8
livenessProbe:
tcpSocket:
port: 8080
spec:
containers:
- name: app
image: nginx:1.19.8
livenessProbe:
exec:
command:
- cat
- /tmp/healthy

Read more