From 787d4ee27f34a72c16659341c83ad8bcc006650e Mon Sep 17 00:00:00 2001 From: John Mazzitelli Date: Mon, 11 Nov 2024 13:30:09 -0500 Subject: [PATCH 1/2] add terminationMessagePolicy, set to FallbackToLogsOnError --- manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml | 1 + .../2.2.0/manifests/kiali.v2.2.0.clusterserviceversion.yaml | 1 + roles/default/kiali-deploy/templates/kubernetes/deployment.yaml | 1 + roles/default/kiali-deploy/templates/openshift/deployment.yaml | 1 + 4 files changed, 4 insertions(+) diff --git a/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml b/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml index 26e0c750..be1bd283 100644 --- a/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml +++ b/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml @@ -260,6 +260,7 @@ spec: - "--zap-log-level=info" - "--leader-election-id=kiali-operator" - "--watches-file=./$(WATCHES_FILE)" + terminationMessagePolicy: FallbackToLogsOnError securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/manifests/kiali-upstream/2.2.0/manifests/kiali.v2.2.0.clusterserviceversion.yaml b/manifests/kiali-upstream/2.2.0/manifests/kiali.v2.2.0.clusterserviceversion.yaml index d18317c1..ebf320e3 100644 --- a/manifests/kiali-upstream/2.2.0/manifests/kiali.v2.2.0.clusterserviceversion.yaml +++ b/manifests/kiali-upstream/2.2.0/manifests/kiali.v2.2.0.clusterserviceversion.yaml @@ -201,6 +201,7 @@ spec: - "--zap-log-level=info" - "--leader-election-id=kiali-operator" - "--watches-file=./$(WATCHES_FILE)" + terminationMessagePolicy: FallbackToLogsOnError securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml b/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml index 86387709..4d887eff 100644 --- a/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml +++ b/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml @@ -66,6 +66,7 @@ spec: - "/opt/kiali/kiali" - "-config" - "/kiali-configuration/config.yaml" + terminationMessagePolicy: FallbackToLogsOnError securityContext: {% if kiali_vars.deployment.security_context|length > 0 %} {{ kiali_vars.deployment.security_context | to_nice_yaml(indent=0) | trim | indent(10) }} diff --git a/roles/default/kiali-deploy/templates/openshift/deployment.yaml b/roles/default/kiali-deploy/templates/openshift/deployment.yaml index de40c8ce..f0082e79 100644 --- a/roles/default/kiali-deploy/templates/openshift/deployment.yaml +++ b/roles/default/kiali-deploy/templates/openshift/deployment.yaml @@ -66,6 +66,7 @@ spec: - "/opt/kiali/kiali" - "-config" - "/kiali-configuration/config.yaml" + terminationMessagePolicy: FallbackToLogsOnError securityContext: {% if kiali_vars.deployment.security_context|length > 0 %} {{ kiali_vars.deployment.security_context | to_nice_yaml(indent=0) | trim | indent(10) }} From 6da2aba60632fc3b0ed23db99cf5135bbb366bd8 Mon Sep 17 00:00:00 2001 From: John Mazzitelli Date: Mon, 11 Nov 2024 13:56:16 -0500 Subject: [PATCH 2/2] probes --- .../manifests/kiali.clusterserviceversion.yaml | 18 ++++++++++++++++++ .../kiali.v2.2.0.clusterserviceversion.yaml | 18 ++++++++++++++++++ .../templates/kubernetes/deployment.yaml | 8 ++++++++ .../templates/openshift/deployment.yaml | 8 ++++++++ 4 files changed, 52 insertions(+) diff --git a/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml b/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml index be1bd283..63072349 100644 --- a/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml +++ b/manifests/kiali-ossm/manifests/kiali.clusterserviceversion.yaml @@ -260,7 +260,25 @@ spec: - "--zap-log-level=info" - "--leader-election-id=kiali-operator" - "--watches-file=./$(WATCHES_FILE)" + - "--health-probe-bind-address=:6789" terminationMessagePolicy: FallbackToLogsOnError + readinessProbe: + httpGet: + path: /readyz + port: 6789 + periodSeconds: 30 + livenessProbe: + httpGet: + path: /healthz + port: 6789 + periodSeconds: 30 + startupProbe: + httpGet: + path: /healthz + port: 6789 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/manifests/kiali-upstream/2.2.0/manifests/kiali.v2.2.0.clusterserviceversion.yaml b/manifests/kiali-upstream/2.2.0/manifests/kiali.v2.2.0.clusterserviceversion.yaml index ebf320e3..7d4f53da 100644 --- a/manifests/kiali-upstream/2.2.0/manifests/kiali.v2.2.0.clusterserviceversion.yaml +++ b/manifests/kiali-upstream/2.2.0/manifests/kiali.v2.2.0.clusterserviceversion.yaml @@ -201,7 +201,25 @@ spec: - "--zap-log-level=info" - "--leader-election-id=kiali-operator" - "--watches-file=./$(WATCHES_FILE)" + - "--health-probe-bind-address=:6789" terminationMessagePolicy: FallbackToLogsOnError + readinessProbe: + httpGet: + path: /readyz + port: 6789 + periodSeconds: 30 + livenessProbe: + httpGet: + path: /healthz + port: 6789 + periodSeconds: 30 + startupProbe: + httpGet: + path: /healthz + port: 6789 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 securityContext: allowPrivilegeEscalation: false privileged: false diff --git a/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml b/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml index 4d887eff..a669a22e 100644 --- a/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml +++ b/roles/default/kiali-deploy/templates/kubernetes/deployment.yaml @@ -101,6 +101,14 @@ spec: scheme: {{ 'HTTP' if kiali_vars.identity.cert_file == "" else 'HTTPS' }} initialDelaySeconds: 5 periodSeconds: 30 + startupProbe: + httpGet: + path: {{ kiali_vars.server.web_root | regex_replace('\\/$', '') }}/healthz + port: api-port + scheme: {{ 'HTTP' if kiali_vars.identity.cert_file == "" else 'HTTPS' }} + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 env: - name: ACTIVE_NAMESPACE valueFrom: diff --git a/roles/default/kiali-deploy/templates/openshift/deployment.yaml b/roles/default/kiali-deploy/templates/openshift/deployment.yaml index f0082e79..c62442d2 100644 --- a/roles/default/kiali-deploy/templates/openshift/deployment.yaml +++ b/roles/default/kiali-deploy/templates/openshift/deployment.yaml @@ -101,6 +101,14 @@ spec: scheme: {{ 'HTTP' if kiali_vars.identity.cert_file == "" else 'HTTPS' }} initialDelaySeconds: 5 periodSeconds: 30 + startupProbe: + httpGet: + path: {{ kiali_vars.server.web_root | regex_replace('\\/$', '') }}/healthz + port: api-port + scheme: {{ 'HTTP' if kiali_vars.identity.cert_file == "" else 'HTTPS' }} + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 env: - name: ACTIVE_NAMESPACE valueFrom: