diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index a9d9b679e8..6e4e843f07 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -30,6 +30,9 @@ spec: image: ocs-dev/ocs-operator:latest imagePullPolicy: Always name: ocs-operator + ports: + - name: healthz + containerPort: 8081 env: - name: WATCH_NAMESPACE valueFrom: @@ -38,13 +41,23 @@ spec: readinessProbe: httpGet: path: /readyz - port: 8081 + port: healthz initialDelaySeconds: 5 periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 15 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 securityContext: allowPrivilegeEscalation: false capabilities: - drop: + drop: - all readOnlyRootFilesystem: true terminationMessagePolicy: FallbackToLogsOnError diff --git a/deploy/csv-templates/ocs-operator.csv.yaml.in b/deploy/csv-templates/ocs-operator.csv.yaml.in index f7b4262ef9..c375a50b13 100644 --- a/deploy/csv-templates/ocs-operator.csv.yaml.in +++ b/deploy/csv-templates/ocs-operator.csv.yaml.in @@ -79,7 +79,7 @@ metadata: "spec": null } ] - createdAt: "2025-10-15T10:57:28Z" + createdAt: "2025-10-30T10:14:09Z" description: Red Hat OpenShift Container Storage provides hyperconverged storage for applications within an OpenShift cluster. operators.operatorframework.io/builder: operator-sdk-v1.30.0 @@ -624,13 +624,26 @@ spec: fieldPath: metadata.annotations['olm.targetNamespaces'] image: quay.io/ocs-dev/ocs-operator:latest imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 15 + periodSeconds: 10 + timeoutSeconds: 5 name: ocs-operator + ports: + - containerPort: 8081 + name: healthz readinessProbe: + failureThreshold: 3 httpGet: path: /readyz - port: 8081 + port: healthz initialDelaySeconds: 5 periodSeconds: 10 + timeoutSeconds: 5 resources: {} securityContext: allowPrivilegeEscalation: false diff --git a/deploy/ocs-operator/manifests/ocs-operator.clusterserviceversion.yaml b/deploy/ocs-operator/manifests/ocs-operator.clusterserviceversion.yaml index f58850507b..ca00b808f8 100644 --- a/deploy/ocs-operator/manifests/ocs-operator.clusterserviceversion.yaml +++ b/deploy/ocs-operator/manifests/ocs-operator.clusterserviceversion.yaml @@ -56,7 +56,7 @@ metadata: capabilities: Deep Insights categories: Storage containerImage: quay.io/ocs-dev/ocs-operator:latest - createdAt: "2025-10-15T10:57:28Z" + createdAt: "2025-10-30T10:14:09Z" description: Red Hat OpenShift Container Storage provides hyperconverged storage for applications within an OpenShift cluster. external.features.ocs.openshift.io/supported-platforms: '["BareMetal", "None", @@ -663,13 +663,26 @@ spec: fieldPath: metadata.namespace image: quay.io/ocs-dev/ocs-operator:latest imagePullPolicy: Always + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: healthz + initialDelaySeconds: 15 + periodSeconds: 10 + timeoutSeconds: 5 name: ocs-operator + ports: + - containerPort: 8081 + name: healthz readinessProbe: + failureThreshold: 3 httpGet: path: /readyz - port: 8081 + port: healthz initialDelaySeconds: 5 periodSeconds: 10 + timeoutSeconds: 5 resources: limits: cpu: 250m diff --git a/main.go b/main.go index 3e60fd1615..3639b1c6af 100644 --- a/main.go +++ b/main.go @@ -61,6 +61,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/cache" apiclient "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" "sigs.k8s.io/controller-runtime/pkg/manager" metrics "sigs.k8s.io/controller-runtime/pkg/metrics/server" @@ -305,6 +306,12 @@ func main() { os.Exit(1) } + // Liveness (/healthz) + if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil { + setupLog.Error(err, "unable to add a health check") + os.Exit(1) + } + // Add readiness probe if err := mgr.AddReadyzCheck("readyz", storagecluster.ReadinessChecker); err != nil { setupLog.Error(err, "unable add a readiness check")