diff --git a/CHANGELOG.md b/CHANGELOG.md
index 03a4165c..7c157f47 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,10 @@ All notable changes to this project will be documented in this file.
 - "Debug" toggle for fluent bit sidecars
 
 ### Changed
+
+- zookeeper - update liveness and readyness probes to only check SSL access and remove superfluous Service resource called
+  zookeeper-headless.
+
 ### Deprecated
 ### Removed
 ### Fixed
diff --git a/controllers/softwarefactory_controller.go b/controllers/softwarefactory_controller.go
index 24b4f30c..7e4352fb 100644
--- a/controllers/softwarefactory_controller.go
+++ b/controllers/softwarefactory_controller.go
@@ -164,6 +164,11 @@ func (r *SFController) cleanup() {
 			Name:      r.cr.Spec.FQDN + "-zuul-red",
 		},
 	})
+	// Remove unneeded extra Service resource for Zookeeper
+	currentZKHeadlessSVC := corev1.Service{}
+	if r.GetM("zookeeper-headless", &currentZKHeadlessSVC) {
+		r.DeleteR(&currentZKHeadlessSVC)
+	}
 }
 
 func (r *SFController) validate() error {
diff --git a/controllers/static/zookeeper/ok.sh b/controllers/static/zookeeper/ok.sh
deleted file mode 100644
index ebfa2747..00000000
--- a/controllers/static/zookeeper/ok.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-if [ -f /tls/client/ca.crt ]; then
-  echo "srvr" | openssl s_client -CAfile /tls/client/ca.crt -cert /tls/client/tls.crt -key /tls/client/tls.key -connect 127.0.0.1:"${1:-2281}" -quiet -ign_eof 2>/dev/null | grep Mode
-else
-  zkServer.sh status
-fi
diff --git a/controllers/static/zookeeper/probe.sh b/controllers/static/zookeeper/probe.sh
new file mode 100644
index 00000000..08e082eb
--- /dev/null
+++ b/controllers/static/zookeeper/probe.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+echo "ruok" | openssl s_client -CAfile /tls/client/ca.crt -cert /tls/client/tls.crt -key /tls/client/tls.key \
+  -connect 127.0.0.1:2281 -quiet 2>/dev/null | grep "imok"
diff --git a/controllers/static/zookeeper/ready.sh b/controllers/static/zookeeper/ready.sh
deleted file mode 100644
index a34fff44..00000000
--- a/controllers/static/zookeeper/ready.sh
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-if [ -f /tls/client/ca.crt ]; then
-  echo "ruok" | openssl s_client -CAfile /tls/client/ca.crt -cert /tls/client/tls.crt -key /tls/client/tls.key -connect 127.0.0.1:"${1:-2281}" -quiet -ign_eof 2>/dev/null
-else
-  echo ruok | nc 127.0.0.1 "${1:-2181}"
-fi
diff --git a/controllers/zookeeper.go b/controllers/zookeeper.go
index 86f05046..d69ff76e 100644
--- a/controllers/zookeeper.go
+++ b/controllers/zookeeper.go
@@ -17,11 +17,8 @@ import (
 	apiv1 "k8s.io/api/core/v1"
 )
 
-//go:embed static/zookeeper/ok.sh
-var zookeeperOk string
-
-//go:embed static/zookeeper/ready.sh
-var zookeeperReady string
+//go:embed static/zookeeper/probe.sh
+var zookeeperProbe string
 
 //go:embed static/zookeeper/run.sh
 var zookeeperRun string
@@ -32,18 +29,9 @@ var zkFluentBitForwarderConfig string
 //go:embed static/zookeeper/logback.xml
 var zkLogbackConfig string
 
-const zkPortName = "zk"
-const zkPort = 2181
-
 const zkSSLPortName = "zkssl"
 const zkSSLPort = 2281
 
-const zkElectionPortName = "zkelection"
-const zkElectionPort = 3888
-
-const zkServerPortName = "zkserver"
-const zkServerPort = 2888
-
 const ZookeeperIdent = "zookeeper"
 const zkPIMountPath = "/config-scripts"
 
@@ -103,13 +91,12 @@ func (r *SFController) DeployZookeeper() bool {
 	}
 
 	cmData := make(map[string]string)
-	cmData["ok.sh"] = zookeeperOk
-	cmData["ready.sh"] = zookeeperReady
+	cmData["probe.sh"] = zookeeperProbe
 	cmData["run.sh"] = zookeeperRun
 	cmData["logback.xml"] = zkLogbackConfig
 	r.EnsureConfigMap(ZookeeperIdent+"-pi", cmData)
 
-	configChecksumable := zookeeperOk + "\n" + zookeeperReady + "\n" + zookeeperRun + "\n" + zkLogbackConfig
+	configChecksumable := zookeeperProbe + "\n" + zookeeperRun + "\n" + zkLogbackConfig
 
 	annotations := map[string]string{
 		"configuration": utils.Checksum([]byte(configChecksumable)),
@@ -153,9 +140,6 @@ func (r *SFController) DeployZookeeper() bool {
 	srv := base.MkServicePod(ZookeeperIdent, r.ns, ZookeeperIdent+"-0", []int32{zkSSLPort}, ZookeeperIdent)
 	r.EnsureService(&srv)
 
-	srvZK := base.MkHeadlessServicePod(ZookeeperIdent, r.ns, ZookeeperIdent+"-0", []int32{zkSSLPort, zkElectionPort, zkServerPort}, ZookeeperIdent)
-	r.EnsureService(&srvZK)
-
 	storageConfig := r.getStorageConfOrDefault(r.cr.Spec.Zookeeper.Storage)
 	logStorageConfig := base.StorageConfig{
 		Size:             utils.Qty1Gi(),
@@ -179,13 +163,10 @@ func (r *SFController) DeployZookeeper() bool {
 		base.MkVolumeSecret("zookeeper-server-tls"),
 		base.MkEmptyDirVolume(ZookeeperIdent + "-conf"),
 	}
-	zk.Spec.Template.Spec.Containers[0].ReadinessProbe = base.MkReadinessCMDProbe([]string{"/bin/bash", "/config-scripts/ready.sh"})
-	zk.Spec.Template.Spec.Containers[0].LivenessProbe = base.MkReadinessCMDProbe([]string{"/bin/bash", "/config-scripts/ok.sh"})
+	zk.Spec.Template.Spec.Containers[0].ReadinessProbe = base.MkReadinessCMDProbe([]string{"/bin/bash", "/config-scripts/probe.sh"})
+	zk.Spec.Template.Spec.Containers[0].LivenessProbe = base.MkLivenessCMDProbe([]string{"/bin/bash", "/config-scripts/probe.sh"})
 	zk.Spec.Template.Spec.Containers[0].Ports = []apiv1.ContainerPort{
-		base.MkContainerPort(zkPort, zkPortName),
 		base.MkContainerPort(zkSSLPort, zkSSLPortName),
-		base.MkContainerPort(zkElectionPort, zkElectionPortName),
-		base.MkContainerPort(zkServerPort, zkServerPortName),
 	}
 
 	if r.cr.Spec.FluentBitLogForwarding != nil {