Commit 40d93f25 authored by Sandro Mathys's avatar Sandro Mathys
Browse files

add default readiness and liveness probes to shibboleth container

parent c10597ea
......@@ -65,14 +65,6 @@ spec:
image: "{{ include "shibboleth-sp.backend.image" . }}"
imagePullPolicy: "{{ include "shibboleth-sp.backend.imagePullPolicy" . }}"
command: ["shibd", "-t"]
{{- if .Values.backend.readinessProbe }}
readinessProbe:
{{- .Values.backend.readinessProbe | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.backend.livenessProbe }}
livenessProbe:
{{- .Values.backend.livenessProbe | toYaml | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.backend.resources | nindent 12 }}
volumeMounts:
......@@ -152,6 +144,25 @@ spec:
- name: SHIBSP_LISTENER_ADDRESS
value: "/dev/shm/shibd.sock"
command: ["shibd", "-f", "-F"]
# This port is actually exposed by the apache container, but it's accessible from this
# container anyway. Because it's easier to probe liveness and readiness of the shibd
# through Apache, it makes sense to create this named port on this containers as well.
ports:
- name: apache
containerPort: 8080
protocol: TCP
{{- if .Values.backend.workaround.readinessProbe.enabled }}
{{- if .Values.backend.readinessProbe }}
readinessProbe:
{{- .Values.backend.readinessProbe | toYaml | nindent 12 }}
{{- end }}
{{- end }}
{{- if .Values.backend.workaround.livenessProbe.enabled }}
{{- if .Values.backend.livenessProbe }}
livenessProbe:
{{- .Values.backend.livenessProbe | toYaml | nindent 12 }}
{{- end }}
{{- end }}
resources:
{{- toYaml .Values.backend.resources | nindent 12 }}
volumeMounts:
......
......@@ -122,8 +122,45 @@ backend:
drop:
- all
readinessProbe: {}
livenessProbe: {}
# Note that this readinessProbe is identical to the frontend livenessProbe!
# Warning: overwriting this through an out-of-chart values file is not
# currently possible, but a fix seems close to merging, see:
# https://github.com/helm/helm/issues/9136
# https://github.com/helm/helm/pull/9138
# It might be possible to overwrite it on the command line with --set
readinessProbe:
httpGet:
scheme: HTTP
port: apache
# will counter-intuitively return HTTP 200 even if shibboleth backend is dead
path: /Shibboleth.sso/Session
initialDelaySeconds: 10
periodSeconds: 10
# Note that this livenessProbe is identical to the frontend readinessProbe!
# Warning: overwriting this through an out-of-chart values file is not
# currently possible, but a fix seems close to merging, see:
# https://github.com/helm/helm/issues/9136
# https://github.com/helm/helm/pull/9138
# It might be possible to overwrite it on the command line with --set
livenessProbe:
httpGet:
scheme: HTTP
port: apache
# will also return HTTP 500 if shibboleth backend is dead
path: /
initialDelaySeconds: 10
periodSeconds: 10
# TODO: remove when the issue mentioned above is fixed
# TODO: also remove related code in templates/deployment.yaml
# Enables / disables the included default livenessProbe and readinessProbe.
# Will be removed in future.
workaround:
readinessProbe:
enabled: true
livenessProbe:
enabled: true
resources: {}
# requests:
......@@ -253,7 +290,9 @@ frontend:
drop:
- all
# overwriting this is not currently possible, but a fix seems close to merging, see:
# Note that this readinessProbe is identical to the backend livenessProbe!
# Warning: overwriting this through an out-of-chart values file is not
# currently possible, but a fix seems close to merging, see:
# https://github.com/helm/helm/issues/9136
# https://github.com/helm/helm/pull/9138
# It might be possible to overwrite it on the command line with --set
......@@ -266,7 +305,9 @@ frontend:
initialDelaySeconds: 10
periodSeconds: 10
# Overwriting this is not currently possible, but a fix seems close to merging, see:
# Note that this livenessProbe is identical to the backend readinessProbe!
# Warning: overwriting this through an out-of-chart values file is not
# currently possible, but a fix seems close to merging, see:
# https://github.com/helm/helm/issues/9136
# https://github.com/helm/helm/pull/9138
# It might be possible to overwrite it on the command line with --set
......@@ -281,7 +322,7 @@ frontend:
# TODO: remove when the issue mentioned above is fixed
# TODO: also remove related code in templates/deployment.yaml
# Enables / disables the livenessProbe and readinessProbe.
# Enables / disables the included default livenessProbe and readinessProbe.
# Will be removed in future.
workaround:
readinessProbe:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment