kube-apiserver: Allow probe customization

Uses the standard helm-toolkit macros for liveness and readiness probes, allowing them to be enabled or disabled, and params to be overridden. Change-Id: Ie9aef97f56f2205ada24f17e7cafabc5943ae097
2020-09-27 19:32:48 +00:00 · 2020-09-27 19:32:48 +00:00 · be7b82e1a1
parent 8c52be3dde
commit be7b82e1a1
2 changed files with 44 additions and 27 deletions
--- a/charts/apiserver/templates/etc/_kubernetes-apiserver.yaml.tpl
+++ b/charts/apiserver/templates/etc/_kubernetes-apiserver.yaml.tpl
@ -35,6 +35,31 @@
 {{- end -}}


+{{- define "livenessProbeTemplate" -}}
+exec:
+  command:
+  - /bin/bash
+  - -c
+  - |-
+    kubectl get nodes ${NODENAME} | grep ${NODENAME}
+    exit $?
+{{- end -}}
+
+
+{{- define "readinessProbeTemplate" -}}
+exec:
+  command:
+  - /bin/bash
+  - -c
+  - |-
+    if [ ! -f /etc/kubernetes/apiserver/pki/apiserver-both.pem ]; then
+      cat /etc/kubernetes/apiserver/pki/apiserver-key.pem <(echo) /etc/kubernetes/apiserver/pki/apiserver.pem > /etc/kubernetes/apiserver/pki/apiserver-both.pem
+    fi
+    echo -e 'GET /healthz HTTP/1.0\r\n' | socat - openssl:localhost:{{ .Values.network.kubernetes_apiserver.port }},cert=/etc/kubernetes/apiserver/pki/apiserver-both.pem,cafile=/etc/kubernetes/apiserver/pki/cluster-ca.pem | grep '200 OK'
+    exit $?
+{{- end -}}
+
+
 {{- $envAll := . }}
 ---
 apiVersion: v1
@ -100,34 +125,9 @@ spec:
      ports:
        - containerPort: {{ .Values.network.kubernetes_apiserver.port }}

-      readinessProbe:
-        exec:
-          command:
-          - /bin/bash
-          - -c
-          - |-
-            if [ ! -f /etc/kubernetes/apiserver/pki/apiserver-both.pem ]; then
-              cat /etc/kubernetes/apiserver/pki/apiserver-key.pem <(echo) /etc/kubernetes/apiserver/pki/apiserver.pem > /etc/kubernetes/apiserver/pki/apiserver-both.pem
-            fi
-            echo -e 'GET /healthz HTTP/1.0\r\n' | socat - openssl:localhost:{{ .Values.network.kubernetes_apiserver.port }},cert=/etc/kubernetes/apiserver/pki/apiserver-both.pem,cafile=/etc/kubernetes/apiserver/pki/cluster-ca.pem | grep '200 OK'
-            exit $?
-        initialDelaySeconds: 10
-        periodSeconds: 5
-        timeoutSeconds: 5
+{{ dict "envAll" . "component" "apiserver" "container" "apiserver" "type" "liveness" "probeTemplate" (include "livenessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | trim | indent 6 }}

-      livenessProbe:
-        exec:
-          command:
-          - /bin/bash
-          - -c
-          - |-
-            kubectl get nodes ${NODENAME} | grep ${NODENAME}
-            exit $?
-        failureThreshold: 3
-        initialDelaySeconds: 60
-        periodSeconds: 10
-        successThreshold: 1
-        timeoutSeconds: 10
+{{ dict "envAll" . "component" "apiserver" "container" "apiserver" "type" "readiness" "probeTemplate" (include "readinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | trim | indent 6 }}

      volumeMounts:
        - name: etc
--- a/charts/apiserver/values.yaml
+++ b/charts/apiserver/values.yaml
@ -333,6 +333,23 @@ pod:
      limits:
        memory: "1024Mi"
        cpu: "2000m"
+  probes:
+    apiserver:
+      apiserver:
+        liveness:
+          enabled: true
+          params:
+            failureThreshold: 3
+            initialDelaySeconds: 60
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 10
+        readiness:
+          enabled: true
+          params:
+            initialDelaySeconds: 10
+            periodSeconds: 5
+            timeoutSeconds: 5

 manifests:
  configmap_bin: true