Kubernetes Readiness and Liveness Probes
Readiness and Liveness probes, what is the difference?
A readiness probe checks if a container is ready to serve traffic. If the readiness probe fails, Kubernetes will not start sending traffic to the container until it becomes ready. For example, if a database container is performing an upgrade, the readiness probe could detect this and prevent traffic from being sent until the upgrade is complete.
On the other hand, a liveness probe checks if a container is still running. If the liveness probe fails, Kubernetes will restart the container to try and restore it to a healthy state. For example, if a web server container is no longer serving requests, the liveness probe could detect this and trigger a restart.
There are numerous ways to implement liveness and readiness probes, such as HTTP requests, TCP socket connections, and command execution. The specific implementation will depend on the application you’re running in your container.
K8s has a third type of probes: Startup probes.
You may have to deal with legacy apps that could take longer to start up the first time. In these situations, setting up liveness probe parameters might be challenging without sacrificing the quick response time that led to the probe’s creation. Setting up a startup probe with the same command, HTTP or TCP check, and a failureThreshold * periodSeconds long enough to cover for the worst-case startup delay is the trick. When such a probe is enabled, it suppresses liveness and readiness checks until it succeeds, ensuring that those probes do not interfere with application startup.
What if we don't specify a liveness probe?
Without a liveness probe specified, K8s will determine whether to restart your container based on the PID 1 process of the container. All other processes running inside the container are children of the PID 1 process. The first process inside a container will take on the particular responsibilities of PID 1 because each container starts out with its own process namespace.
The container is presumed to have died by K8s if the PID 1 process exits and no liveness probe is defined, which happens in most cases safely. The only universally effective, application-neutral corrective measure is to restart the process. K8s will leave the container running as long as PID 1 is active, regardless of whether any child processes are active.
This default behavior might be exactly what you want if your application has one process, which is PID 1, in which case you won’t need a liveness probe. It might not be what you want if you use an init tool like tini or dumb-init. Each application must decide whether to design its own liveness probe or to follow the default behavior.