From fda4e2e5ad73212b341a542c1ca8772e1cc6382e Mon Sep 17 00:00:00 2001 From: yivantsov-atlassian <52448429+bianchi2@users.noreply.github.com> Date: Thu, 17 Aug 2023 19:06:38 +1000 Subject: [PATCH] Make startup probes optional (#646) Co-authored-by: Yevhen Ivantsov --- src/main/charts/bamboo/README.md | 1 + .../charts/bamboo/templates/statefulset.yaml | 2 ++ src/main/charts/bamboo/values.yaml | 4 ++++ src/main/charts/bitbucket/README.md | 1 + .../bitbucket/templates/statefulset.yaml | 2 ++ src/main/charts/bitbucket/values.yaml | 4 ++++ src/main/charts/confluence/README.md | 1 + .../confluence/templates/statefulset.yaml | 2 ++ src/main/charts/confluence/values.yaml | 4 ++++ src/main/charts/crowd/README.md | 1 + .../charts/crowd/templates/statefulset.yaml | 2 ++ src/main/charts/crowd/values.yaml | 4 ++++ src/main/charts/jira/README.md | 1 + .../charts/jira/templates/statefulset.yaml | 2 ++ src/main/charts/jira/values.yaml | 6 ++++- .../test/ReadinessLivenessProbesTest.java | 23 +++++++++++++++++++ 16 files changed, 59 insertions(+), 1 deletion(-) diff --git a/src/main/charts/bamboo/README.md b/src/main/charts/bamboo/README.md index 5c6be76f8..184a9baf6 100644 --- a/src/main/charts/bamboo/README.md +++ b/src/main/charts/bamboo/README.md @@ -85,6 +85,7 @@ Kubernetes: `>=1.21.x-0` | bamboo.setPermissions | bool | `true` | Boolean to define whether to set local home directory permissions on startup of Bamboo container. Set to 'false' to disable this behaviour. | | bamboo.shutdown.command | string | `"/shutdown-wait.sh"` | By default pods will be stopped via a [preStop hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/), using a script supplied by the Docker image. If any other shutdown behaviour is needed it can be achieved by overriding this value. Note that the shutdown command needs to wait for the application shutdown completely before exiting; see [the default command](https://bitbucket.org/atlassian-docker/docker-bamboo-server/src/master/shutdown-wait.sh) for details. | | bamboo.shutdown.terminationGracePeriodSeconds | int | `30` | The termination grace period for pods during shutdown. This should be set to the internal grace period, plus a small buffer to allow the JVM to fully terminate. | +| bamboo.startupProbe.enabled | bool | `true` | Whether to apply the startupProbe check to pod. | | bamboo.startupProbe.failureThreshold | int | `120` | The number of consecutive failures of the Bamboo container startup probe before the pod fails startup checks. | | bamboo.startupProbe.periodSeconds | int | `5` | How often (in seconds) the Bamboo container startup probe will run | | bamboo.sysadminCredentials | object | `{"displayNameSecretKey":"displayName","emailAddressSecretKey":"emailAddress","passwordSecretKey":"password","secretName":null,"usernameSecretKey":"username"}` | The admin user configuration, and credentials that Bamboo should use. If supplied here the admin configuration will be skipped in the setup wizard. | diff --git a/src/main/charts/bamboo/templates/statefulset.yaml b/src/main/charts/bamboo/templates/statefulset.yaml index f4bd4bdaf..c128c1494 100644 --- a/src/main/charts/bamboo/templates/statefulset.yaml +++ b/src/main/charts/bamboo/templates/statefulset.yaml @@ -178,11 +178,13 @@ spec: failureThreshold: {{ .Values.bamboo.readinessProbe.failureThreshold }} {{- end }} {{- end }} + {{- if .Values.bamboo.startupProbe.enabled }} startupProbe: tcpSocket: port: {{ .Values.bamboo.ports.http }} periodSeconds: {{ .Values.bamboo.startupProbe.periodSeconds }} failureThreshold: {{ .Values.bamboo.startupProbe.failureThreshold }} + {{- end }} {{- if .Values.bamboo.livenessProbe.enabled }} livenessProbe: tcpSocket: diff --git a/src/main/charts/bamboo/values.yaml b/src/main/charts/bamboo/values.yaml index 538fb2cbf..785304f04 100644 --- a/src/main/charts/bamboo/values.yaml +++ b/src/main/charts/bamboo/values.yaml @@ -630,6 +630,10 @@ bamboo: # startupProbe: + # -- Whether to apply the startupProbe check to pod. + # + enabled: true + # -- How often (in seconds) the Bamboo container startup probe will run # periodSeconds: 5 diff --git a/src/main/charts/bitbucket/README.md b/src/main/charts/bitbucket/README.md index 2ff5b8ed7..2e7164877 100644 --- a/src/main/charts/bitbucket/README.md +++ b/src/main/charts/bitbucket/README.md @@ -120,6 +120,7 @@ Kubernetes: `>=1.21.x-0` | bitbucket.sshService.loadBalancerIP | string | `nil` | Use specific loadBalancerIP. Only applies to service type LoadBalancer. | | bitbucket.sshService.port | int | `22` | Port to expose the SSH service on. | | bitbucket.sshService.type | string | `"LoadBalancer"` | SSH Service type | +| bitbucket.startupProbe.enabled | bool | `true` | Whether to apply the startupProbe check to pod. | | bitbucket.startupProbe.failureThreshold | int | `120` | The number of consecutive failures of the Bitbucket container startup probe before the pod fails startup checks. | | bitbucket.startupProbe.periodSeconds | int | `5` | How often (in seconds) the Bitbucket container startup probe will run | | bitbucket.sysadminCredentials.displayNameSecretKey | string | `"displayName"` | The key in the Kubernetes Secret that contains the sysadmin display name | diff --git a/src/main/charts/bitbucket/templates/statefulset.yaml b/src/main/charts/bitbucket/templates/statefulset.yaml index d63aaf432..ca93a9f9d 100644 --- a/src/main/charts/bitbucket/templates/statefulset.yaml +++ b/src/main/charts/bitbucket/templates/statefulset.yaml @@ -100,11 +100,13 @@ spec: failureThreshold: {{ .Values.bitbucket.readinessProbe.failureThreshold }} {{- end }} {{- end }} + {{- if .Values.bitbucket.startupProbe.enabled }} startupProbe: tcpSocket: port: {{ .Values.bitbucket.ports.http }} periodSeconds: {{ .Values.bitbucket.startupProbe.periodSeconds }} failureThreshold: {{ .Values.bitbucket.startupProbe.failureThreshold }} + {{- end }} {{- if .Values.bitbucket.livenessProbe.enabled }} livenessProbe: tcpSocket: diff --git a/src/main/charts/bitbucket/values.yaml b/src/main/charts/bitbucket/values.yaml index d26ffa29c..cfa246f35 100644 --- a/src/main/charts/bitbucket/values.yaml +++ b/src/main/charts/bitbucket/values.yaml @@ -696,6 +696,10 @@ bitbucket: # startupProbe: + # -- Whether to apply the startupProbe check to pod. + # + enabled: true + # -- How often (in seconds) the Bitbucket container startup probe will run # periodSeconds: 5 diff --git a/src/main/charts/confluence/README.md b/src/main/charts/confluence/README.md index 2e5f5b841..53137e549 100644 --- a/src/main/charts/confluence/README.md +++ b/src/main/charts/confluence/README.md @@ -83,6 +83,7 @@ Kubernetes: `>=1.21.x-0` | confluence.setPermissions | bool | `true` | Boolean to define whether to set local home directory permissions on startup of Confluence container. Set to 'false' to disable this behaviour. | | confluence.shutdown.command | string | `"/shutdown-wait.sh"` | By default pods will be stopped via a [preStop hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/), using a script supplied by the Docker image. If any other shutdown behaviour is needed it can be achieved by overriding this value. Note that the shutdown command needs to wait for the application shutdown completely before exiting; see [the default command](https://bitbucket.org/atlassian-docker/docker-atlassian-confluence-server/src/master/shutdown-wait.sh) for details. | | confluence.shutdown.terminationGracePeriodSeconds | int | `25` | The termination grace period for pods during shutdown. This should be set to the Confluence internal grace period (default 20 seconds), plus a small buffer to allow the JVM to fully terminate. | +| confluence.startupProbe.enabled | bool | `true` | Whether to apply the startupProbe check to pod. | | confluence.startupProbe.failureThreshold | int | `120` | The number of consecutive failures of the Confluence container startup probe before the pod fails startup checks. | | confluence.startupProbe.periodSeconds | int | `5` | How often (in seconds) the Confluence container startup probe will run | | confluence.tomcatConfig | object | `{"acceptCount":"10","connectionTimeout":"20000","customServerXml":"","debug":"0","enableLookups":"false","generateByHelm":false,"maxHttpHeaderSize":"8192","maxThreads":"100","mgmtPort":"8000","minSpareThreads":"10","port":"8090","protocol":"org.apache.coyote.http11.Http11NioProtocol","proxyInternalIps":null,"proxyName":null,"proxyPort":null,"redirectPort":"8443","scheme":null,"secure":null,"uriEncoding":"UTF-8"}` | By default Tomcat's server.xml is generated in the container entrypoint from a template shipped with an official Confluence image. However, server.xml generation may fail if container is not run as root, which is a common case if Confluence is deployed to OpenShift. | diff --git a/src/main/charts/confluence/templates/statefulset.yaml b/src/main/charts/confluence/templates/statefulset.yaml index cd772f713..81b823c8d 100644 --- a/src/main/charts/confluence/templates/statefulset.yaml +++ b/src/main/charts/confluence/templates/statefulset.yaml @@ -89,11 +89,13 @@ spec: failureThreshold: {{ .Values.confluence.readinessProbe.failureThreshold }} {{- end }} {{- end }} + {{- if .Values.confluence.startupProbe.enabled }} startupProbe: tcpSocket: port: {{ .Values.confluence.ports.http }} periodSeconds: {{ .Values.confluence.startupProbe.periodSeconds }} failureThreshold: {{ .Values.confluence.startupProbe.failureThreshold }} + {{- end }} {{- if .Values.confluence.livenessProbe.enabled }} livenessProbe: tcpSocket: diff --git a/src/main/charts/confluence/values.yaml b/src/main/charts/confluence/values.yaml index 0f2da4c0c..311a88368 100644 --- a/src/main/charts/confluence/values.yaml +++ b/src/main/charts/confluence/values.yaml @@ -628,6 +628,10 @@ confluence: # startupProbe: + # -- Whether to apply the startupProbe check to pod. + # + enabled: true + # -- How often (in seconds) the Confluence container startup probe will run # periodSeconds: 5 diff --git a/src/main/charts/crowd/README.md b/src/main/charts/crowd/README.md index 9a2e21062..243afa942 100644 --- a/src/main/charts/crowd/README.md +++ b/src/main/charts/crowd/README.md @@ -69,6 +69,7 @@ Kubernetes: `>=1.21.x-0` | crowd.setPermissions | bool | `true` | Boolean to define whether to set local home directory permissions on startup of Crowd container. Set to 'false' to disable this behaviour. | | crowd.shutdown.command | string | `"/shutdown-wait.sh"` | By default pods will be stopped via a [preStop hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/), using a script supplied by the Docker image. If any other shutdown behaviour is needed it can be achieved by overriding this value. Note that the shutdown command needs to wait for the application shutdown completely before exiting; see [the default command](https://bitbucket.org/atlassian-docker/docker-atlassian-crowd/src/master/shutdown-wait.sh) for details. | | crowd.shutdown.terminationGracePeriodSeconds | int | `30` | The termination grace period for pods during shutdown. This should be set to the internal grace period, plus a small buffer to allow the JVM to fully terminate. | +| crowd.startupProbe.enabled | bool | `true` | Whether to apply the startupProbe check to pod. | | crowd.startupProbe.failureThreshold | int | `120` | The number of consecutive failures of the Crowd container startup probe before the pod fails startup checks. | | crowd.startupProbe.periodSeconds | int | `5` | How often (in seconds) the Crowd container startup probe will run | | crowd.topologySpreadConstraints | list | `[]` | Defines topology spread constraints for Crowd pods. See details: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ | diff --git a/src/main/charts/crowd/templates/statefulset.yaml b/src/main/charts/crowd/templates/statefulset.yaml index 22c6d488d..7038ae1d2 100644 --- a/src/main/charts/crowd/templates/statefulset.yaml +++ b/src/main/charts/crowd/templates/statefulset.yaml @@ -86,11 +86,13 @@ spec: failureThreshold: {{ .Values.crowd.readinessProbe.failureThreshold }} {{- end }} {{- end }} + {{- if .Values.crowd.startupProbe.enabled }} startupProbe: tcpSocket: port: {{ .Values.crowd.ports.http }} periodSeconds: {{ .Values.crowd.startupProbe.periodSeconds }} failureThreshold: {{ .Values.crowd.startupProbe.failureThreshold }} + {{- end }} {{- if .Values.crowd.livenessProbe.enabled }} livenessProbe: tcpSocket: diff --git a/src/main/charts/crowd/values.yaml b/src/main/charts/crowd/values.yaml index d7effc143..475f2f7d5 100644 --- a/src/main/charts/crowd/values.yaml +++ b/src/main/charts/crowd/values.yaml @@ -197,6 +197,10 @@ crowd: startupProbe: + # -- Whether to apply the startupProbe check to pod. + # + enabled: true + # -- How often (in seconds) the Crowd container startup probe will run # periodSeconds: 5 diff --git a/src/main/charts/jira/README.md b/src/main/charts/jira/README.md index e47f3a3b4..df0f9e4d3 100644 --- a/src/main/charts/jira/README.md +++ b/src/main/charts/jira/README.md @@ -111,6 +111,7 @@ Kubernetes: `>=1.21.x-0` | jira.setPermissions | bool | `true` | Boolean to define whether to set local home directory permissions on startup of Jira container. Set to 'false' to disable this behaviour. | | jira.shutdown.command | string | `"/shutdown-wait.sh"` | By default pods will be stopped via a [preStop hook](https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/), using a script supplied by the Docker image. If any other shutdown behaviour is needed it can be achieved by overriding this value. Note that the shutdown command needs to wait for the application shutdown completely before exiting; see [the default command](https://bitbucket.org/atlassian-docker/docker-atlassian-jira/src/master/shutdown-wait.sh) for details. | | jira.shutdown.terminationGracePeriodSeconds | int | `30` | The termination grace period for pods during shutdown. This should be set to the internal grace period, plus a small buffer to allow the JVM to fully terminate. | +| jira.startupProbe.enabled | bool | `true` | Whether to apply the startupProbe check to pod. | | jira.startupProbe.failureThreshold | int | `120` | The number of consecutive failures of the Jira container startup probe before the pod fails startup checks. | | jira.startupProbe.periodSeconds | int | `5` | How often (in seconds) the Jira container startup probe will run | | jira.tomcatConfig | object | `{"acceptCount":"10","connectionTimeout":"20000","customServerXml":"","enableLookups":"false","generateByHelm":false,"maxHttpHeaderSize":"8192","maxThreads":"100","mgmtPort":"8005","minSpareThreads":"10","port":"8080","protocol":"HTTP/1.1","proxyName":null,"proxyPort":null,"redirectPort":"8443","scheme":null,"secure":null}` | By default Tomcat's server.xml is generated in the container entrypoint from a template shipped with an official Jira image. However, server.xml generation may fail if container is not run as root, which is a common case if Jira is deployed to OpenShift. | diff --git a/src/main/charts/jira/templates/statefulset.yaml b/src/main/charts/jira/templates/statefulset.yaml index 288d502b4..6795314bc 100644 --- a/src/main/charts/jira/templates/statefulset.yaml +++ b/src/main/charts/jira/templates/statefulset.yaml @@ -139,11 +139,13 @@ spec: failureThreshold: {{ .Values.jira.readinessProbe.failureThreshold }} {{- end }} {{- end }} + {{- if .Values.jira.startupProbe.enabled }} startupProbe: tcpSocket: port: {{ .Values.jira.ports.http }} periodSeconds: {{ .Values.jira.startupProbe.periodSeconds }} failureThreshold: {{ .Values.jira.startupProbe.failureThreshold }} + {{- end }} {{- if .Values.jira.livenessProbe.enabled }} livenessProbe: tcpSocket: diff --git a/src/main/charts/jira/values.yaml b/src/main/charts/jira/values.yaml index d2e604669..aa8f4372c 100644 --- a/src/main/charts/jira/values.yaml +++ b/src/main/charts/jira/values.yaml @@ -516,6 +516,10 @@ jira: # startupProbe: + # -- Whether to apply the startupProbe check to pod. + # + enabled: true + # -- How often (in seconds) the Jira container startup probe will run # periodSeconds: 5 @@ -848,7 +852,7 @@ monitoring: # dashboardLabels: {} # grafana_dashboard: dc_monitoring - + # -- Annotations added to Grafana dashboards ConfigMaps. See: https://github.com/kiwigrid/k8s-sidecar#usage # dashboardAnnotations: {} diff --git a/src/test/java/test/ReadinessLivenessProbesTest.java b/src/test/java/test/ReadinessLivenessProbesTest.java index aae18ce97..d5b79e329 100644 --- a/src/test/java/test/ReadinessLivenessProbesTest.java +++ b/src/test/java/test/ReadinessLivenessProbesTest.java @@ -119,4 +119,27 @@ void test_readiness_probe_custom_probe(Product product) throws Exception { assertEquals("bar", resources.getStatefulSet( product.getHelmReleaseName()).getContainer().get("readinessProbe").get("foo").asText()); } + + @ParameterizedTest + @EnumSource(value = Product.class, names = {"bamboo_agent"}, mode = EnumSource.Mode.EXCLUDE) + void test_startup_probe_disabled(Product product) throws Exception { + final var resources = helm.captureKubeResourcesFromHelmChart(product, Map.of( + product + ".startupProbe.enabled", "false")); + + assertThat(resources.getStatefulSet( + product.getHelmReleaseName()).getContainer().get("startupProbe")).isEmpty(); + } + + @ParameterizedTest + @EnumSource(value = Product.class, names = {"bamboo_agent"}, mode = EnumSource.Mode.EXCLUDE) + void test_startup_probe_customized(Product product) throws Exception { + final var resources = helm.captureKubeResourcesFromHelmChart(product, Map.of( + product + ".startupProbe.failureThreshold", "1200", + product + ".startupProbe.periodSeconds", "14")); + + assertEquals("1200", resources.getStatefulSet( + product.getHelmReleaseName()).getContainer().get("startupProbe").get("failureThreshold").asText()); + assertEquals("14", resources.getStatefulSet( + product.getHelmReleaseName()).getContainer().get("startupProbe").get("periodSeconds").asText()); + } }