Business Problem:

Most Red Hat Advanced Cluster Security related Deployments are missing livenessProbes. While readinessProbes are configured, we are missing out livenessProbes, which can limit self healing capabilities when something is out of order. For example, it was found that under certain circumstances, admission-control would report NotReady state when the sensor pod is restarting. Shortly after, admission-control remains in NotReady state, unable to recover due to a broken pipe. While the pods are NotReady, no further activity is triggered. With livenessProbes configured, it would be possible to detect such a condition and have the pods restarted, which in fact does resolve the issue.

The above is just an example but it shows the importance of livenessProbes and why all Deployments should have them configured and running. That way, the system is able to recover from certain failures on it's own by restarting the pods, which may or may not resolve the problem. But at least it does something and is not just waiting for somebody to look and initiate actions.

Use Cases:

Having livenessProbes configured is a general recommendation for workloads running on OpenShift Container Platform respectively kubernetes and Red Hat Advanced Cluster Security should follow those recommendation and apply the livenessProbes on all Deployments to improve the overall experience and self-healing capabilities.

Key Functionality:

All Deployments created and managed by Red Hat Advanced Cluster Security should have livenessProbes and readinessProbes configured.

Benefits:

Better self-healing capabilities and hence improved user experience.

Acceptance criteria:

All Deployments created and managed by Red Hat Advanced Cluster Security should have livenessProbes and readinessProbes configured.