Define HTTP endpoint for liveness probe

Now, we use tetra status command to report the status of tetragon agent. This comes with some overheads as tetra binary has a lot of additional functionality and it seems like an overkill to use that for status reporting. On the other hand, k8s supports liveness probes by using an HTTP endpoint (i.e. https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#http-probes). This patch first creates a new HTTP endpoint to report agent status that can be used for the liveness probe. Signed-off-by: Anastasios Papagiannis <[email protected]>
cilium · May 27, 2024 · 032ca05 · 032ca05
1 parent 1871fe8
commit 032ca05
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/cmd/tetragon/main.go b/cmd/tetragon/main.go
@@ -36,6 +36,7 @@ import (
 	"github.com/cilium/tetragon/pkg/fileutils"
 	"github.com/cilium/tetragon/pkg/filters"
 	tetragonGrpc "github.com/cilium/tetragon/pkg/grpc"
+	"github.com/cilium/tetragon/pkg/health"
 	"github.com/cilium/tetragon/pkg/logger"
 	"github.com/cilium/tetragon/pkg/metrics"
 	"github.com/cilium/tetragon/pkg/metrics/metricsconfig"
@@ -245,6 +246,19 @@ func tetragonExecute() error {
 	bpf.CheckOrMountDebugFS()
 	bpf.CheckOrMountCgroup2()
 
+	// start liveness probe http endpoint
+	go func() {
+		http.HandleFunc("/liveness", func(w http.ResponseWriter, _ *http.Request) {
+			resp, err := health.GetHealth()
+			if err == nil && len(resp.HealthStatus) == 1 && resp.HealthStatus[0].Status == tetragon.HealthStatusResult_HEALTH_STATUS_RUNNING {
+				w.WriteHeader(http.StatusOK)
+			} else {
+				w.WriteHeader(http.StatusServiceUnavailable)
+			}
+		})
+		http.ListenAndServe(":6789", nil)
+	}()
+
 	if option.Config.PprofAddr != "" {
 		go func() {
 			if err := servePprof(option.Config.PprofAddr); err != nil {