Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change /ping endpoint to /healthz #167

Merged

Conversation

KeisukeYamashita
Copy link
Contributor

@KeisukeYamashita KeisukeYamashita commented Dec 25, 2020

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

/kind cleanup

/kind design

/kind documentation

/kind failing-test

/kind feature

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area build

/area config

/area outputs

/area tests

What this PR does / why we need it:

Unify the health check endpoint with cloud native conversion.
This endpoint is used for health checking. See the chart implementation too https://github.com/falcosecurity/charts/blob/40e45b1f1ef2f79787f1d35b5ba565b880f626de/falcosidekick/templates/deployment.yaml#L47-L58

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Many projects in CNCF expose /healthz endpoint as health check endpoint. I picked some for example:

As this project is one of cloud native projects, I think it's better to unify with the cloud native convention.

Signed-off-by: KeisukeYamashita <19yamashita15@gmail.com>
Signed-off-by: KeisukeYamashita <19yamashita15@gmail.com>
@Issif
Copy link
Member

Issif commented Dec 25, 2020

Hi @KeisukeYamashita,

I get your point, I prefer to have both, for avoiding breaking changes.

  • ping: responds with a simple pong
  • healthz: responds with a json with status:OK and the list of enabled outputs

And we use healthz as you proposed for kube probes.

wdyt?

@KeisukeYamashita
Copy link
Contributor Author

KeisukeYamashita commented Dec 25, 2020

Hi,
Is it possible to ask users to migrate if they use ping endpoint? If that isn't possible, I want to continue using ping endpoint and not introduce this change and close this PR😄

@Issif
Copy link
Member

Issif commented Dec 25, 2020

We can have both endpoints for now and add in changelog and README that /ping will be deprecated in 3.0.0.

@Issif Issif added this to the 2.20.0 milestone Dec 25, 2020
Signed-off-by: KeisukeYamashita <19yamashita15@gmail.com>
Signed-off-by: KeisukeYamashita <19yamashita15@gmail.com>
@KeisukeYamashita KeisukeYamashita force-pushed the change-ping-endpoint-to-health branch from 1cbb0e2 to 545bd9e Compare December 26, 2020 02:58
handlers.go Outdated
@@ -73,6 +73,11 @@ func pingHandler(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("pong\n"))
}

// healthHandler is a simple handler to test if daemon is UP.
func healthHandler(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Issif Do you want me to respond a JSON as you suggested? I think the 200 status code is enough, it will tell the same thing as {"status": "ok"}. Moreover, many health check features (Kubernetes HTTPGet Probe, Google Load Balancer, etc) checked the status code and won't check the resp body.

WDYT?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is good to send the body as well, because in the future we can add more info, for example, we can check if the AWS is still valid and respond on that as well like

{
  "status": "ok",
  "aws": "ok",
  "pagerduty": "ok"
  ...
}

for now the /healtz is a dummy which is fine

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We also can add the ready endpoint to say that the APP is ready, but for that, we will need a bit more logic

Copy link
Contributor Author

@KeisukeYamashita KeisukeYamashita Dec 26, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your reply.

It is good to send the body as well, because in the future we can add more info, for example, we can check if the AWS is still valid and respond on that as well like

Totally agree.

for now the /healtz is a dummy which is fine

Okay, let's go with this change for now 👍
Thank you.

@Issif
Copy link
Member

Issif commented Dec 26, 2020

For now I'm ok for a dummy /healtz that returns a 200 with only ok as message body.

We can create an issue for discussing about an enhanced endpoint, with more details. We need to agree about what informations have to be inside (version? enabled outputs?). I think this a point for 3.0.0, I really need to release 2.20.0 now, both of you have added so much great things 🙏 .

I'm not a big fan of ready endpoint, it's hard to test all enabled outputs without creating flood. The /test endpoint is here for that purpose and can only be triggered manually. We should btw, add details in README of helm chart for helping people to use (how to set a portforward and call the endpoint).

@KeisukeYamashita btw the message about deprecation of /ping is perfect.

Signed-off-by: KeisukeYamashita <19yamashita15@gmail.com>
@poiana poiana added size/S and removed size/XS labels Dec 31, 2020
@KeisukeYamashita
Copy link
Contributor Author

@Issif Thank you for your comment.

For now I'm ok for a dummy /healtz that returns a 200 with only ok as message body.

Okay, now it the health endpoint will return {"status":"ok"} JSON resp.

We can create an issue for discussing about an enhanced endpoint, with more details. We need to agree about what informations have to be inside (version? enabled outputs?). I think this a point for 3.0.0, I really need to release 2.20.0 now, both of you have added so much great things 🙏 .

I'm not a big fan of ready endpoint, it's hard to test all enabled outputs without creating flood. The /test endpoint is here for that purpose and can only be triggered manually. We should btw, add details in README of helm chart for helping people to use (how to set a portforward and call the endpoint).

Got it, let's discuss for later release 👍

Copy link
Member

@Issif Issif left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @KeisukeYamashita

@poiana
Copy link

poiana commented Dec 31, 2020

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Issif

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana
Copy link

poiana commented Dec 31, 2020

LGTM label has been added.

Git tree hash: c84d08414bc8dd336a2403cbce4dc53d34502301

@poiana poiana merged commit 0403fbd into falcosecurity:master Dec 31, 2020
@KeisukeYamashita KeisukeYamashita deleted the change-ping-endpoint-to-health branch January 1, 2021 00:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

4 participants