Choosing between TCP probe and HTTP probe for liveness and readiness in kubernetes

10/2/2020

To keep things simple, I think its better to just check the TCP port for liveness and readiness in kubernetes as it doesn't require knowledge of health-check endpoint (HTTP path) but just the port number. Any guide on the disadvantages of just relying on the TCP port for service health-check is greatly appreciated, please assume that the pods are not proxy for some other service and all the business-logic is in the pods itself.

https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/

-- wings
http
kubernetes
livenessprobe
readinessprobe
tcp

1 Answer

10/2/2020

In my experience HTTP is chosen over TCP when you have a reverse-proxy sidecar in front of your app in the same pod, e.g. nginx. In this case, nginx will always accept TCP even when the app is not ready yet. Thus you'd want HTTP.

Otherwise:

  • if this is an app server listening directly on a port
  • you know it starts to listen only when fully loaded
  • you don't want any additional logic inside /health (like check db connection)

If all of the above is true - just use TCP.

TIP You don't even need to know the port number for TCP, you can use named port: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#use-a-named-port

-- Max Lobur
Source: StackOverflow