PREQUEL-2025-0116

Kubernetes Deployment Liveness Probe MissingMedium

PREQUEL-2025-0116View on GitHub

KubernetesDeploymentLiveness ProbeHealth ChecksReliabilityAvailability

Description

• Detects Kubernetes Deployment resources without liveness probes configured on containers.
• Monitors deployment specifications where containers lack proper health check definitions.
• Identifies reliability violations that can lead to undetected application failures.
• Tracks deployments that may run unhealthy containers without automatic recovery.

Cause

• Deployment manifests created without proper health check specifications.
• Development teams unaware of Kubernetes health check best practices.
• CI/CD pipelines deploying applications without reliability considerations.
• Helm charts or templates missing default liveness probe configurations.
• Legacy applications migrated without health check endpoint implementation.
• Infrastructure automation scripts lacking health check validation.

Mitigation

• Implement admission controllers to enforce liveness probe requirements on deployments.
• Establish standard health check endpoints for all application services.
• Integrate health check validation into CI/CD pipelines before deployment.
• Implement application-specific health check logic for accurate status reporting.

References

• https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
• https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
• https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core