PREQUEL-2025-0117

Kubernetes Deployment Readiness Probe MissingMedium

PREQUEL-2025-0117View on GitHub

KubernetesDeploymentReadiness ProbeHealth ChecksReliabilityTraffic Routing

Description

- Detects Kubernetes Deployment resources without readiness probes configured on containers.\n- Monitors deployment specifications where containers lack proper readiness check definitions.\n- Identifies reliability violations that can lead to premature traffic routing.\n- Tracks deployments that may receive traffic before being fully ready to handle requests.\n

Mitigation

- Implement admission controllers to enforce readiness probe requirements on deployments.\n- Establish standard readiness check endpoints for all application services.\n- Integrate readiness check validation into CI/CD pipelines before deployment.\n- Implement application-specific readiness logic to ensure proper traffic handling.\n

References

• https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/
• https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
• https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#probe-v1-core