HomeGitHubSign Up

C-0056 - Configured liveness probe

Suggest Edits

Configured liveness probe

Framework

DevOpsBest, AllControls, YAML-scanning

Severity

Medium

Description of the the issue

Liveness probe is intended to ensure that workload remains healthy during its entire execution lifecycle, or otherwise restrat the container. It is highly recommended to define liveness probe for every worker container. This control finds all the PODs where the Liveness probe is not configured.

Related resources

CronJob, DaemonSet, Deployment, Job, Pod, ReplicaSet, StatefulSet

What does this control test

Liveness probe is intended to ensure that workload remains healthy during its entire execution lifecycle, or otherwise restrat the container. It is highly recommended to define liveness probe for every worker container. This control finds all the PODs where the Liveness probe is not configured.

Remediation

Ensure Liveness probes are configured wherever possible.

Example

    livenessProbe: # we are looking for this section in the resource definition
      exec:
        command:
        - cat
        - /tmp/healthy
      initialDelaySeconds: 5
      periodSeconds: 5

Updated 15 days ago