kubernetesopenshiftspring-boot-actuatorreadinessprobelivenessprobe

Openshift readiness and liveness probe never failing even with incorrect http url


I am running a Spring Boot 2.0.0 application inside an OpenShift Pod. To execute the readiness and liveness probe, I am relying on spring boot actuator healthchecks. My application properties file has following properties :

server.address=127.0.0.1
management.server.address=0.0.0.0
server.port=8080
management.server.port=8081
management.endpoints.enabled-by-default=false
management.endpoint.info.enabled=true
management.endpoint.health.enabled=true
management.endpoints.web.exposure.include=health,info
management.endpoint.health.show-details=always
management.security.enabled=false

Following the related configuration of the readiness and liveness probe.

livenessProbe:
    failureThreshold: 3
    httpGet:
      path: /mmcc
      port: 8081
      scheme: HTTP
    initialDelaySeconds: 35
    periodSeconds: 10
    successThreshold: 1
    timeoutSeconds: 15


readinessProbe:
    failureThreshold: 3
    httpGet:
      path: /jjkjk
      port: 8081
      scheme: HTTP
    initialDelaySeconds: 30
    periodSeconds: 10
    successThreshold: 1
    timeoutSeconds: 15

My expectation is that my readiness and liveness probe should fail with these random urls, but they are succeeding. Not sure what i am missing here. kindly help.


Solution

  • The answer by Simon gave me a starting point and I looked for curl -vvv localhost:8081/jjkjk output. The URL was redirecting me to the login url so I figured this is because I have spring security in my classpath. So I added in my properties file :

    management.endpoints.web.exposure.include=health,info
    

    and added

    @Configuration
    public class ActuatorSecurity extends WebSecurityConfigurerAdapter {
    
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests()
                .anyRequest().permitAll()
        }
    
    }
    

    and this resolved my problem by enabling the access to url without credentials.