From fa5f653de6a5ccb2c271d2dd538b725951f70a0b Mon Sep 17 00:00:00 2001
From: Andrew Keesler <akeesler@vmware.com>
Date: Wed, 21 Oct 2020 11:51:31 -0700
Subject: [PATCH] Implement readinessProbe and livenessProbe for supervisor

Signed-off-by: Ryan Richard <richardry@vmware.com>
---
 cmd/pinniped-supervisor/main.go   | 18 +++++++++++++++++-
 deploy/supervisor/deployment.yaml | 18 ++++++++++++++++++
 2 files changed, 35 insertions(+), 1 deletion(-)

diff --git a/cmd/pinniped-supervisor/main.go b/cmd/pinniped-supervisor/main.go
index 9d231f2b..b8a59949 100644
--- a/cmd/pinniped-supervisor/main.go
+++ b/cmd/pinniped-supervisor/main.go
@@ -110,6 +110,10 @@ func startControllers(
 	kubeInformers.Start(ctx.Done())
 	pinnipedInformers.Start(ctx.Done())
 
+	// Wait until the caches are synced before returning.
+	kubeInformers.WaitForCacheSync(ctx.Done())
+	pinnipedInformers.WaitForCacheSync(ctx.Done())
+
 	go controllerManager.Start(ctx)
 }
 
@@ -165,8 +169,20 @@ func run(serverInstallationNamespace string, cfg *supervisor.Config) error {
 		return fmt.Errorf("cannot create listener: %w", err)
 	}
 	defer l.Close()
-
 	start(ctx, l, oidProvidersManager)
+
+	//nolint: gosec // Intentionally binding to all network interfaces.
+	healthzListener, err := net.Listen("tcp", ":8080")
+	if err != nil {
+		return fmt.Errorf("cannot create healthzListener: %w", err)
+	}
+	defer healthzListener.Close()
+	healthzMux := http.NewServeMux()
+	healthzMux.Handle("/healthz", http.HandlerFunc(func(writer http.ResponseWriter, request *http.Request) {
+		_, _ = writer.Write([]byte("ok"))
+	}))
+	start(ctx, healthzListener, healthzMux)
+
 	klog.InfoS("supervisor is ready", "address", l.Addr().String())
 
 	gotSignal := waitForSignal()
diff --git a/deploy/supervisor/deployment.yaml b/deploy/supervisor/deployment.yaml
index d1c25234..764c71d7 100644
--- a/deploy/supervisor/deployment.yaml
+++ b/deploy/supervisor/deployment.yaml
@@ -84,6 +84,24 @@ spec:
               mountPath: /etc/config
             - name: podinfo
               mountPath: /etc/podinfo
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 2
+            timeoutSeconds: 15
+            periodSeconds: 10
+            failureThreshold: 5
+          readinessProbe:
+            httpGet:
+              path: /healthz
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 2
+            timeoutSeconds: 3
+            periodSeconds: 10
+            failureThreshold: 3
       volumes:
         - name: config-volume
           configMap: