Kubernetes deployment health from outside the cluster

Anatoly Oshmanovsky

Readiness probes pass inside the pod, but no one sees that the LB refused to route traffic to the new deploy.

Stack: Kubernetes · kubectl · readiness probe Tags: kubernetes, kubectl, readiness

Recipe

yaml

# Экспонируйте health endpoint через Ingress, а не только ClusterIP
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: app-healthz
spec:
  rules:
  - host: app.example.com
    http:
      paths:
      - path: /readyz
        pathType: Exact
        backend: { service: { name: app, port: { number: 80 } } }

Same thing in Enterno.io

Add an Enterno monitor to https://app.example.com/readyz. If cluster DNS breaks access to /readyz — you learn about it before users do.

Set up HTTP monitor → ← All recipes

Related recipes

Kubernetes — alert on pods restarting > N times in a window

bash

A CrashLoopBackOff in one namespace — kubectl shows a restart count of 47, but nobody sees it. Want an endpoint that returns high when the counter jumps.

etcd — alert on frequent leader flapping

bash

Inside a K8s cluster etcd re-elects the leader every 30 s — kube-apiserver lags, controller-manager can't keep reconciling. Only visible in etcd metrics.

kubelet — alert when a node goes NotReady

bash

A node goes NotReady (kubelet stopped pinging the apiserver, runtime is sick) — pods on it linger like zombies until a taint evicts them. Kubernetes events do not go to Slack by default.

Recipe

Same thing in Enterno.io

Related recipes

Kubernetes — alert on pods restarting > N times in a window

etcd — alert on frequent leader flapping

kubelet — alert when a node goes NotReady

Start monitoring for free