xnat-web application health probes

[dean-taylor]

Add livenessProbe, readinessProbe and startupProbe to the xnat-web container

[exxa-tech]

Suggest URL to check for health check is /app/template/Login.vm#! and port is 8080/8443 (or whatever Tomcat port you use) so you get Tomcat health NOT Nginx Proxy health assuming you are using Nginx. /app/template/Login.vm#! should confirm XNAT AND Tomcat works.

[fxusyd]

I think /app/template/Login.vm#! and a listening 8104 port are good for liveness probe. For readiness probe, maybe run some api calls so we know it's actually working.

[exxa-tech]

I think that may work. Tomcat XNAT deployment HAS to be working for DICOM SCP receiver to be open. I have seen in the past that sometimes the port stops responding despite XNAT functioning perfectly well. I just disable and enable the DICOM SCP port in the XNAT GUI and it starts working again so this would help with that as well. Not sure of the timing of things - perhaps a livenessProbe for /app/template/Login.vm#! on port 80 or port 8080 depending on where the probe sits (inside or outside the pod) and then port 8104 as the readinessProbe - port open?

[exxa-tech]

Another thing is that as AIS is proposing CTP usage over DICOM SCP receivers and discouraging DICOM SCP use there maybe a requirement to close DICOM SCP ports or phase this technology out in the future. I suppose at present it isn't presented outside of the cluster unless specifically configured to do so doesn't really matter, but may be removed in future versions. Just a thought...

[fxusyd]

DICOM SCP still needs to open for institution CTP to connect. Institution CTP is used so that clinical CTP can transfer data encrypted across open network as DICOM protocol doesn't do encryption.

[fxusyd]

Any thought on what the minimal 'live' requirement is for XNAT, so it can be included by service?

[exxa-tech]

Obviously know nothing about CTP! In that case if TCP 8104 is open that should work. @dean-taylor - the port would just need to be open within the Cluster for the livenessProbe to monitor it , not necessarily presented outside the cluster (by LoadBalancer)? If that was the case then should work. The DICOM SCP receiver is only open on the node / cluster out of the box (not externally) so any probes need to work without any configuration change.