Description:
I'm currently using the Pi-hole Helm chart, and I encountered an issue related to the readiness of the DNS server within the Pi-hole pod. I accidentally added the same entry twice in a custom CNAME list, which caused the FTL (the Pi-hole DNS engine) to fail to start. However, the webserver was up and running, so the pod was marked as ready even though the DNS server was not functional.
To improve the reliability of the readiness probe, it would be beneficial to have the option to configure the probes to use a TCP check on the DNS port. This would ensure that the DNS service is properly verified as ready before the pod is marked as such.
Steps to Reproduce:
Deploy the Pi-hole Helm chart.
Add a duplicate entry in the custom CNAME list.
Observe that the FTL fails to start while the webserver is running.
Note that the pod is marked as ready despite the DNS server not being up.
Expected Behavior:
The readiness probe should detect that the DNS service is not up and the pod should not be marked as ready until the DNS service is confirmed to be running.
Actual Behavior:
The pod is marked as ready because the webserver is running, even though the DNS server (FTL) is not up.
Suggested Solution:
Provide an option to configure the readiness and liveness probes to use a TCP check on the DNS port. This would help ensure that the DNS server is properly checked and the pod is only marked as ready when the DNS service is actually up.
Notes:
This is hard to make perfect when there are more than one service within the same container. I think there is a workaround currently doing some telnet/nc command check using the command probe that this helm chart supports.
Description: I'm currently using the Pi-hole Helm chart, and I encountered an issue related to the readiness of the DNS server within the Pi-hole pod. I accidentally added the same entry twice in a custom CNAME list, which caused the FTL (the Pi-hole DNS engine) to fail to start. However, the webserver was up and running, so the pod was marked as ready even though the DNS server was not functional.
To improve the reliability of the readiness probe, it would be beneficial to have the option to configure the probes to use a TCP check on the DNS port. This would ensure that the DNS service is properly verified as ready before the pod is marked as such.
Steps to Reproduce:
Expected Behavior: The readiness probe should detect that the DNS service is not up and the pod should not be marked as ready until the DNS service is confirmed to be running.
Actual Behavior: The pod is marked as ready because the webserver is running, even though the DNS server (FTL) is not up.
Suggested Solution: Provide an option to configure the readiness and liveness probes to use a TCP check on the DNS port. This would help ensure that the DNS server is properly checked and the pod is only marked as ready when the DNS service is actually up.
Notes: This is hard to make perfect when there are more than one service within the same container. I think there is a workaround currently doing some
telnet/nccommand check using the command probe that this helm chart supports.version: '2.24.0'