-
Notifications
You must be signed in to change notification settings - Fork 497
/
Copy pathhealthchecks_handler.go
91 lines (77 loc) · 2.34 KB
/
healthchecks_handler.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
package main
import (
"net/http"
"time"
)
const (
ThresholdMultiplicator = 5
ThresholdMinTime = time.Minute * 3
)
type HealthChecksHandler struct {
source JWKSSource
healthChecks HealthChecksConfig
jwkThreshold time.Duration
initTime time.Time
http.Handler
}
func NewHealthChecksHandler(source JWKSSource, config *Config) *HealthChecksHandler {
h := &HealthChecksHandler{
source: source,
healthChecks: *config.HealthChecks,
jwkThreshold: jwkThreshold(config),
initTime: time.Now(),
}
mux := http.NewServeMux()
mux.Handle(h.healthChecks.ReadyPath, http.HandlerFunc(h.readyCheck))
mux.Handle(h.healthChecks.LivePath, http.HandlerFunc(h.liveCheck))
h.Handler = mux
return h
}
// jwkThreshold determines the duration from the last successful poll before the server is considered unhealthy
func jwkThreshold(config *Config) time.Duration {
var duration time.Duration
if config.ServerAPI != nil {
duration = config.ServerAPI.PollInterval
} else {
duration = config.WorkloadAPI.PollInterval
}
if duration*ThresholdMultiplicator < ThresholdMinTime {
duration = ThresholdMinTime
}
return duration
}
// readyCheck is a health check that returns 200 if the server can successfully fetch a jwt keyset
func (h *HealthChecksHandler) readyCheck(w http.ResponseWriter, r *http.Request) {
if r.Method != "GET" {
http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
return
}
statusCode := http.StatusOK
lastPoll := h.source.LastSuccessfulPoll()
elapsed := time.Since(lastPoll)
isReady := !lastPoll.IsZero() && elapsed < h.jwkThreshold
if !isReady {
statusCode = http.StatusInternalServerError
}
w.WriteHeader(statusCode)
}
// liveCheck is a health check that returns 200 if the server is able to reply to http requests
func (h *HealthChecksHandler) liveCheck(w http.ResponseWriter, r *http.Request) {
if r.Method != "GET" {
http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
return
}
statusCode := http.StatusOK
lastPoll := h.source.LastSuccessfulPoll()
elapsed := time.Since(lastPoll)
isReady := !lastPoll.IsZero() && elapsed < h.jwkThreshold
if lastPoll.IsZero() {
elapsed := time.Since(h.initTime)
if elapsed >= h.jwkThreshold {
statusCode = http.StatusInternalServerError
}
} else if !isReady {
statusCode = http.StatusInternalServerError
}
w.WriteHeader(statusCode)
}