Add GRPC liveness/readiness/startup_probe (#1915)

Author: dgnemo

.changelog/1915.txt

@@ -0,0 +1,3 @@
+```release-note:enhancement
+Add a new optional attribute `grpc` to `pod.spec.container.liveness_probe`, `pod.spec.container.readiness_probe`, and `pod.spec.container.startup_probe`. That affects all resources and data sources that use mentioned `pod.spec.container` probes directly or as a template.
+```

kubernetes/resource_kubernetes_pod_test.go

@@ -542,6 +542,42 @@ func TestAccKubernetesPod_with_container_liveness_probe_using_tcp(t *testing.T)
 	})
 }
 
+func TestAccKubernetesPod_with_container_liveness_probe_using_grpc(t *testing.T) {
+	var conf api.Pod
+
+	podName := acctest.RandomWithPrefix("tf-acc-test")
+	imageName := "gcr.io/google_containers/liveness"
+	resourceName := "kubernetes_pod.test"
+
+	resource.Test(t, resource.TestCase{
+		PreCheck: func() {
+			testAccPreCheck(t)
+			skipIfClusterVersionLessThan(t, "1.24.0")
+		},
+		ProviderFactories: testAccProviderFactories,
+		CheckDestroy:      testAccCheckKubernetesPodDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccKubernetesPodConfigWithLivenessProbeUsingGRPC(podName, imageName),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckKubernetesPodExists(resourceName, &conf),
+					resource.TestCheckResourceAttr(resourceName, "spec.0.container.0.args.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "spec.0.container.0.liveness_probe.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "spec.0.container.0.liveness_probe.0.grpc.#", "1"),
+					resource.TestCheckResourceAttr(resourceName, "spec.0.container.0.liveness_probe.0.grpc.0.port", "8888"),
+					resource.TestCheckResourceAttr(resourceName, "spec.0.container.0.liveness_probe.0.grpc.0.service", "EchoService"),
+				),
+			},
+			{
+				ResourceName:            resourceName,
+				ImportState:             true,
+				ImportStateVerify:       true,
+				ImportStateVerifyIgnore: []string{"metadata.0.resource_version"},
+			},
+		},
+	})
+}
+
 func TestAccKubernetesPod_with_container_lifecycle(t *testing.T) {
 	var conf api.Pod
 
@@ -1894,6 +1930,37 @@ func testAccKubernetesPodConfigWithLivenessProbeUsingTCP(podName, imageName stri
 `, podName, imageName)
 }
 
+func testAccKubernetesPodConfigWithLivenessProbeUsingGRPC(podName, imageName string) string {
+	return fmt.Sprintf(`resource "kubernetes_pod" "test" {
+  metadata {
+    labels = {
+      app = "pod_label"
+    }
+
+    name = "%s"
+  }
+
+  spec {
+    container {
+      image = "%s"
+      name  = "containername"
+      args  = ["/server"]
+
+      liveness_probe {
+        grpc {
+          port    = 8888
+          service = "EchoService"
+        }
+
+        initial_delay_seconds = 30
+        period_seconds        = 30
+      }
+    }
+  }
+}
+`, podName, imageName)
+}
+
 func testAccKubernetesPodConfigWithLifeCycle(podName, imageName string) string {
 	return fmt.Sprintf(`resource "kubernetes_pod" "test" {
   metadata {

kubernetes/schema_container.go

@@ -660,6 +660,26 @@ func containerFields(isUpdatable bool) map[string]*schema.Schema {
 
 func probeSchema() *schema.Resource {
 	h := lifecycleHandlerFields()
+	h["grpc"] = &schema.Schema{
+		Type:        schema.TypeList,
+		Optional:    true,
+		Description: "GRPC specifies an action involving a GRPC port.",
+		Elem: &schema.Resource{
+			Schema: map[string]*schema.Schema{
+				"port": {
+					Type:         schema.TypeInt,
+					Required:     true,
+					ValidateFunc: validatePortNum,
+					Description:  "Number of the port to access on the container. Number must be in the range 1 to 65535.",
+				},
+				"service": {
+					Type:        schema.TypeString,
+					Optional:    true,
+					Description: "Name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.",
+				},
+			},
+		},
+	}
 	h["failure_threshold"] = &schema.Schema{
 		Type:         schema.TypeInt,
 		Optional:     true,

kubernetes/structures_container.go

@@ -122,6 +122,15 @@ func flattenTCPSocket(in *v1.TCPSocketAction) []interface{} {
 	return []interface{}{att}
 }
 
+func flattenGRPC(in *v1.GRPCAction) []interface{} {
+	att := make(map[string]interface{})
+	att["port"] = in.Port
+	if in.Service != nil {
+		att["service"] = *in.Service
+	}
+	return []interface{}{att}
+}
+
 func flattenExec(in *v1.ExecAction) []interface{} {
 	att := make(map[string]interface{})
 	if len(in.Command) > 0 {
@@ -161,6 +170,9 @@ func flattenProbe(in *v1.Probe) []interface{} {
 	if in.TCPSocket != nil {
 		att["tcp_socket"] = flattenTCPSocket(in.TCPSocket)
 	}
+	if in.GRPC != nil {
+		att["grpc"] = flattenGRPC(in.GRPC)
+	}
 
 	return []interface{}{att}
 }
@@ -656,6 +668,21 @@ func expandTCPSocket(l []interface{}) *v1.TCPSocketAction {
 	return &obj
 }
 
+func expandGRPC(l []interface{}) *v1.GRPCAction {
+	if len(l) == 0 || l[0] == nil {
+		return &v1.GRPCAction{}
+	}
+	in := l[0].(map[string]interface{})
+	obj := v1.GRPCAction{}
+	if v, ok := in["port"].(int); ok {
+		obj.Port = int32(v)
+	}
+	if v, ok := in["service"].(string); ok {
+		obj.Service = ptrToString(v)
+	}
+	return &obj
+}
+
 func expandHTTPGet(l []interface{}) *v1.HTTPGetAction {
 	if len(l) == 0 || l[0] == nil {
 		return &v1.HTTPGetAction{}
@@ -697,6 +724,9 @@ func expandProbe(l []interface{}) *v1.Probe {
 	if v, ok := in["tcp_socket"].([]interface{}); ok && len(v) > 0 {
 		obj.TCPSocket = expandTCPSocket(v)
 	}
+	if v, ok := in["grpc"].([]interface{}); ok && len(v) > 0 {
+		obj.GRPC = expandGRPC(v)
+	}
 	if v, ok := in["failure_threshold"].(int); ok {
 		obj.FailureThreshold = int32(v)
 	}

website/docs/d/pod.html.markdown

@@ -180,6 +180,13 @@ The `option` block supports the following:
 
 * `command` - Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
 
+### `grpc`
+
+#### Arguments
+
+* `port` - Number of the port to access on the container. Number must be in the range 1 to 65535.
+* `service` - Name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
+
 ### `image_pull_secrets`
 
 #### Attributes
@@ -207,6 +214,7 @@ The `option` block supports the following:
 * `exec` -  exec specifies the action to take.
 * `failure_threshold` -  Minimum consecutive failures for the probe to be considered failed after having succeeded.
 * `http_get` -  Specifies the http request to perform.
+* `grpc` -  GRPC specifies an action involving a GRPC port.
 * `initial_delay_seconds` -  Number of seconds after the container has started before liveness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` -  How often (in seconds) to perform the probe
 * `success_threshold` -  Minimum consecutive successes for the probe to be considered successful after having failed.
@@ -290,6 +298,7 @@ The `option` block supports the following:
 
 * `exec` -  exec specifies the action to take.
 * `failure_threshold` -  Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  GRPC specifies an action involving a GRPC port.
 * `http_get` -  Specifies the http request to perform.
 * `initial_delay_seconds` -  Number of seconds after the container has started before readiness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` -  How often (in seconds) to perform the probe

website/docs/d/pod_v1.html.markdown

@@ -180,6 +180,13 @@ The `option` block supports the following:
 
 * `command` - Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
 
+### `grpc`
+
+#### Arguments
+
+* `port` - Number of the port to access on the container. Number must be in the range 1 to 65535.
+* `service` - Name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
+
 ### `image_pull_secrets`
 
 #### Attributes
@@ -206,6 +213,7 @@ The `option` block supports the following:
 
 * `exec` -  exec specifies the action to take.
 * `failure_threshold` -  Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  GRPC specifies an action involving a GRPC port.
 * `http_get` -  Specifies the http request to perform.
 * `initial_delay_seconds` -  Number of seconds after the container has started before liveness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` -  How often (in seconds) to perform the probe
@@ -290,6 +298,7 @@ The `option` block supports the following:
 
 * `exec` -  exec specifies the action to take.
 * `failure_threshold` -  Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  GRPC specifies an action involving a GRPC port.
 * `http_get` -  Specifies the http request to perform.
 * `initial_delay_seconds` -  Number of seconds after the container has started before readiness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` -  How often (in seconds) to perform the probe

website/docs/r/daemon_set_v1.html.markdown

@@ -474,6 +474,13 @@ The `option` block supports the following:
 * `path` - (Required) The Glusterfs volume path. For more info see https://github.com/kubernetes/examples/tree/master/volumes/glusterfs#create-a-pod.
 * `read_only` - (Optional) Whether to force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. For more info see https://github.com/kubernetes/examples/tree/master/volumes/glusterfs#create-a-pod.
 
+### `grpc`
+
+#### Arguments
+
+* `port` - (Required) Number of the port to access on the container. Number must be in the range 1 to 65535.
+* `service` - (Optional) Name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
+
 ### `host_aliases`
 
 #### Arguments
@@ -543,6 +550,7 @@ The `option` block supports the following:
 
 * `exec` - (Optional) exec specifies the action to take.
 * `failure_threshold` - (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  (Optional) GRPC specifies an action involving a GRPC port. **NOTE: This field is behind a [feature gate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/) prior to v1.24**
 * `http_get` - (Optional) Specifies the http request to perform.
 * `initial_delay_seconds` - (Optional) Number of seconds after the container has started before liveness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` - (Optional) How often (in seconds) to perform the probe
@@ -627,6 +635,7 @@ The `option` block supports the following:
 
 * `exec` - (Optional) exec specifies the action to take.
 * `failure_threshold` - (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  (Optional) GRPC specifies an action involving a GRPC port. **NOTE: This field is behind a [feature gate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/) prior to v1.24**
 * `http_get` - (Optional) Specifies the http request to perform.
 * `initial_delay_seconds` - (Optional) Number of seconds after the container has started before readiness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` - (Optional) How often (in seconds) to perform the probe

website/docs/r/daemonset.html.markdown

@@ -484,6 +484,13 @@ The `option` block supports the following:
 * `path` - (Required) The Glusterfs volume path. For more info see https://github.com/kubernetes/examples/tree/master/volumes/glusterfs#create-a-pod.
 * `read_only` - (Optional) Whether to force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. For more info see https://github.com/kubernetes/examples/tree/master/volumes/glusterfs#create-a-pod.
 
+### `grpc`
+
+#### Arguments
+
+* `port` - (Required) Number of the port to access on the container. Number must be in the range 1 to 65535.
+* `service` - (Optional) Name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
+
 ### `host_aliases`
 
 #### Arguments
@@ -553,6 +560,7 @@ The `option` block supports the following:
 
 * `exec` - (Optional) exec specifies the action to take.
 * `failure_threshold` - (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  (Optional) GRPC specifies an action involving a GRPC port. **NOTE: This field is behind a [feature gate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/) prior to v1.24**
 * `http_get` - (Optional) Specifies the http request to perform.
 * `initial_delay_seconds` - (Optional) Number of seconds after the container has started before liveness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` - (Optional) How often (in seconds) to perform the probe
@@ -637,6 +645,7 @@ The `option` block supports the following:
 
 * `exec` - (Optional) exec specifies the action to take.
 * `failure_threshold` - (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  (Optional) GRPC specifies an action involving a GRPC port. **NOTE: This field is behind a [feature gate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/) prior to v1.24**
 * `http_get` - (Optional) Specifies the http request to perform.
 * `initial_delay_seconds` - (Optional) Number of seconds after the container has started before readiness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` - (Optional) How often (in seconds) to perform the probe

website/docs/r/deployment.html.markdown

@@ -495,6 +495,13 @@ The `option` block supports the following:
 * `path` - (Required) The Glusterfs volume path. For more info see https://github.com/kubernetes/examples/tree/master/volumes/glusterfs#create-a-pod.
 * `read_only` - (Optional) Whether to force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. For more info see https://github.com/kubernetes/examples/tree/master/volumes/glusterfs#create-a-pod.
 
+### `grpc`
+
+#### Arguments
+
+* `port` - (Required) Number of the port to access on the container. Number must be in the range 1 to 65535.
+* `service` - (Optional) Name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
+
 ### `host_aliases`
 
 #### Arguments
@@ -564,6 +571,7 @@ The `option` block supports the following:
 
 * `exec` - (Optional) exec specifies the action to take.
 * `failure_threshold` - (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  (Optional) GRPC specifies an action involving a GRPC port. **NOTE: This field is behind a [feature gate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/) prior to v1.24**
 * `http_get` - (Optional) Specifies the http request to perform.
 * `initial_delay_seconds` - (Optional) Number of seconds after the container has started before liveness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` - (Optional) How often (in seconds) to perform the probe
@@ -648,6 +656,7 @@ The `option` block supports the following:
 
 * `exec` - (Optional) exec specifies the action to take.
 * `failure_threshold` - (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  (Optional) GRPC specifies an action involving a GRPC port. **NOTE: This field is behind a [feature gate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/) prior to v1.24**
 * `http_get` - (Optional) Specifies the http request to perform.
 * `initial_delay_seconds` - (Optional) Number of seconds after the container has started before readiness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` - (Optional) How often (in seconds) to perform the probe

website/docs/r/deployment_v1.html.markdown

@@ -485,6 +485,13 @@ The `option` block supports the following:
 * `path` - (Required) The Glusterfs volume path. For more info see https://github.com/kubernetes/examples/tree/master/volumes/glusterfs#create-a-pod.
 * `read_only` - (Optional) Whether to force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. For more info see https://github.com/kubernetes/examples/tree/master/volumes/glusterfs#create-a-pod.
 
+### `grpc`
+
+#### Arguments
+
+* `port` - (Required) Number of the port to access on the container. Number must be in the range 1 to 65535.
+* `service` - (Optional) Name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). If this is not specified, the default behavior is defined by gRPC.
+
 ### `host_aliases`
 
 #### Arguments
@@ -554,6 +561,7 @@ The `option` block supports the following:
 
 * `exec` - (Optional) exec specifies the action to take.
 * `failure_threshold` - (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  (Optional) GRPC specifies an action involving a GRPC port. **NOTE: This field is behind a [feature gate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/) prior to v1.24**
 * `http_get` - (Optional) Specifies the http request to perform.
 * `initial_delay_seconds` - (Optional) Number of seconds after the container has started before liveness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` - (Optional) How often (in seconds) to perform the probe
@@ -638,6 +646,7 @@ The `option` block supports the following:
 
 * `exec` - (Optional) exec specifies the action to take.
 * `failure_threshold` - (Optional) Minimum consecutive failures for the probe to be considered failed after having succeeded.
+* `grpc` -  (Optional) GRPC specifies an action involving a GRPC port. **NOTE: This field is behind a [feature gate](https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/) prior to v1.24**
 * `http_get` - (Optional) Specifies the http request to perform.
 * `initial_delay_seconds` - (Optional) Number of seconds after the container has started before readiness probes are initiated. For more info see [Kubernetes reference](http://kubernetes.io/docs/user-guide/pod-states#container-probes)
 * `period_seconds` - (Optional) How often (in seconds) to perform the probe