For AI agents: A markdown version of this page is available at https://docs.datadoghq.com/security/code_security/iac_security/iac_rules/k8s/readiness_probe_is_not_configured.md. A documentation index is available at /llms.txt.

Readiness probe is not configured

This product is not supported for your selected Datadog site. ().

Metadata

Id: a659f3b5-9bf0-438a-bd9a-7d3a6427f1e3

Cloud Provider: Kubernetes

Platform: Kubernetes

Severity: Medium

Category: Availability

Learn More

Description

Each container should define a readinessProbe. This rule flags containers that do not have the readinessProbe attribute set (excludes resources of kind Job and CronJob). A configured readinessProbe lets the kubelet determine when a pod is ready to receive traffic.

Compliant Code Examples

apiVersion: v1
kind: Pod
metadata:
  name: goproxy
  labels:
    app: goproxy
spec:
  containers:
  - name: goproxy
    image: k8s.gcr.io/goproxy:0.1
    ports:
    - containerPort: 8080
    readinessProbe:
      tcpSocket:
        port: 8080
      initialDelaySeconds: 5
      periodSeconds: 10
    livenessProbe:
      tcpSocket:
        port: 8080
      initialDelaySeconds: 15
      periodSeconds: 20

Non-Compliant Code Examples

apiVersion: v1
kind: Pod
metadata:
  name: goproxy
  labels:
    app: goproxy
spec:
  containers:
  - name: goproxy
    image: k8s.gcr.io/goproxy:0.1
    ports:
    - containerPort: 8080
    livenessProbe:
      tcpSocket:
        port: 8080
      initialDelaySeconds: 15
      periodSeconds: 20