diff --git a/CHANGELOG.md b/CHANGELOG.md index 01f6b35..4b495ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,17 @@ The types of changes are: ### Fixed +## [0.19.0](https://github.com/ethyca/fides-helm/compare/fides-0.18.0...fides-0.19.0) + +### Added + +- Optional support to use HttpGet health check for the Fides workers instead of Celery +- New `workerConfiguration` values for liveness probe tuning: `useHttpProbe`, `initialDelaySeconds`, `periodSeconds`, `timeoutSeconds`, `failureThreshold` + +### Changed +- Upgrade default Fides version to [`2.82.1`] + + ## [0.18.0](https://github.com/ethyca/fides-helm/compare/fides-0.17.1...fides-0.18.0) ### Added diff --git a/fides/Chart.yaml b/fides/Chart.yaml index 1b60462..68f505f 100644 --- a/fides/Chart.yaml +++ b/fides/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: fides -version: 0.18.0 -appVersion: "2.67.0" +version: 0.19.0 +appVersion: "2.82.1" description: Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in your runtime environment, and the enforcement of privacy regulations in your code. type: application keywords: diff --git a/fides/templates/fides/worker-deployment.yaml b/fides/templates/fides/worker-deployment.yaml index cbeb1c4..32f3d0b 100644 --- a/fides/templates/fides/worker-deployment.yaml +++ b/fides/templates/fides/worker-deployment.yaml @@ -105,16 +105,29 @@ spec: - secretRef: name: {{ $.Values.fides.configuration.additionalEnvVarsSecret }} {{- end }} + {{- if $.Values.fides.workerConfiguration.useHttpProbe }} + ports: + - name: health + containerPort: 9000 + protocol: TCP + {{- end }} livenessProbe: + {{- if $.Values.fides.workerConfiguration.useHttpProbe }} + httpGet: + path: / + port: 9000 + {{- else }} exec: command: [ "bash", "-c", "celery --quiet --no-color --app fides.api.tasks inspect ping --destination celery@$HOSTNAME --json" ] - initialDelaySeconds: {{ $.Values.fides.startupTimeSeconds | default 30 }} - periodSeconds: 60 - timeoutSeconds: {{ $.Values.fides.healthCheckTimeoutSeconds | default 5 }} + {{- end }} + initialDelaySeconds: {{ $.Values.fides.workerConfiguration.initialDelaySeconds | default ($.Values.fides.startupTimeSeconds | default 30) }} + periodSeconds: {{ $.Values.fides.workerConfiguration.periodSeconds | default 60 }} + timeoutSeconds: {{ $.Values.fides.workerConfiguration.timeoutSeconds | default ($.Values.fides.healthCheckTimeoutSeconds | default 5) }} + failureThreshold: {{ $.Values.fides.workerConfiguration.failureThreshold | default 3 }} volumeMounts: - name: {{ include "fides.configVolume" $ }} mountPath: {{ include "fides.configPath" $ }} diff --git a/fides/values.yaml b/fides/values.yaml index ed98826..f035ece 100644 --- a/fides/values.yaml +++ b/fides/values.yaml @@ -75,6 +75,19 @@ fides: # To override defaults, explicitly define workers below. To disable a worker, set count: 0. # For more information, see: https://www.ethyca.com/docs/dev-docs/get-started/advanced#running-workers workerConfiguration: + # useHttpProbe switches the worker liveness probe from a Celery exec command (default) + # to an HTTP GET against the in-process health check server on port 9000. + # The exec probe spawns a full celery process on each check, which may cause + # issues at scale. The HTTP probe avoids that overhead. + useHttpProbe: false + # + # Liveness probe tuning. If not set, falls back to fides.startupTimeSeconds + # and fides.healthCheckTimeoutSeconds respectively. + # Uncomment to tune these. + # initialDelaySeconds: 30 + # periodSeconds: 60 + # timeoutSeconds: 5 + # failureThreshold: 3 workers: [] # Example worker override: # - name: other