Redesigning Kubelet Probes

This conference talk explores the redesign of Kubelet probes in Kubernetes, presented by Surya Seetharaman and Dan Winship from Red Hat. Discover how these diagnostic tools function for container health monitoring and lifecycle management in Kubernetes environments. Learn about the three probe types - Liveness, Readiness, and Startup - and understand their implementation through HTTP, TCP, and exec mechanisms. The presenters delve into significant security challenges affecting the current probe architecture, including SSRF vulnerabilities and NetworkPolicy complications. Examine proposed architectural improvements to the probe system that address these security implications. The presentation incorporates audience feedback to help shape potential solutions for a more secure and efficient probe implementation in Kubernetes.