Service health checks - the right way to build them

Service health checks are ubiquitous. If you have built any software that relies upon any upstream service, I am sure you would have used some form of health check. Your software could be a stand alone program or it could be a proxy. You may also have built and exposed a service that is used as an upstream service by another software.

The worst way to perform health check is to pull a resource (like GET /hc.html, if your service is exposed as a HTTP service) or perform a TCP connect check in the same port where data is served. These are checks I call as in-band health checksPlease don't do these.

Based on my experience, the best way to expose health checks is by using an out-of-band mechanism. This means that you expose another port for performing health check. The client can perform a HTTP check or TCP check in the health check port. As a convenience, if you expose health check as HTTP service in health check port, you can consolidate multiple health checks like: GET /healthcheck/port1, GET /healthcheck/port2, etc.

One convention that could be used is to use a fixed offset port as control port for any data port. For instance, 80's control port is 81 and 443's control port is 444. Or 80's control port is 8080, and 443's control port is 8443. So when you need to decide if the service is up/down, you can check the control port. 

Now let me explain what is the benefit of the out-of-band health checks. If you would like to take the service down gracefully for maintenance, all that you have to do is to fail health checks for that port (GET /healthcheck/port1 returns a 4xx) or stop listening in the health check port. This will not impact any of the on-going requests. You can gracefully close the connections after serving the requests or after a period of idle time. This will enable you to perform scheduled maintenance like a champ without impacting any client traffic at all. Having zero impact to any client traffic should be your number one goal, when performing scheduled maintenance.

Comments

slot joker asia link alternatif said…
This comment has been removed by a blog administrator.
4/29/2022 01:05:00 AM
Post a Comment

Popular posts from this blog

Gotchas with DBCP

I had to make use of DB connection pool in one of the applications that I was implementing. Since I am new to Java, everyone in the team was suggesting why don't you make use of Commons DBCP. Being a fan of reuse, I decided to make use of DBCP and started reading about the parameters that are exposed so that I can customize DBCP to fit my needs. While reading through the available configuration parameters , I was thinking, "I don't need to check the connection to be bad on every borrow or return. It is sufficient if I check for being bad only when the connection is sitting idle in the pool." So I set the testWhileIdle to be true and set the validationQuery to be "SELECT 1 FROM DUAL". I was thinking that the configuration that I had was the optimal for the situation in hand. But one thing I overlooked was, the default value for the testOnBorrow is true. So the moment you set the validationQuery to be any non-null value, every connection you borrow from the po
Read more

A note on Java's Calendar set() method

Remember that the Calendar's internal fields include year, month, date, hour, minutes, seconds, milliseconds and time zone. Whenever you are calling a set() method with multiple fields, like set(year, month, date), it will not affect the rest of the fields. Remember that there is no set() method with multiple fields available to set the milliseconds. If you would like to set the milliseconds, you must use set(Calendar.MILLISECOND, value). Likewise, if you are planning to set all the fields, its a good idea to reset all the fields using clear() method. This will clear milliseconds as well. Most of the times, millisecond field may not be of interest to you. But if you are going to use the UTC milliseconds, by calling getTimeInMillis(), then make sure you set the right values for milliseconds as well.
Read more

The mysterious ORA-03111 error

Recently one of the applications that I developed started throwing exceptions, that had the following message: SQL state [72000]; error code [1013]; ORA-03111: break received on communication channel When I googled around, I couldn't come across anything useful. Sadly enough most of the sites just showed the documentation for that error, without any explanation from anyone experiencing that issues. So here you go, with the best possible explanation that I could come up with. My application sets two things on the connection that is throwing this exception: It sets the fetchSize to be 2500 rows It sets the query timeout to be 10 seconds The database server and the application are separated over a long latency network (actually there is a NetEm box that emulates the long latency between these two boxes) which has a latency characteristic of 50+/-5 milliseconds. This is the whole setup. It is important to understand how the timeout is handled by the Oracle client (in my case JDBC clien
Read more