Skip to content

fix: modified container healthcheck to support custom port via -port/--port flag#3789

Merged
iwankgb merged 8 commits intogoogle:masterfrom
dylandacosta8:healthcheck-url-non-default-port
Jan 8, 2026
Merged

fix: modified container healthcheck to support custom port via -port/--port flag#3789
iwankgb merged 8 commits intogoogle:masterfrom
dylandacosta8:healthcheck-url-non-default-port

Conversation

@dylandacosta8
Copy link
Contributor

@dylandacosta8 dylandacosta8 commented Dec 14, 2025

Problem Statement

The Dockerfile currently has a static healthcheck URL (http://localhost:8080/healthz) that doesn't adapt when users specify a different port using the -port flag. This causes healthchecks to fail when running cAdvisor on non-default ports.

Related Issues

Fixes #3618

Root Cause

Environment variables set in the entrypoint script don't persist for HEALTHCHECK commands because they run in separate process contexts. Docker doesn't share the entrypoint's environment with the healthcheck process.

Proposed Solution

Implemented a dedicated healthcheck script that:

  1. Reads the cadvisor process command line from /proc/1/cmdline
  2. Parses the -port flag to extract the actual port
  3. Performs the healthcheck on the correct port
  4. Falls back to 8080 if no custom port is specified

This approach works because Docker healthchecks run inside the container and can access the process information.

Breaking Changes

None - fully backward compatible

Test Case 1: Default Port (8080)

docker build -f deploy/Dockerfile -t cadvisor-test .
docker run -d --name cadvisor-default cadvisor-test
sleep 35
docker inspect cadvisor-custom --format='{{json .State.Health.Status}}' # Should show "healthy"

Test Case 2: Custom Port (9090)

docker run -d --name cadvisor-custom -p 9090:9090 cadvisor-test -port=9090
sleep 35
docker inspect cadvisor-custom --format='{{json .State.Health.Status}}' # Should show "healthy"

Test Case 3: Verify Healthcheck Logic

docker exec cadvisor-custom cat /proc/1/cmdline | tr '\0' '\n'  # Should show -port=9090
docker exec cadvisor-custom ./usr/bin/healthcheck.sh  #Should exit with status 1

Note:

Individual CLA submitted

@dylandacosta8
Add entrypoint wrapper to preserve -logtostderr flag
f49d061 
Introduce entrypoint.sh to maintain the existing -logtostderr
behavior while allowing for future healthcheck enhancements.
@dylandacosta8
Fix healthcheck to respect custom port flag
bc232ad 
The Dockerfile healthcheck was using a static port (8080) which
caused healthcheck failures when cAdvisor was started with a
custom port using the -port flag.

This change introduces a healthcheck script that:
- Reads the cadvisor process command line from /proc
- Dynamically extracts the port from the -port flag
- Allows the healthcheck to use the correct port automatically
- Preserves the existing -logtostderr behavior

Fixes google#3618
@dylandacosta8
Add EXPOSE 8080 to document default port
74e259c 
Documents the default port and enables automatic port mapping.
Users can override with -port flag and custom -p mapping.
@dylandacosta8 dylandacosta8 marked this pull request as draft December 14, 2025 21:27
@dylandacosta8 dylandacosta8 marked this pull request as ready for review December 14, 2025 21:32
@dylandacosta8
Copy link
Contributor Author

dylandacosta8 commented Dec 16, 2025

Added the required boilerplate to the shell scripts

@dylandacosta8 dylandacosta8 changed the title Fix: Healthcheck to support custom port via -port flag fix: modified healthcheck to support custom port via -port/--port flag Dec 16, 2025
@dylandacosta8 dylandacosta8 changed the title fix: modified healthcheck to support custom port via -port/--port flag fix: modified container healthcheck to support custom port via -port/--port flag Dec 16, 2025
@dylandacosta8 dylandacosta8 mentioned this pull request Dec 16, 2025
Closed
@dylandacosta8
Copy link
Contributor Author

dylandacosta8 commented Dec 22, 2025

Hey, could a maintainer help me understand if any changes are required here?

@iwankgb
Copy link
Collaborator

iwankgb commented Jan 8, 2026

Closing just to reopen (I hope to have security scan run successfully).

@iwankgb iwankgb closed this Jan 8, 2026
@iwankgb iwankgb reopened this Jan 8, 2026
@iwankgb iwankgb added this pull request to the merge queue Jan 8, 2026
Merged via the queue into google:master with commit 8235739 Jan 8, 2026
22 of 23 checks passed
@dylandacosta8
Copy link
Contributor Author

dylandacosta8 commented Jan 8, 2026

Thanks @iwankgb. The CADVISOR_HEALTHCHECK_URL envVar should be obsolete with the next release

@lev-blit
Copy link

lev-blit commented Jan 28, 2026

can something be done, like this, to also support url_base_prefix?

@mtracz
Copy link

mtracz commented Feb 2, 2026

The CADVISOR_HEALTHCHECK_URL envVar should be obsolete with the next release

But now when url_base_prefix is defined, the healthcheck will fail, because there is no way to pass this prefix to healthcheck.sh.

@lev-blit
The easiest way is to redefine healthcheck, as shown here: #3822 (comment)

@mtracz mtracz mentioned this pull request Feb 2, 2026
Open
@dylandacosta8 dylandacosta8 mentioned this pull request Feb 2, 2026
Open
@ngc7293 ngc7293 mentioned this pull request Feb 3, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@iwankgb iwankgb iwankgb approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

cadvisor dockerfile healthchecks do not utilize correct port if --port command is used to change from default 8080

4 participants

@dylandacosta8 @iwankgb @lev-blit @mtracz