Add health probes to GRPC servers validating network access

[aledbf]

Description

Running registry-facade without probes could lead to workspace issues during the start phase. In particular with requests downloading images.
The new probes ensure we can resolve DNS queries and at least we have access to the static layers defined in the configuration to avoid such issues.

How to test

Registry facade should start without any issues.

Release Notes

[registry-facade] Add health probes to validate network access

Documentation

[codecov]

Codecov Report

Merging #8777 (b96ab58) into main (55b3ec2) will increase coverage by 3.22%.
The diff coverage is n/a.

❗ Current head b96ab58 differs from pull request most recent head f1d31be. Consider uploading reports for the commit f1d31be to get more accurate results

@@            Coverage Diff             @@
##             main    #8777      +/-   ##
==========================================
+ Coverage   11.17%   14.40%   +3.22%     
==========================================
  Files          18       51      +33     
  Lines         993     4900    +3907     
==========================================
+ Hits          111      706     +595     
- Misses        880     4124    +3244     
- Partials        2       70      +68     

Flag	Coverage Δ
components-gitpod-cli-app	11.17% <ø> (ø)
components-ws-daemon-app	20.33% <ø> (?)
components-ws-daemon-lib	20.33% <ø> (?)
install-installer-raw-app	4.27% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
components/ws-daemon/pkg/quota/size.go	87.30% <0.00%> (ø)
install/installer/pkg/common/display.go	0.00% <0.00%> (ø)
...l/installer/pkg/components/ws-manager/configmap.go	23.75% <0.00%> (ø)
...l/installer/pkg/components/ws-manager/tlssecret.go	0.00% <0.00%> (ø)
components/ws-daemon/pkg/daemon/markunmount.go	0.00% <0.00%> (ø)
...nstall/installer/pkg/components/ws-manager/role.go	0.00% <0.00%> (ø)
components/ws-daemon/pkg/content/service.go	0.00% <0.00%> (ø)
components/ws-daemon/pkg/cpulimit/cfs.go	30.52% <0.00%> (ø)
...staller/pkg/components/ws-manager/networkpolicy.go	0.00% <0.00%> (ø)
install/installer/pkg/common/ca.go	0.00% <0.00%> (ø)
... and 23 more

📣 Codecov can now indicate which changes are the most critical in Pull Requests. Learn more

[aledbf]

Logs:

{"level":"info","message":"creating DNS check for host eu.gcr.io","serviceContext":{"service":"registry-facade","version":"commit-541d8dcad0cf495d8bf946bcd24d27efc3be4685"},"severity":"INFO","time":"2022-03-13T16:30:17Z"}
{"level":"info","message":"creating network check using URL http://eu.gcr.io/gitpod-core-dev/build/supervisor:commit-4f1c3922b4ad71b6601382068b8a33d9b7cb2f2b","serviceContext":{"service":"registry-facade","version":"commit-541d8dcad0cf495d8bf946bcd24d27efc3be4685"},"severity":"INFO","time":"2022-03-13T16:30:17Z"}
{"level":"info","message":"creating network check using URL http://eu.gcr.io/gitpod-core-dev/build/supervisor:commit-4f1c3922b4ad71b6601382068b8a33d9b7cb2f2b","serviceContext":{"service":"registry-facade","version":"commit-541d8dcad0cf495d8bf946bcd24d27efc3be4685"},"severity":"INFO","time":"2022-03-13T16:30:17Z"}

[aledbf]

/hold

we need to ensure the postStart waits for the readinessCheck

[kylos101]

LGTM

Leaving the hold, as we still need to determine why we're having trouble with image pulls in core-dev

[aledbf]

/werft run

[kylos101]

LGTM opens workspaces now, woot! Removing hold.

/unhold

[csweichel]

Great change - it's surprising how long we got by without this.

[csweichel]

Do we really want blobserve to go down if we can no longer reach those? Chances are things are cached and blobserve would just keep functioning.

[aledbf]

Sure, we can remove those. Now, How do we know there's an error in blobserve without a restart?

[csweichel]

We would want to add metrics/alerts for the error cases we know.

[csweichel]

Awesome. Thank you for this change.