Kubernetes cluster health check has been triggered within the configured period
cs_kubernetes_cluster_check_recent
Alibaba Cloud Kubernetes Engine provides a cluster health check that validates node health and cluster configuration, including kubelet, docker daemon, kernel, and iptables settings. Running checks regularly ensures VPC/VSwitch, SLB, and ECS nodes function correctly. Consecutive failures generate diagnostic reports for corrective action.
Risk
Without regular cluster health checks, node failures, misconfigured network rules, or degraded components may go undetected, increasing the risk of cluster instability, service outages, and exploitable security vulnerabilities. Delayed detection of unhealthy nodes can impact the integrity and availability of workloads running on the cluster.
prowler alibabacloud --checks cs_kubernetes_cluster_check_recent
Recommendation
Trigger a cluster health check regularly within the configured period to ensure all nodes and system components are healthy. Use the Global Check feature in the ACK Console or the aliyun cs CLI to verify and trigger checks.
Remediation
aliyun cs GET /clusters/<cluster_id>/checks --header 'Content-Type=application/json'
- Log on to the ACK Console.
- Select the target cluster and open the More pop-menu for advanced options.
- Select Global Check and click the Start button to trigger the checking.
- Verify the checking time and details in Global Check.
- It is recommended to trigger cluster checks at least once within the configured period.
Source Code
Resource Type
ALIYUN::CS::ManagedKubernetesCluster