如何在Kubernetes的HTTP活动探针中使用基本身份验证? [英] How to use basic authentication in a HTTP liveness probe in Kubernetes?
问题描述
我有一个Docker容器,该容器公开了受基本身份验证保护的运行状况检查.我已经在此处阅读了有关活动性探针的文档,但是我找不到有关如何指定基本身份验证凭据的任何详细信息. Kubernetes不支持吗?有什么解决方法吗?
I have a Docker container that expose a health check that is protected by a basic authentication. I've read the documentation on liveness probes here but I cannot find any details of how to specify basic auth credentials. Is this not supported by Kubernetes? Are there any workarounds?
推荐答案
现在可以为活动性探针添加标头:
It is now possible to add headers for liveness probes:
livenessProbe:
httpGet:
path: /healthz
port: 8080
httpHeaders:
- name: Authorization
value: Basic aGE6aGE=
可能值得注意的是:
如果浏览器使用Aladdin作为用户名,使用OpenSesame作为用户名 密码,则该字段的值是 阿拉丁:OpenSesame或QWxhZGRpbjpPcGVuU2VzYW11l.然后 授权标题将显示为:
if the browser uses Aladdin as the username and OpenSesame as the password, then the field's value is the base64-encoding of Aladdin:OpenSesame, or QWxhZGRpbjpPcGVuU2VzYW1l. Then the Authorization header will appear as:
授权:基本的QWxhZGRpbjpPcGVuU2VzYW1l
Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l
来源: https://en.wikipedia.org/wiki/Basic_access_authentication
您可以在外壳程序中使用命令base64
创建此字符串:
You can use the command base64
in your shell to create this string:
echo -n "Aladdin:OpenSesame" | base64
这篇关于如何在Kubernetes的HTTP活动探针中使用基本身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!