如何在Kubernetes的HTTP活动探针中使用基本身份验证? [英] How to use basic authentication in a HTTP liveness probe in Kubernetes?

问题描述

我有一个Docker容器，该容器公开了受基本身份验证保护的运行状况检查.我已经在此处阅读了有关活动性探针的文档，但是我找不到有关如何指定基本身份验证凭据的任何详细信息. Kubernetes不支持吗?有什么解决方法吗?

I have a Docker container that expose a health check that is protected by a basic authentication. I've read the documentation on liveness probes here but I cannot find any details of how to specify basic auth credentials. Is this not supported by Kubernetes? Are there any workarounds?

推荐答案

现在可以为活动性探针添加标头:

It is now possible to add headers for liveness probes:

livenessProbe:
  httpGet:
    path: /healthz
    port: 8080
    httpHeaders:
      - name: Authorization
        value: Basic aGE6aGE=

可能值得注意的是:

如果浏览器使用Aladdin作为用户名，使用OpenSesame作为用户名 密码，则该字段的值是 阿拉丁:OpenSesame或QWxhZGRpbjpPcGVuU2VzYW11l.然后 授权标题将显示为:

if the browser uses Aladdin as the username and OpenSesame as the password, then the field's value is the base64-encoding of Aladdin:OpenSesame, or QWxhZGRpbjpPcGVuU2VzYW1l. Then the Authorization header will appear as:

授权:基本的QWxhZGRpbjpPcGVuU2VzYW1l

Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l

来源: https://en.wikipedia.org/wiki/Basic_access_authentication

您可以在外壳程序中使用命令base64创建此字符串:

You can use the command base64 in your shell to create this string:

echo -n "Aladdin:OpenSesame" | base64

这篇关于如何在Kubernetes的HTTP活动探针中使用基本身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！