Ruoxuan.Wang
Reputation: 319
Does k8s support https liveness and readness probe
My app based on express node framework and start with https cert. So does k8s support https liveness probe? Schema is HTTPS. I think the liveness probe is send request via IP address, not domain. So it seems HTTPS schema actually doesn't work.
livenessProbe:
httpGet:
path: /api/alive
port: 8433
scheme: HTTPS
Upvotes: 0
Views: 1136
Answers (1)
P Ekambaram
Reputation: 17623
yes, it does. Both "HTTP" and "HTTPS" are supported. see below sample
apiVersion: v1
kind: Pod
metadata:
labels:
test: liveness
name: liveness-http
spec:
containers:
- args:
- /server
image: k8s.gcr.io/liveness
livenessProbe:
httpGet:
# when "host" is not defined, "PodIP" will be used
# host: my-host
# when "scheme" is not defined, "HTTP" scheme will be used. Only "HTTP" and "HTTPS" are allowed
# scheme: HTTPS
path: /healthz
port: 8080
httpHeaders:
- name: X-Custom-Header
value: Awesome
initialDelaySeconds: 15
timeoutSeconds: 1
name: liveness
Note that If scheme field is set to HTTPS, the kubelet sends an HTTPS request to specified path (path: /healthz) and port (port: 8080 ) to perform the check skipping the certificate verification
Upvotes: 3
Related Questions
- Kubernetes liveness probe on a secure mTLS health check endpoint
- Does Kubernetes liveness probes support user authentication with PKIs?
- How to define k8s liveness probe and readness probe for worker pod
- Kubernetes https communication
- K8S Get deployment liveness probe status
- K8s Readiness Probes with HTTPS and Certificates
- Kubernetes http livenessProbe use https?
- k8s readiness probe - command with http get
- Does Liveness probe verify certificate if scheme is set to HTTPS in kubernetes?
- Liveness probe with http post