New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Endpoint for health checks #3945
Comments
Kubernetes uses default API port as liveness probe. See https://github.com/kubernetes/dashboard/blob/master/aio/deploy/recommended.yaml#L209 I don't really understand your use case. Simple check if API is alive should be enough. |
@floreks
This way I'm unable to use liveness probe:
|
I think you are using some custom Dashboard deployment with your own sidecar container. If you choose not to expose Dashboard on Personally, I'd prefer to use network policies to allow only certain services access to Dashboard and expose it normally on |
I see, thanks for reply |
What would you like to be added
Why is this needed
In order to protect Dashboard from unauthorised access I want to use a sidecar auth proxy. But with current options I have to either bind to 127.0.0.1 address (liveness probe can't be invoked in this case) or expose unauthorised endpoint on 0.0.0.0 (making it possible to bypass proxy).
Comments
Maybe there's another way to make port reachable for health checks only?
The text was updated successfully, but these errors were encountered: