fb36579e16
The existing exec probes for apiserver rely on things that do not exist in the official kubernetes release images (bash, socat). This change modifies the apiserver to use HTTP probes of the recommended liveness and readiness endpoints.[0] Also sets `--anonymous-auth=true` (the default setting), as kubelet is unable to provide a client certificate when performing the health check. RBAC rules apply, but unauthenticated users will be able to access the following endpoints: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: system:public-info-viewer rules: - nonResourceURLs: - /healthz - /livez - /readyz - /version - /version/ verbs: - get 0: https://v1-18.docs.kubernetes.io/docs/reference/using-api/health-checks/ Change-Id: I06d739c844fe85ec6cbf47d3bb69a39cd008ddd8 |
||
---|---|---|
.. | ||
templates | ||
Chart.yaml | ||
requirements.yaml | ||
values.yaml |