Dan Radoaica created IGNITE-28234:
-------------------------------------
Summary: Provide an unauthenticated health check endpoint for
Kubernetes probes in Ignite 3
Key: IGNITE-28234
URL: https://issues.apache.org/jira/browse/IGNITE-28234
Project: Ignite
Issue Type: Improvement
Components: rest ai3
Affects Versions: 3.1
Environment: is described here:
[https://github.com/dradoaica/helm-charts/blob/main/DEV_NOTES.md]
Reporter: Dan Radoaica
First, thank you for the product and your hard work!
Secondly, setting up Kubernetes probes with authentication enabled requires
using the `/management/v1/node/state` endpoint and injecting Basic Auth
credentials directly into the STS:
[https://github.com/dradoaica/helm-charts/blob/main/charts/ignite-3/templates/stateful-set.yaml].
Health endpoints should be unauthenticated and lightweight by design. Forcing
credentials into probe configurations adds unnecessary friction. This same
issue occurred in Apache Ignite 2 also, the health check initially required
authentication, but it was subsequently removed for this exact reason to better
support container orchestration.
Please remove authentication from the current `/management/v1/node/state`
endpoint, or provide a dedicated, unauthenticated health check endpoint (e.g.,
`/management/v1/node/probe`) for Ignite 3.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
