Bug 1128242

Summary: [RFE] Support authenticated urls for health checks
Product: OpenShift Container Platform Reporter: Eric Rich <erich>
Component: RFEAssignee: Derek Carr <decarr>
Status: CLOSED DEFERRED QA Contact: DeShuai Ma <dma>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.1.0CC: akostadi, bperkins, byount, erich, jokerman, libra-onpremise-devel, lmeyer, mmccomas, wsun
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-01-22 16:31:54 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1129405    

Description Eric Rich 2014-08-08 16:38:40 UTC 
Description of problem:

HAProxy to allow for http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#option httpchk to provide auth credentials to the endpoint its checking.

How reproducible: Very

Steps to Reproduce:
1. Complete https://www.openshift.com/kb/kb-e1044-how-to-redirect-traffic-to-https for a scaled application. 

Actual results:

HA-Proxy will not be able to access the / endpoint because it needs to authenticate. 

Expected results:

HAProxy should be able to be configured so that it could authentication with the / resource. 

Additional info:

Another way to resolve this issue is by having https://issues.jboss.org/browse/JBPAPP-11176 allow you to exclude endpoints.
Comment 2 Dan McPherson 2016-04-13 17:21:43 UTC 
For v3 this should apply to liveness and readiness checks.
Comment 3 Dan McPherson 2016-09-22 14:59:14 UTC 
*** Bug 1378496 has been marked as a duplicate of this bug. ***
Comment 7 Aleksandar Kostadinov 2017-08-31 17:56:05 UTC 
FYI also generating a basic auth header is possible. I'm using it in one deployment.