When using it with linkerd, it will be not compatible with deny mode or all-authenticated ("Note that while Linkerd does zero-config mutual TLS, it cannot decrypt TLS connections initiated by the outside world. For example, if you have a TLS connection from outside the cluster, or if your application does HTTP/2 plus TLS, Linkerd will treat these connections as raw TCP streams. To take advantage of Linkerd’s full array of L7 features, communication between meshed pods must be TLS’d by Linkerd, not by the application itself.")
Is it possible you add possibility to put probes into HTTP scheme?
Hello,
This helm chart forces to use HTTPS scheme for liveness and readyness probes (https://github.com/cloudnative-pg/charts/blob/main/charts/cloudnative-pg/templates/deployment.yaml#L84 and L100)
When using it with linkerd, it will be not compatible with deny mode or all-authenticated ("Note that while Linkerd does zero-config mutual TLS, it cannot decrypt TLS connections initiated by the outside world. For example, if you have a TLS connection from outside the cluster, or if your application does HTTP/2 plus TLS, Linkerd will treat these connections as raw TCP streams. To take advantage of Linkerd’s full array of L7 features, communication between meshed pods must be TLS’d by Linkerd, not by the application itself.")
Is it possible you add possibility to put probes into HTTP scheme?
Thanks a lot in advance,
Sincerely yours,
FP