Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Amoro pod liveness check failed due to authenticate error #3446

Open
1 of 2 tasks
zhoujinsong opened this issue Feb 26, 2025 · 3 comments · May be fixed by #3465
Open
1 of 2 tasks

[Bug]: Amoro pod liveness check failed due to authenticate error #3446

zhoujinsong opened this issue Feb 26, 2025 · 3 comments · May be fixed by #3465
Labels
type:bug Something isn't working

Comments

@zhoujinsong
Copy link
Contributor

What happened?

The liveness check for the amoro pod has failed while AMS ran normally.

Affects Versions

master

What table formats are you seeing the problem on?

No response

What engines are you seeing the problem on?

AMS

How to reproduce

  • Deploy Amoro in the K8S environment with charts template from GitHub repo

Relevant log output



Anything else


No response


Are you willing to submit a PR?


    

  •  Yes I am willing to submit a PR!
    • 



Code of Conduct


    

  •  I agree to follow this project's Code of Conduct
    • 


      		
    

      
  





        



            

              
            

        

      


      
    








      

    



      

  
            

    

      
    

    


      

          @zhoujinsong
zhoujinsong




          added
  the 

  type:bug

  Something isn't working
 label


      Feb 26, 2025

    

  








      

  
      



  

  @Marvel-Gu





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
    Contributor


      

  


  

    

  





      


        


  
    

      
          
I have some ideas:


    

  1. Modify the preHandleRequest method or needApiKeyCheck method in DashboardServer.java to ensure that the health check endpoint completely bypasses authentication
    2. 

  2. Modify amoro-deployment.yaml and add a request header with name: X-Request-Source, value: Web to bypass authentication (but it is unreasonable from a design logic point of view)
    3. 

  3. Modify amoro-deployment.yaml and add query parameters to provide API key and signature, but signature will change over time, so it is more difficult to handle.
    
So the first solution is simple and practical, do you think there is any problem?
    4. 


      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
      



  

  @zhoujinsong





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
    Contributor


      

  Author


  


  

    

  





      


        


  
    

      
          
Yes, I prefer the first solution, AMS should keep a global white list for all kinds of requests and keep an addition one for specific kinds of requests if needed.

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
      



  

  @Marvel-Gu





  


    

      

  

    

        
    
    

  


      
          
  
      
            Copy link

  

      
    

  


  

      

  
    Contributor


      

  


  

    

  





      


        


  
    

      
          
I will work on it

      		
    

  





        


            

            

              
            

        

      


      

            
  

    
  
    
    

  

  



    












      

  
          

  

    
  


  

      

    @Marvel-Gu
Marvel-Gu



    linked a pull request
    
      Mar 12, 2025
    

    that will
    close
    this issue





  


  

      
   Open

  





  
  

      
        
      
      

  
    
    
  


    3 tasks
  





  













  
  

    

      

  





  




  
  

              

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



  






  
                  




    

  


      
  

    Assignees
  



        

    No one assigned







      


  


  

    Labels
  



    

      

    type:bug

  Something isn't working








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    

      
        

          
    

    Development
  




            
  
Successfully merging a pull request may close this issue.





    


  
          
      [AMORO-3446] Fix Amoro pod liveness check failed due to authenticate error

    
      Marvel-Gu/amoro
    





      
    

  




      

    

  
      

  

    

      2 participants
    

    

        
          @zhoujinsong 
        
          @Marvel-Gu