Can add a insecure port listen on local ip for healthcheck

[helinbo2015]

i have met a case that if etcd http(s) server has a insecure port, it may helps a lot.

1. In my kubernetes env(use kubelet's static pod to start master's components(include ETCD)), deployed ETCD with tls.
2. use kubelet's readinessprobe httpGet funciton to check the health status of ETCD on the same vm.
   the problem is: the readinessprobe httpGet function is not support https scheme, so this way is not work.

now, the workaround is: add a health check script(curl with tls) and tls files in the ETCD image, and use kubelet readinessprobe Cmd function to exec the health check script.
As you see, This is not a indirect way for ETCD component that supports REST API well.

[hexfusion]

now, the workaround is: add a health check script(curl with tls) and tls files in the ETCD image, and use kubelet readinessprobe Cmd function to exec the health check script.
As you see, This is not a indirect way for ETCD component that supports REST API well.

@helinbo2015 I am not sure if I am completely understanding your use case. But if you are deploying etcd in k8s using tls perhaps you should look at the way etcd-operator does this with secrets. Although this doesn't eliminate the "tls file" dependency perhaps it streamlines it when using curl with tls for your probe?

-HTH

https://github.com/coreos/etcd-operator/blob/master/doc/user/cluster_tls.md