HTTP2 - configuration #790
Comments
|
You need to enable TLS to get http2 :) |
|
I'm using ACME for getting SSL certificates, like this: Does it need any other setting? |
|
ping @emilevauge |
|
@f3l1x Did you run the test using http or https ? |
|
@trecloux Both. Any other tips? |
|
@f3l1x can you share your configuration ? |
defaultEntryPoints = ["http", "https"]
[entryPoints]
[entryPoints.http]
address = ":80"
compress = true
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[acme]
email = "email"
storage = "/path/to/acme.json"
entryPoint = "https"
[[acme.domains]]
main = "redmine.domain.tld"
sans = ["redmine.domain.tld"]
[file]
[backends]
[backends.redmine]
[backends.redmine.servers.node1]
url = "http://{IP}"
[frontends]
[frontends.redmine]
backend = "redmine"
passHostHeader = true
[frontends.redmine.routes.entry]
rule = "Host: redmine.domain.tld" |
|
Which version of traefik are you using ? |
|
@trecloux |
|
@f3l1x can you please try with v1.0.3 |
|
@emilevauge I tried to activate http2 logs with |
|
Thanks a lot @trecloux for investigating. I confirm that the issue comes from go 1.7 update:
When setting |
|
Fixed in #814 |
|
Confirmed: 1.1.0-rc4 works. Good job guys! |
|
Has anyone testing this with gRPC? I cannot proxy a gRPC backend and get the following error: Framer 0xc4200740d0: read DATA flags=END_STREAM stream=1 len=21 data="gRPC requires HTTP/2\n"This is because the backend is called with http version 1 When comparing a gRPC client connecting directly to the backend there is the following log difference backend side gRPC client -> gRPC backend gRPC client -> traefik -> gRPC backend The following pattern is commonly used to have an http endpoint that supports http V1 and gRPC func grpcHandlerFunc(rpcServer *grpc.Server, otherHandler http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.Printf("content-type header: %v, method: %v, proto-major: %v, content-type: %s", r.Header.Get("Content-Type"), r.Method, r.ProtoMajor, r.Header.Get("Content-Type"))
if r.ProtoMajor == 2 && (strings.Contains(r.Header.Get("Content-Type"), "application/grpc") || r.Method == "PRI") {
log.Printf("handling gRPC request")
rpcServer.ServeHTTP(w, r)
return
}
log.Printf("handling regular HTTP1.x/2 request")
otherHandler.ServeHTTP(w, r)
})
}This logic works with nghttpx proxy |
|
@andrewwebber I also couldn't get it to work with gRPC. My error was quite different though:
|
|
@johnbelamaric After some frustration I switched to Envoy and now run my gRPC containers on GKE behind Envoy as the load balancer. |
|
@andrewwebber Thanks, I'll check that out. |
|
I am facing a similar issue @andrewwebber @johnbelamaric . |
|
This looks related to possible hardcoding in oxy as reported here vulcand/oxy#52 |
|
I tried the above change however my error remains unchanged. |
{
"listeners": [
{
"port": 443,
"ssl_context": {
"alpn_protocols": "h2,http/1.1",
"cert_chain_file": "./keys/api_public_key",
"private_key_file": "./keys/api_private_key"
},
"filters": [
{
"type": "read",
"name": "http_connection_manager",
"config": {
"generate_request_id" : false,
"codec_type": "auto",
"stat_prefix": "ingress_http",
"access_log": [{
"path": "./envoy.txt",
"filter": {"type": "logical_and", "filters": [
{"type": "logical_or", "filters": [
{"type": "status_code", "op": ">=", "value": 200},
{"type": "status_code", "op": "=", "value": 0},
{"type": "duration", "op": ">=", "value": 2000},
{"type": "traceable_request"}
]
},
{"type": "not_healthcheck"}
]
}
}],
"route_config": {
"virtual_hosts": [
{
"name": "ingress_http",
"domains": ["*"],
"routes": [
{
"prefix": "/",
"cluster": "serviceGrpc"
}
]
}
]
},
"filters": [
{ "type": "decoder", "name": "buffer",
"config": {
"max_request_bytes": 5242880,
"max_request_time_s": 120
}
},
{
"type": "decoder",
"name": "router",
"config": {}
}
]
}
}
]
}
],
"admin": {
"access_log_path": "/dev/null",
"port": 8001
},
"cluster_manager": {
"clusters": [
{
"name": "serviceGrpc",
"connect_timeout_ms": 250,
"type": "strict_dns",
"lb_type": "round_robin",
"features": "http2",
"ssl_context": {
"alpn_protocols": "h2"
},
"hosts": [
{
"url": "tcp://originsinfo-apiserver-service:1984"
}
]
}
]
}
} |
|
any progress on this? It seems like the solution has been outlined by @andrewwebber very nicely |
|
I lost track, sorry. What's the designated solution? |
|
After digging into this, I didn't find any of the code samples alleviated the problem. It appears to be a std library error thrown while doing the initial... handshake? The http1 hardcoding in oxy isn't executed prior to this error stopping the request. I'll continue looking for when the error happens. |
|
To my mind, this is more an issue with GRPC, not http2. |
Could you please help me to setup up http2? Is there any special configuration for that? This tester (https://tools.keycdn.com/http2-test) told me it's not http2. Thank you for helping me.
The text was updated successfully, but these errors were encountered: