早上好。我有一台要在Google Kubernetes Engine上使用的GRPC服务器。我的集群已经安装了nginx-ingress控制器,目前正在使用它来提供http / https流量。这是我尝试用来托管GRPC服务器的入口资源:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: grpc-ingress-nginx
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/grpc-backend: "true"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
namespace: default
spec:
tls:
- hosts:
- bar.foo.com
secretName: reploy-tls
rules:
- host: bar.foo.com
http:
paths:
- backend:
serviceName: bar-backend-service
servicePort: 50051
这是该应用程序的服务/部署:
apiVersion: v1
kind: Service
metadata:
name: bar-backend-service
namespace: default
spec:
selector:
app: bar-backend-app
ports:
- port: 50051
targetPort: 50051
name: grpc
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: bar-backend
labels:
app: bar-backend-app
namespace: default
spec:
replicas: 1
template:
metadata:
labels:
app: bar-backend-app
spec:
containers:
- name: bar-backend-image
image: gcr.io/himank-jay/bar-backend-image:TAG
ports:
- containerPort: 50051
name: grpc
运行grpc_cli ls bar.foo.com:443(使用grpc_cli)时,出现以下错误:
{"created":"@1580833741.460274000","description":"Error received from peer ipv4:x.x.x.x:x","file":"src/core/lib/surface/call.cc","file_line":1055,"grpc_message":"Socket closed","grpc_status":14}
nginx-controller中的错误如下:
x.x.x.x - - [04/Feb/2020:16:28:46 +0000] "PRI * HTTP/2.0" 400 157 "-" "-" 0 0.020 [] [] - - - - xxxxx
这里有什么问题的想法吗?或对如何进行调试有任何想法?
答案 0 :(得分:1)
服务器正在提供HTTP / 1.x,而不是gRPC所需的HTTP / 2。
您可以尝试将以下注释添加到Ingress配置
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
...如here所述。
还值得检查nginx configuration中的use-http2标志(默认情况下应启用true)。
编辑,关于新错误:
PRI * HTTP/2.0是所谓的HTTP/2 Connection Preface-协商HTTP / 2的一部分。似乎仍未为HTTP / 2配置nginx。