ancient-megabyte-79588
05/10/2021, 8:29 PMTwitter peeps, I need help.
I have an http://ASP.NET Core Host serving gRPC endpoints up. This host is hosted in Kubernetes behind a nginx-ingress-controller. Ingress Controller terminates HTTPS. For the life of me, I cannot get to the gRPC service endpoints.
I'm hoping to find someone whom I can talk to, or point me at examples. My google-foo for this is failing terribly.
Thanks in advance.
billowy-army-68599
ancient-megabyte-79588
05/10/2021, 8:32 PM{name: "DOTNET_SYSTEM_NET_HTTP_SOCKETSHTTPHANDLER_HTTP2UNENCRYPTEDSUPPORT", value: "true"},
apps.push(new appInstruction.AppIngressInstructions(`releases-api`, env, 80, true, { "<http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>": "GRPC" }));
{ "<http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>": "GRPC" }
billowy-army-68599
ancient-megabyte-79588
05/10/2021, 8:34 PMservice
resource.. that annotation above is for nginx ingress rulesbillowy-army-68599
ancient-megabyte-79588
05/10/2021, 8:37 PMgrpcui
to connect, and I'm not able to connected to the servicesgrpccurl
test yetgrpcui
against a version of the service running in Visual Studio on localhost, I can connect and invoke methods on the serviceInstall-Package Grpc.AspNetCore.Server.Reflection
3. Add services.AddGrpcReflection();
and endpoints.MapGrpcReflectionService();
to Startup.cs
4. Run app in Visual Studio
5. Test with grpcurl -d '{ \"name\": \"Say Hello\" }' localhost:5001 greet.Greeter/SayHello
Successful response
6. Build and deploy docker image via AzDO Pipelines to private Azure ACR
7. Env var on container spec
in pulumi app
a. { name: "ASPNETCORE_ENVIRONMENT", value: "Development" },
b. { name: "DOTNET_SYSTEM_NET_HTTP_SOCKETSHTTPHANDLER_HTTP2UNENCRYPTEDSUPPORT", value: "true" },
c. { name: "ASPNETCORE_URLS", value: "http://+:5000" },
8. ports on Service
resource in pulumi app
d. ports: [{ port: 5000, targetPort: 5000, protocol: consts.tcpTransport }]
9. Ingress
resource created in pulumi app with
e. <http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>: GRPCS
annotation
10. grpcurl -plaintext -d '{ \"name\": \"Say Hello\" }' <pod-ip>:5000 greet.Greeter/SayHello
succeeds (going directly to pod via Azure CNI networking)
11. Port-foward pod to local host via k9s
12. grpcurl -plaintext -d '{ \"name\": \"Say Hello\" }' localhost:8090 greet.Greeter/SayHello
succeeds
13. grpcurl -d '{ \"name\": \"Say Hello\" }' <public-dns-entry>:443 greet.Greeter/SayHello
fails
f. Failed to dial target host "<public-dns-entry>:443": context deadline exceeded
14. nginx-ingress-controller pod logs following 4 attempts
g. *<inbound IP Address> - - [11/May/20211303:04 +0000] "PRI * HTTP/2.0" 400 157 "-" "-" "-"*
15. grpcurl -d '{ \"name\": \"Say Hello\" }' <public-dns-entry>:80 greet.Greeter/SayHello
fails
h. Failed to dial target host "<public-dns-entry>:80": tls: first record does not look like a TLS handshake
i. no logs to ingress-controller pod
16. grpcurl -d '{ \"name\": \"Say Hello\" }' <public-dns-entry>:5000 greet.Greeter/SayHello
fails
j. Failed to dial target host "<public-dns-entry>:5000": context deadline exceeded
k. no logs to ingress-controller pod