https://pulumi.com logo
#kubernetes
Title
# kubernetes
a

ancient-megabyte-79588

05/10/2021, 8:29 PM
Hello peeps.. I just posted this to twitter and wanted to also ask here...
Twitter peeps, I need help.
I have an http://ASP.NET Core Host serving gRPC endpoints up. This host is hosted in Kubernetes behind a nginx-ingress-controller. Ingress Controller terminates HTTPS. For the life of me, I cannot get to the gRPC service endpoints.
I'm hoping to find someone whom I can talk to, or point me at examples. My google-foo for this is failing terribly.
Thanks in advance.
b

billowy-army-68599

05/10/2021, 8:31 PM
Did you annotate the service with the backend protocol annotation?
a

ancient-megabyte-79588

05/10/2021, 8:32 PM
Copy code
{name: "DOTNET_SYSTEM_NET_HTTP_SOCKETSHTTPHANDLER_HTTP2UNENCRYPTEDSUPPORT", value: "true"},
Hold on.. there is more
Copy code
apps.push(new appInstruction.AppIngressInstructions(`releases-api`, env, 80, true, { "<http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>": "GRPC" }));
important part is the additional annotation
{ "<http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>": "GRPC" }
b

billowy-army-68599

05/10/2021, 8:34 PM
Okay, is the ingress serving correctly (ie if you use grpccurl does it work
a

ancient-megabyte-79588

05/10/2021, 8:34 PM
I did not annotate the actual
service
resource.. that annotation above is for nginx ingress rules
b

billowy-army-68599

05/10/2021, 8:36 PM
What exactly isn’t working
?
a

ancient-megabyte-79588

05/10/2021, 8:37 PM
I am trying to use
grpcui
to connect, and I'm not able to connected to the services
I haven't tried a
grpccurl
test yet
when I use
grpcui
against a version of the service running in Visual Studio on localhost, I can connect and invoke methods on the service
I feel it is best to present my basic steps. Hopefully, that is more informative. 1. Create ASP.NET Core GRPC Service. Leave the default greet.proto file in place. https://docs.microsoft.com/en-us/aspnet/core/tutorials/grpc/grpc-start?view=aspnetcore-5.0&amp;tabs=visual-studio 2.
Install-Package Grpc.AspNetCore.Server.Reflection
3. Add
services.AddGrpcReflection();
and
endpoints.MapGrpcReflectionService();
to Startup.cs 4. Run app in Visual Studio 5. Test with
grpcurl -d '{ \"name\": \"Say Hello\" }' localhost:5001 greet.Greeter/SayHello
Successful response 6. Build and deploy docker image via AzDO Pipelines to private Azure ACR 7. Env var on container
spec
in pulumi app a.
{ name: "ASPNETCORE_ENVIRONMENT", value: "Development" },
b.
{ name: "DOTNET_SYSTEM_NET_HTTP_SOCKETSHTTPHANDLER_HTTP2UNENCRYPTEDSUPPORT", value: "true" },
c.
{ name: "ASPNETCORE_URLS", value: "http://+:5000" },
8. ports on
Service
resource in pulumi app d.
ports: [{ port: 5000, targetPort: 5000, protocol: consts.tcpTransport }]
9.
Ingress
resource created in pulumi app with e.
<http://nginx.ingress.kubernetes.io/backend-protocol|nginx.ingress.kubernetes.io/backend-protocol>: GRPCS
annotation 10.
grpcurl -plaintext -d '{ \"name\": \"Say Hello\" }' <pod-ip>:5000 greet.Greeter/SayHello
succeeds (going directly to pod via Azure CNI networking) 11. Port-foward pod to local host via k9s 12.
grpcurl -plaintext -d '{ \"name\": \"Say Hello\" }' localhost:8090 greet.Greeter/SayHello
succeeds 13.
grpcurl -d '{ \"name\": \"Say Hello\" }' <public-dns-entry>:443 greet.Greeter/SayHello
fails f. Failed to dial target host "<public-dns-entry>:443": context deadline exceeded 14. nginx-ingress-controller pod logs following 4 attempts g. *<inbound IP Address> - - [11/May/20211303:04 +0000] "PRI * HTTP/2.0" 400 157 "-" "-" "-"* 15.
grpcurl -d '{ \"name\": \"Say Hello\" }' <public-dns-entry>:80 greet.Greeter/SayHello
fails h. Failed to dial target host "<public-dns-entry>:80": tls: first record does not look like a TLS handshake i. no logs to ingress-controller pod 16.
grpcurl -d '{ \"name\": \"Say Hello\" }' <public-dns-entry>:5000 greet.Greeter/SayHello
fails j. Failed to dial target host "<public-dns-entry>:5000": context deadline exceeded k. no logs to ingress-controller pod
7 Views