New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exposing hubble-ui behind Contour/Envoy ingress leads to unsupported HTTP/2 protocol preface requests #452
Comments
Not sure if these logs would help, but here are the debug logs from the envoy reverse-proxy managed by Contour. You might notice that the request is received as HTTP plain-text, that's because this envoy is exposed behind an AWS NLB that is handling the TLS termination. IMHO the most interesting log line is:
|
Fix for this is in #590, can this issue be closed? |
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi.
Using helm chart 1.12.7
I've exposed Hubble-UI through an ingress managed by Contour. I've exposed the path
/api/
through a service configured withh2c
protocol since these requests are HTTP/2 based.Unfortunately, this does not work since, as far as I understand, configuring Contour to use gRPC requests leads to its reverse-proxy, envoy, to check if the upstream server (hubble-ui is this case) is talking HTTP/2 protocol with these requests:
Hubble-UI does not like those requests and envoy is failing to start forwarding requests from
/api/
to hubble-ui. A solution might be to stop envoy from sending those "probes" but it looks like it is not yet implemented. On the other hand, it looks like any HTTP/2 server should implement a response to thePRI
verb.Here is the ingress I'm using :
along with those two services:
The text was updated successfully, but these errors were encountered: