copilot-cli icon indicating copy to clipboard operation
copilot-cli copied to clipboard
verified publisher icon aws

Load balancer http version

Open afgallo opened this issue 2 years ago • 4 comments

It seems that I cannot really use http.version equals http2 as I get the error below when deploying my Load Balance Web Service:

  • An HTTP listener rule for forwarding HTTP traffic to your tasks [delete complete] [149.4s] Internal error reported from downstream service during operation 'List
    ener protocol 'HTTP' is not supported with a target group with the pro
    tocol-version 'HTTP2' (Service: ElasticLoadBalancingV2, Status Code: 4
    00, Request ID: db3f815d-17e3-424b-ad0d-4bb17f0ce872, Extended Request
    ID: null)'.

This is my service manifest file:

http:
  stickiness: false
  redirect_to_https: false
  version: http2
  path: '/'
  healthcheck:
    path: '/hc'
    success_codes: '200'
    healthy_threshold: 3
    unhealthy_threshold: 3
    interval: 10s
    timeout: 3s

image:
  build: Dockerfile
  port: 3001
  healthcheck:
    command: ['CMD-SHELL', 'curl -f http://localhost:3001/hc || exit 1']
    interval: 5s
    retries: 2
    timeout: 5s
    start_period: 0s

cpu: 256
memory: 512
platform: linux/x86_64
count: 1
exec: true

network:
  connect: true
  vpc:
    placement: 'public'

This is my environment manifest file:

name: development
type: Environment

network:
  vpc:
    id: vpc-xxx
    subnets:
      public:
        - id: subnet-xxx
        - id: subnet-xxx
        - id: subnet-xxx
      private:
        - id: subnet-yyy
        - id: subnet-yyy
        - id: subnet-yyy

cdn:
  terminate_tls: true

http:
  public:
    ingress:
       cdn: true

# Configure observability for your environment resources.
observability:
  container_insights: true

This error also made me think that thecdn settings should also support http2.

Thank you 🙏🏻

afgallo avatar Feb 25 '23 04:02 afgallo

Hello @afgallo. From https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-protocol-version it seems like the only supported listener for HTTP/2 protocol version is HTTPS listener. However, if terminate_tls is configured, only HTTP listener will be used which seems to be non-compatible with your HTTP/2 target group protocol version.

I think you are right. What Copilot should do is supporting http2 at CloudFront level. Does it sound good to you?

iamhopaul123 avatar Feb 27 '23 19:02 iamhopaul123

I think you are right. What Copilot should do is supporting http2 at CloudFront level. Does it sound good to you?

Yep, that will be perfect. Thank you @iamhopaul123

afgallo avatar Mar 01 '23 06:03 afgallo

Will this include support for http/3 as well?

morganney avatar Jan 03 '24 14:01 morganney

http/3 version can also be supported for cdn 👍

KollaAdithya avatar Jan 03 '24 22:01 KollaAdithya