http-add-on
http-add-on copied to clipboard
kedacore
GRPC does not work?
Report
I'm trying to set the HTTP Add On for my GRPC but it's not working. When calling the service, it 'hangs' forever.
Side note: the TLS is "optional" (no forced redirect) at the ingress level and the certificate is signed by a internal CA with multiple SANs (aka common name is generic)
Expected Behavior
the service should reply
Actual Behavior
it hangs until timeout
Steps to Reproduce the Problem
- Create a GRPC service
- Publish it without keda and validate that its working
- Now put keda interceptor in the middle of the way to try to scale the service based on service requests
Logs from KEDA HTTP operator
example
HTTP Add-on Version
0.8.0
Kubernetes Version
< 1.28
Platform
Microsoft Azure
Anything else?
No response
I'm not an expert, but I'd say that GRPC needs HTTP/2 support and ??websockets?? to work well. Am i right? Supporting GRPC'd be nice if you are willing to open a PR
I'd be happy to! Would be so kind to point me the right direction of things here? im not familiar with the code here. Something on the lines of "start by checking src/this.go and src/that.go"
All the interception code is here -> https://github.com/kedacore/http-add-on/tree/main/interceptor
The interceptor works as a split component that route the traffic and exposes metrics, so you don't need to take into account anything else related :)
It has an entrypoint that creates all the deps and so on, and start serving traffic :) I guess that as gRPC keeps the connection open AFAIK, you will need to take this into account to not decrement the counter until the gRPC connection is closed
but I'd say that GRPC needs HTTP/2 support and ??websockets??
gRPC does need HTTP2 but works without WebSocket. Interceptor only supports gRPC over TLS (you have to mount the certs and explicitly enable TLS), the plaintext gRPC support is not implemented and the reasons why not relate to https://github.com/golang/go/issues/14141.
Alternatively, there is Kedify HTTP Scaler that reuses parts of this http-add-on and has native gRPC support including both plaintext and TLS without any explicit configuration (mounting TLS certs). If you are interested, you can test it in one of the free tutorials https://kedify.io/tutorials/grpc
@Leonardo-Ferreira I did handle GRPC services using http-add-on with a trick. It might be useful for you.
I add another container to our GRPC services deployment. this container can be a dummy http server. So we can scale up GRPC services just by sending a request to that http server.
it might have not good UX, unless you use it in CI/CD workflows.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Thank you for your contributions.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
When using gRPC on Kubernetes, support for h2c (HTTP/2 cleartext) is critical from an operational perspective. In many deployments, encryption such as mTLS is handled at a separate layer, and this external encryption often suffices, reducing the need for in-app encryption. Given these circumstances, adding native support for gRPC with h2c would greatly simplify configuration and operations.
Could you please reconsider implementing h2c support for gRPC? It would address a common use case and likely benefit many users who rely on external encryption layers for secure communication. Thank you for your consideration.
Could you please reconsider implementing h2c support for gRPC? It would address a common use case and likely benefit many users who rely on external encryption layers for secure communication. Thank you for your consideration.
I think that we are willing to add the support if someone is willing to open a PR with the feature. it's not something that we are blocking but just waiting a contributor
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Thank you for your contributions.