I am trying to deploy my application [ GRPC + Spring Boot ] in Kubernetes infra.
I have set up a GRPC server with Spring boot on our pods - and as suggested I am running the processes on 2 different ports [ GRPC (port - 8443)+ Spring Boot (port- 8080) ] but my VIP is pointing to port 8443 right now.
I am able to configure SSL using .useTransportSecurity in a standalone grpc server (standalone here I mean without spring boot)
Problem: If my VIP is pointing to the GRPC server process on the pods I need to offload SSL in GRPC server but I do not see details how to do that if I am running my grpc server as an embedded server with spring boot.
Even if I deploy the application and when I try to connect using GRPC client I am seeing below error in servers and clinet is getting disconnected.
Where can I find additional application.properties specific to grpc ? I could only find grpc.server.port, grpc.server.host
2017-05-29 10:11:30.549 INFO 12796 --- [ main] n.d.s.a.grpc.server.GrpcServerLifecycle : gRPC Server started, listening on address: 0.0.0.0, port: 8443
2017-05-29 10:11:30.971 INFO 12796 --- [ main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8080 (https)
2017-05-29 10:11:30.979 INFO 12796 --- [ main] c.a.IntentProcessorGroup1Application : Started IntentProcessorGroup1Application in 26.45 seconds (JVM running for 27.737)
2017-05-29 10:11:41.736 WARN 12796 --- [-worker-ELG-3-1] io.grpc.netty.NettyServerHandler : Connection Error
io.netty.handler.codec.http2.Http2Exception: HTTP/2 client preface string missing or corrupt. Hex dump for received bytes: 160301008e0100008a03039bda7533eee4bee56f87bd4a42
at io.netty.handler.codec.http2.Http2Exception.connectionError(Http2Exception.java:85) ~[netty-codec-http2-4.1.8.Final.jar:4.1.8.Final]
The error above is in server side while I do see below error at client side -
E0531 07:51:58.291000000 10620 ssl_transport_security.c:937] Handshake failed with fatal error SSL_ERROR_SSL: error:100000f7:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER.
E0531 07:51:58.304000000 10620 ssl_transport_security.c:937] Handshake failed with fatal error SSL_ERROR_SSL: error:100000f7:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER.
Using netty-tcnative-boringssl-static version 1.1.33.Fork26
I am trying to deploy my application [ GRPC + Spring Boot ] in Kubernetes infra.
I have set up a GRPC server with Spring boot on our pods - and as suggested I am running the processes on 2 different ports [ GRPC (port - 8443)+ Spring Boot (port- 8080) ] but my VIP is pointing to port 8443 right now.
I am able to configure SSL using .useTransportSecurity in a standalone grpc server (standalone here I mean without spring boot)
Problem: If my VIP is pointing to the GRPC server process on the pods I need to offload SSL in GRPC server but I do not see details how to do that if I am running my grpc server as an embedded server with spring boot.
Even if I deploy the application and when I try to connect using GRPC client I am seeing below error in servers and clinet is getting disconnected.
Where can I find additional application.properties specific to grpc ? I could only find grpc.server.port, grpc.server.host
2017-05-29 10:11:30.549 INFO 12796 --- [ main] n.d.s.a.grpc.server.GrpcServerLifecycle : gRPC Server started, listening on address: 0.0.0.0, port: 8443
2017-05-29 10:11:30.971 INFO 12796 --- [ main] s.b.c.e.t.TomcatEmbeddedServletContainer : Tomcat started on port(s): 8080 (https)
2017-05-29 10:11:30.979 INFO 12796 --- [ main] c.a.IntentProcessorGroup1Application : Started IntentProcessorGroup1Application in 26.45 seconds (JVM running for 27.737)
2017-05-29 10:11:41.736 WARN 12796 --- [-worker-ELG-3-1] io.grpc.netty.NettyServerHandler : Connection Error
io.netty.handler.codec.http2.Http2Exception: HTTP/2 client preface string missing or corrupt. Hex dump for received bytes: 160301008e0100008a03039bda7533eee4bee56f87bd4a42
at io.netty.handler.codec.http2.Http2Exception.connectionError(Http2Exception.java:85) ~[netty-codec-http2-4.1.8.Final.jar:4.1.8.Final]
The error above is in server side while I do see below error at client side -
E0531 07:51:58.291000000 10620 ssl_transport_security.c:937] Handshake failed with fatal error SSL_ERROR_SSL: error:100000f7:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER.
E0531 07:51:58.304000000 10620 ssl_transport_security.c:937] Handshake failed with fatal error SSL_ERROR_SSL: error:100000f7:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER.
Using netty-tcnative-boringssl-static version 1.1.33.Fork26