Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Per-HTTPProxy HTTP-Version Support to Address HTTP2 Coalescing Issues with Wildcards #5822

Closed
m-yosefpor opened this issue Oct 11, 2023 · 3 comments
Closed

Add Per-HTTPProxy HTTP-Version Support to Address HTTP2 Coalescing Issues with Wildcards #5822

m-yosefpor opened this issue Oct 11, 2023 · 3 comments
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/needs-triage Indicates that an issue needs to be triaged by a project contributor. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.

Comments

@m-yosefpor
Copy link
Contributor

Description:

With the emergence of the HTTP2 Coalescing issue, where using a wildcard can result in complications in SNI-based routing (as fully discussed in multiple issues including #1493), we've recognized a critical need to have a per-HTTPProxy mechanism to specify HTTP versions. This issue is exacerbated by browsers like Safari (or potentially underlining WebKit/CFNetwork) which does not retry upon receiving an HTTP 421 response. The proposed workaround for this issue is to universally disable http2 as mentioned in #2619 and implemented in #2622

We propose, adding a new field to the HTTPProxy spec allowing the specification of HTTP versions to offer for that HTTPProxy. This field comes into play only when spec.tls is activated and spec.tcpproxy is deactivated.

Critical Use Case:

In scenarios where multiple HTTPProxies are served, and a subset of them use the same wildcard certificate, it becomes imperative to have the flexibility to disable http/2 for specific proxies to avoid the mentioned issue. Meanwhile, we want to retain the performance advantages of http/2 for others, and also to be able to use gRPC routing for routes.

Proposed Solution:

  1. Selectively disable http/2 for HTTPProxies using the wildcard certificate, thus bypassing the 421 issue for problematic browsers.
  2. Retain the http/2 functionality for other routes to capitalize on grpc and enhanced performance.

Request:

Providing users the granularity to specify HTTP versions on a per-proxy basis, addressing the HTTP2 Coalescing challenge while balancing performance considerations. Furthermore, to ensure backward compatibility, if the new field in the HTTPProxy spec is not explicitly set, the behavior would default to using default-http-versions from the global configuration, provided it's not empty.
@m-yosefpor m-yosefpor added kind/feature Categorizes issue or PR as related to a new feature. lifecycle/needs-triage Indicates that an issue needs to be triaged by a project contributor. labels Oct 11, 2023
@therealak12 therealak12 mentioned this issue Oct 11, 2023
Closed
@skriss skriss added this to the 1.28.0 milestone Nov 2, 2023
@sunjayBhatia sunjayBhatia modified the milestones: 1.28.0, 1.29.0 Feb 1, 2024
@sunjayBhatia
Copy link
Member

Apologies, we got a bit behind reviewing the PR for this issue, bumping to 1.29.0

@skriss skriss modified the milestones: 1.29.0, 1.30.0 May 2, 2024
@skriss skriss removed this from the 1.30.0 milestone Jul 24, 2024
@github-actions GitHub Actions
Copy link

The Contour project currently lacks enough contributors to adequately respond to all Issues.

This bot triages Issues according to the following rules:

  • After 60d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the Issue is closed

You can:

  • Mark this Issue as fresh by commenting
  • Close this Issue
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Sep 23, 2024
@github-actions GitHub Actions
Copy link

The Contour project currently lacks enough contributors to adequately respond to all Issues.

This bot triages Issues according to the following rules:

  • After 60d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the Issue is closed

You can:

  • Mark this Issue as fresh by commenting
  • Close this Issue
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Oct 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/needs-triage Indicates that an issue needs to be triaged by a project contributor. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale.
Projects
Contour
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

add per-httpproxy http-version support snapp-incubator/contour
3 participants
@skriss @sunjayBhatia @m-yosefpor