Why Secure GRPC calls do not reach ingress gateway?
If I understand you correctly, the thing here is that:
GRPC currently works over a
HTTP2
type transportThe current ingress is not capable of
HTTP2
So are you sure your client is using HTTP1
? Because otherwise it might not work.
Please let me know if that helped.
Try it out grpc greeter with istio, it works for me.
# greeter.yamlapiVersion: v1kind: Servicemetadata: name: greeter labels: app: greeterspec: ports: - name: grpc port: 50051 selector: app: greeter---apiVersion: extensions/v1beta1kind: Deploymentmetadata: name: greeterspec: replicas: 1 template: metadata: labels: app: greeter version: v1 spec: containers: - image: tobegit3hub/grpc-helloworld imagePullPolicy: IfNotPresent name: greeter ports: - containerPort: 50051
# gateway.yamlapiVersion: networking.istio.io/v1alpha3kind: Gatewaymetadata: name: greeter-gatewayspec: selector: istio: ingressgateway # use Istio default gateway implementation servers: - port: number: 80 name: http protocol: HTTP hosts: - 'xyz.example.com'
# virtualservice.yamlapiVersion: networking.istio.io/v1alpha3kind: VirtualServicemetadata: name: greeterspec: hosts: - 'xyz.example.com' gateways: - greeter-gateway http: - match: - uri: prefix: / route: - destination: host: greeter port: number: 50051
# grpc greeter clientdocker run -it tobegit3hub/grpc-helloworld /greeter_client.py xyz.example.com:80