Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hvac not support http2 #807

Open
LuckySB opened this issue Apr 20, 2022 · 4 comments
Open

hvac not support http2 #807

LuckySB opened this issue Apr 20, 2022 · 4 comments
Labels
enhancement a new feature or addition help wanted Contributions welcome!

Comments

@LuckySB
Copy link

LuckySB commented Apr 20, 2022
edited
Loading

I create AWL load balancer before my vault instance
in target group definition i set Protocol version: HTTP2

Connect to vault failed with message

None, on get https://vault.internal.com/v1/auth/token/lookup-self

i add some debug to module, and found that AWS ALB return me code 464

so:
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-troubleshooting.html

HTTP 464
The load balancer received an incoming request protocol that is incompatible with the version config of the target group protocol.
Possible causes:
The request protocol is an HTTP/1.1, while the target group protocol version is a gRPC or HTTP/2.
  1. raise_for_error should show status_code in error message when call UnexpectedError
  2. hvac should try to use HTTP2 as modern browser or curl

my workaround - recreate aws target group with protocol HTTP1.1
@colin-pm
Copy link
Member

hvac uses requests to interact with Vaults API, which to my knowledge does not support HTTP/2. I'm not sure if that is on the requests maintainers backlog or not. Adding support will likely require having to migrate from requests to a new python module that supports HTTP/2, like httpx or hyper.

@briantist briantist added enhancement a new feature or addition help wanted Contributions welcome! labels Sep 17, 2023
@briantist
Copy link
Contributor

Right now I think we're too entrenched with requests to support an alternate backend in the library, and our adapter system looks like it could be used in this way on the surface, but there are a few too many things that make assumptions about requests at this time.

hyper seems to no longer be maintained.

httpx claims to be broadly compatible with requests:

Since you are able to provide a custom requests.Session with hvac (example), you could try your hand at passing an instance of httpx.Client instead. I haven't tested it though.

@Ousret
Copy link
Contributor

Ousret commented Dec 6, 2023

Hello there,

Sorry to barge in,
There's an alternative you may be interested in. https://github.com/jawah/niquests

This is a drop-in-worthy replacement for Requests that ships with modern capabilities and allows you a painless transition.
I can answer any concerns you may have.

@briantist
Copy link
Contributor

Thanks @Ousret , not barging in at all, appreciate the recommendation!

If you'd like to show some working examples of using hvac with niquests, we would consider accepting a PR to feature those examples in https://github.com/hvac/hvac/blob/main/docs/advanced_usage.rst

Since niquests seems to be broadly requests compatible, it could probably work two different ways with hvac:

  1. Pass a session to the hvac.Client
  2. Create a custom Adapter similar to the RawAdapter that uses niquests instead of requests (it would either need to combine the features of JSONAdapter or provide a second custom JSON-based adapter that inherits from the custom Raw Adapter)

@Ousret Ousret mentioned this issue Dec 7, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement a new feature or addition help wanted Contributions welcome!
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@briantist @Ousret @LuckySB @colin-pm