-
Notifications
You must be signed in to change notification settings - Fork 504
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Linkerd doesn't work with .NET Core Grpc Service #2401
Comments
Also by checking a similiar bug, this was discussed here dotnet/aspnetcore#14745 although the authors of the grpc dont consider it to be correct to send the :scheme that way and are not planning to ease validation. I am not sure when is the scheme build, but it would make sence to specify it somewhere in the Transformer (or have the ability to prepend https:// or https:// ) I |
Thanks, @MartinKosicky! Yes, I think you are correct that Linkerd should set the :scheme pseudoheader to |
I'm experiencing exactly the same problem, the only difference is that client connecting to the Linkerd sidecar without TLS and then Linkerd setup secure connection to the remote service:
|
@astryia thanks for the confirmation. If you're interested in contributing a PR, we'd love to have a fix for this. |
I think this is dotnet/aspnetcore#30532 |
Issue Type:
My scheme is as follow: I have a client connecting linkerd over TLS. linkerd unpacks the TLS and forwards the communication unencrypted to the target POD on Kubernetes. What happens here is that the Grpc Service gives me the following:
I am using the k8s namer.
It seems that the :scheme header is being just forwarded from the originating client, however the target scheme should be 'http' since it's an unencrypted communication.
What you expected to happen:
I would expect that the :scheme header is set to http if communication is proxied on unencrypted endpoint
How to reproduce it (as minimally and precisely as possible):
Any client trying to reach some hello-world microservice in grpc,
Anything else we need to know?:
Environment:
The text was updated successfully, but these errors were encountered: