ingress.pomerium.io/allow_spdy: "true" doesn't work

[ssveta7ak]

What happened?

Annotation ingress.pomerium.io/allow_spdy: "true" doesn't work

What did you expect to happen?

How'd it happen?

1. Add ingress.pomerium.io/allow_spdy: "true" to the ingress file and run Pomerium
2. Open https://httpbin.localhost.pomerium.io in the browser
3. In the browser (Firefox) do: Inspect -> Network -> Headers
   The HTTP/2 protocol is present instead of spdy

What's your environment like?

IC v0.220

What's your config.yaml?

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: httpbin
  annotations:
    ingress.pomerium.io/pass_identity_headers: "true"
    ingress.pomerium.io/allow_spdy: "true"
    ingress.pomerium.io/allow_any_authenticated_user: "true"
spec:
  ingressClassName: pomerium
  rules:
    - host: 'httpbin.localhost.pomerium.io'
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: httpbin
                port:
                  name: http

What did you see in the logs?

# Paste your logs here.
# Be sure to scrub any sensitive values

Additional context

Add any other context about the problem here.

[wasaga]

I believe the way it works is is the connecting party wants to use SPDY, it will be allowed. I think browsers want HTTP/2

the only place where it was used is for self-hosted kubernetes clusters, in order to reach their internal API from the outside.

[desimone]

To confirm, we need a simple example SPDY app to test against.

[desimone]

Context -- we added this for k8s as @wasaga mentioned.

• pomerium-cli/k8s: kubectl exec fails pomerium#1202 (comment)