GRPC load balancing on GKE (on L7, HTTP/2 + TLS)

9/17/2018

How to make load balancing for GRPC services on GKE on L7 (with Ingress over HTTP/2 + TLS)?

I know that I have the option to use L4 (TCP layer) to configure Service with "LoadBalancer" type. But I want to know if I can use Ingress + L7 load balancing over HTTP/2+TLS.

Also I see "HTTP/2 to backends is not supported for GKE." (on https://cloud.google.com/load-balancing/docs/backend-service#HTTP2-limitations). But I don't know it's actual or not.

-- Harlam
google-cloud-platform
google-kubernetes-engine
grpc
http2
kubernetes

1 Answer

1/9/2020

GKE Ingress can now load balance with HTTP/2, when you use https.

To get HTTP/2 between the load balancer (ingress controller) and your pods, your service need an extra annotation:

apiVersion: v1
kind: Service
metadata:
  annotations:
    cloud.google.com/app-protocols: '{"my-port":"HTTP2"}'

In addition, your pods most use TLS and have ALPN h2 configured. This can be done e.g. with an HAProxy as a sidecar with http2 configuration. I have successfully used this setup on GKE.

-- Jonas
Source: StackOverflow