We have an application running in a k8s deployment that opens a TCP socket on port 8000, and listens for HTTP and GRPC traffic. We also have an Istio Gateway listening on port 443 for HTTPS traffic, connected to two virtual services, one for HTTP traffic, the other for GRPC traffic (matching on headers/URI). Those VirtualServices direct traffic to two different ports on the Service, port 8000 for HTTP traffic, and port 5001 for GRPC traffic--but both have a target port of 8000 (see specs below). We're having issues connecting via either HTTP or GRPC--HTTP returns a generic 500, GRPC returns a "not found" error. However, if we split the traffic between two ports (i.e. each protocol gets its own port), things work fine, this unfortunately forces us to use an older version of the app.
Deployment:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: test-deployment
namespace: test-ns
spec:
progressDeadlineSeconds: 600
replicas: 2
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 0
type: RollingUpdate
template:
spec:
containers:
image: <Image name>
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 3
httpGet:
path: /live
port: 8000
scheme: HTTP
initialDelaySeconds: 20
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 60
name: test-container
ports:
- containerPort: 8000
protocol: TCP
- containerPort: 8000
name: metrics
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /ready
port: 8000
scheme: HTTP
initialDelaySeconds: 20
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 60
resources:
limits:
cpu: "1"
memory: 1Gi
requests:
cpu: 200m
memory: 10Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
dnsPolicy: ClusterFirst
restartPolicy: Always
schedulerName: default-scheduler
terminationGracePeriodSeconds: 20
Service:
apiVersion: v1
kind: Service
metadata:
name: test-deployment-svc
namespace: test-ns
spec:
clusterIP: <IP>
ports:
- name: http
port: 8000
protocol: TCP
targetPort: 8000
- name: http2
port: 5001
protocol: TCP
targetPort: 8000
selector:
<some label>
sessionAffinity: None
type: ClusterIP
Any suggestions would be greatly appreciated!