Configure Cloud Run on Anthos to forward HTTP2

Question

How do you make Cloud Run for Anthos forward incoming HTTP2 requests to a Cloud Run service as HTTP2 instead of HTTP/1.1?

I'm using GCP with Cloud Run for Anthos to deploy a Java application that runs a GRPC server. The Cloud Run app is exposed publicly. I have also configured Cloud Run for Anthos with an SSL cert. When I try to use a GRPC client to call my service, client sends request over HTTP2 which the load balancer accepts but then when the request is forwarded to my Cloud Run service (a Java application running GRPC server), it comes in as HTTP/1.1 and gets rejected by the GRPC server. I assume somewhere between the k8 load balancer and my k8 pod, the request is being forwarded as HTTP/1.1 but I don't see how to fix this.

neildo · Answer 1 · 2020-01-15T01:56:28.000

Bringing to together @whlee's answer and his very important followup comment, here's exactly what I had to do to get it to work.

You must deploy using gcloud cli in order to change the named port. The UI does not allow you to configure the port name. Deploying from service yaml is currently a beta feature. To deploy, run: gcloud beta run services replace /path/to/service.yaml

In my case, my service was initially deployed using the GCP cloud console UI, so here are the steps I ran to export and replace.

Export my existing service (named hermes-grpc) to yaml file:

gcloud beta run services describe hermes-grpc --format yaml > hermes-grpc.yaml

Edit my export yaml and make the following edits:

replaced:

        ports:
        - containerPort: 6565

with:

        ports:
          - name: h2c
            containerPort: 6565

deleted the following lines:

          tcpSocket:
            port: 0

Deleted the name: line from the section

spec:
  template:
    metadata:
...
      name:

Finally, redeploy service from edited yaml:

gcloud beta run services replace hermes-grpc.yaml

In the end my edited service yaml looked like this:

apiVersion: serving.knative.dev/v1alpha1
kind: Service
metadata:
  annotations:
    client.knative.dev/user-image: interledger4j/hermes-server:latest
    run.googleapis.com/client-name: cloud-console
  creationTimestamp: '2020-01-09T00:02:29Z'
  generation: 3
  name: hermes-grpc
  namespace: default
  selfLink: /apis/serving.knative.dev/v1alpha1/namespaces/default/services/hermes-grpc
spec:
  template:
    metadata:
      annotations:
        autoscaling.knative.dev/maxScale: '2'
        autoscaling.knative.dev/minScale: '1'
        run.googleapis.com/client-name: cloud-console
    spec:
      containerConcurrency: 80
      containers:
        image: interledger4j/hermes-server:latest
        name: user-container
        ports:
          - name: h2c
            containerPort: 6565
        readinessProbe:
          successThreshold: 1
        resources:
          limits:
            cpu: 500m
            memory: 384Mi
      timeoutSeconds: 300
  traffic:
  - latestRevision: true
    percent: 100

score 0 · Accepted Answer · answered Jan 09 '20 at 15:24

0

https://github.com/knative/docs/blob/master/docs/serving/samples/grpc-ping-go/README.md

Describes how to configure named port to make HTTP/2 work

answered Jan 09 '20 at 15:24

wlhee

2,334
4
18
19

That doesn’t describe how to do that on Cloud Run or with even with a load balancer on GCP. Cloud Run on Anthos generates all the K8 deployment stuff and you can’t hand edit it. – neildo Jan 09 '20 at 15:32
The sample linked by @wlhee has a sample YAML file where you can edit the `ports` section with `name: h2c`. Another example is here: https://knative.tips/networking/http2/ – ahmet alp balkan Jan 09 '20 at 22:41
You guys don’t get it. Cloud Run generates the k8 files. There is no editing k8 yaml file. Not even possible. This question is specifically about CLOUD RUN. – neildo Jan 10 '20 at 05:14
Do you mean there is no way to deploy to Cloud Run with a yank file? Cloud Run Anthos and fully managed both accept yaml spec – wlhee Jan 10 '20 at 17:07
I'm using the Cloud Run UI in GCP cloud console. It does not have a place to provide yaml files. They get generated. – neildo Jan 10 '20 at 17:26
@neildo - The GCP Console does not support every feature and every option. Use the CLI `gcloud`. – John Hanley Jan 10 '20 at 18:00
@JohnHanley I'm not seeing a way to configure k8 yamls using `gcloud run` either. – neildo Jan 10 '20 at 21:18
Looking for an answer that is specifically for Cloud Run. My question is more specific than just kubernetes. I know this can be done with just kubernetes. There are several examples. But I can't find any that specifically show how to do it and deploy with Cloud Run (using CLI or UI). – neildo Jan 10 '20 at 21:21
`gcloud run deploy --help` does not show any options that suggest you can give it custom k8 yaml files. Likewise I see no mention in the online docs here: https://cloud.google.com/run/. The link provided in the answer depends on using a k8 yaml to configure the k8 nodeport service. – neildo Jan 10 '20 at 21:28
2

gcloud beta run services replace https://cloud.google.com/sdk/gcloud/reference/beta/run/services/replace – wlhee Jan 10 '20 at 21:33
@whee Thanks!. I didn't think to check if there was a beta command for it. Cool. That gives me more to work with. – neildo Jan 10 '20 at 21:41
@whee got it working using `gcloud beta run services replace `. Could you update your answer to include that command so I can accept your answer? That command the thing I could not figure out via any Googling. – neildo Jan 10 '20 at 22:20
For most of the documentation for `gcloud`, there are the GA sections, beta sections and alpha sections. As new features are released, they often start as alpha, move to beta and then finally to GA (general availability). – John Hanley Jan 10 '20 at 23:52

Configure Cloud Run on Anthos to forward HTTP2

2 Answers2