Hi,
I want to use nginx for ssl termination and load balancing. I found, there is one way how to do it, to use stream proxy configuration.
But by SSL GRPC request occurs exception "Failed ALPN negotiation" (bellow), where are checking supported ALPN/NPN protocols io.grpc.netty.GrpcSslContexts#NEXT_PROTOCOL_VERSIONS. It happens after successful SSL handshake and nginx returns by ALPN negotiation NULL value, reason why "Failed ALPN negotiation" is thrown.
Therefore I've tried to disable ALPN negotiation by create of client GRPC SSL context using applicationProtocolConfig(ApplicationProtocolConfig.DISABLED).
In this case is thrown exception "ALPN must be enabled and list HTTP/2 as a supported protocol." through io.grpc.netty.GrpcSslContexts#ensureAlpnAndH2Enabled.
I there some way how to disable ALPN negotation by GRPC client SSL context?
Thanks.
Jozef R.
Failed ALPN negotiation exception:
io.grpc.StatusRuntimeException: UNKNOWN
at io.grpc.stub.ClientCalls.toStatusRuntimeException(ClientCalls.java:227)
at io.grpc.stub.ClientCalls.getUnchecked(ClientCalls.java:208)
at io.grpc.stub.ClientCalls.blockingUnaryCall(ClientCalls.java:141)
at io.grpc.examples.helloworld.GreeterGrpc$GreeterBlockingStub.sayHello(GreeterGrpc.java:218)
at com.test.client.HelloWorldClient.greet(HelloWorldClient.java:80)
at com.test.client.HelloWorldClient.cycleGreet(HelloWorldClient.java:117)
at com.test.client.HelloWorldClient.main(HelloWorldClient.java:107)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:282)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.Exception: Failed ALPN negotiation: Unable to find compatible protocol.
at io.grpc.netty.ProtocolNegotiators$BufferUntilTlsNegotiatedHandler.userEventTriggered(ProtocolNegotiators.java:608)
at io.netty.channel.AbstractChannelHandlerContext.invokeUserEventTriggered(AbstractChannelHandlerContext.java:330)
at io.netty.channel.AbstractChannelHandlerContext.invokeUserEventTriggered(AbstractChannelHandlerContext.java:316)
at io.netty.channel.AbstractChannelHandlerContext.fireUserEventTriggered(AbstractChannelHandlerContext.java:308)
at io.netty.channel.ChannelInboundHandlerAdapter.userEventTriggered(ChannelInboundHandlerAdapter.java:108)
at io.netty.handler.codec.ByteToMessageDecoder.userEventTriggered(ByteToMessageDecoder.java:336)
at io.netty.channel.AbstractChannelHandlerContext.invokeUserEventTriggered(AbstractChannelHandlerContext.java:330)
at io.netty.channel.AbstractChannelHandlerContext.invokeUserEventTriggered(AbstractChannelHandlerContext.java:316)
at io.netty.channel.AbstractChannelHandlerContext.fireUserEventTriggered(AbstractChannelHandlerContext.java:308)
at io.netty.handler.ssl.SslHandler.setHandshakeSuccess(SslHandler.java:1329)
at io.netty.handler.ssl.SslHandler.setHandshakeSuccessIfStillHandshaking(SslHandler.java:1314)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1188)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1039)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:411)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:248)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:349)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:341)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1334)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:349)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:926)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:129)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:642)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:565)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:479)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:441)
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:858)
at io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:144)
... 1 common frames omitted
ALPN must be enabled and list HTTP/2 as a supported protocol exception:
java.lang.IllegalArgumentException: ALPN must be enabled and list HTTP/2 as a supported protocol.
at com.google.common.base.Preconditions.checkArgument(Preconditions.java:122)
at io.grpc.netty.GrpcSslContexts.ensureAlpnAndH2Enabled(GrpcSslContexts.java:194)
at io.grpc.netty.NettyChannelBuilder.sslContext(NettyChannelBuilder.java:193)
at com.test.client.HelloWorldClient.createWithSsl(HelloWorldClient.java:209)
at com.test.client.HelloWorldClient.createPublicWithSsl(HelloWorldClient.java:186)
at com.test.client.HelloWorldClient.createChannel(HelloWorldClient.java:163)
at com.test.client.HelloWorldClient.cycleGreet(HelloWorldClient.java:115)
at com.test.client.HelloWorldClient.main(HelloWorldClient.java:108)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:282)
at java.lang.Thread.run(Thread.java:745)