Hello all,
Have a question on connection to Upstream gRPC service from kong proxy.
I have the following setup:
client --> Kong API GW* --> gRPC Service A* <--> gRPC Service B*
* - Kuma Mesh with mutual TLS enabled.
Kong version: 3.3
Kuma version: 2.3.2
Observations:
- gRPC Service A ↔ gRPC Service B communication works fine with
grpc
orgrpcs
, that is TLS is enabled or disabled. - client → Kong API GW → gRPC Service A works only if gRPC Service A is TLS enabled, otherwise results in TLS Protocol Error.
Question:
- As the Kong API Gateway is part of the Kuma Mesh with mutual TLS enabled, we would like to run the gRPC service A in non-TLS mode to avoid double TLS handshake. Is there a way to disable TLS for the upstream connection from Kong Proxy to gRPC service A?
Thanks!