Http2 support for kong ingress controller?

I am running a kops cluster on AWS with kong as the ingress controller. I’ve been trying to enable http2 support by adding the following variables to the kong-proxy container. This would enable http2 and when I changed my AWS Classic Loadblancer’s Instance Protocol to SSL or HTTPS, I am no longer able to access the services. If I don’t change the Loadblancer settings, Nginx would throw the following error: 400 Bad Request The plain HTTP request was sent to HTTPS port.

Deployment

            - name: KONG_PROXY_LISTEN
              value: 0.0.0.0:8000 http2, 0.0.0.0:8443 ssl http2
            - name: http2
              value: "on"

Service

  type: LoadBalancer
  ports:
    - name: kong-proxy-ssls
      port: 443
      targetPort: 8443
      protocol: TCP
  selector:
    app: kong

HTTP/2 and HTTPS/1.1 are different protocols.
AWS Classic load balancer does not support HTTP/2 unless you are willing to use TCP based load balancing:
https://aws.amazon.com/elasticloadbalancing/features/

You can either terminate TLS at Kong or use an ALB to proxy HTTP/2 traffic.

2 Likes

just figured this out a few hours ago! thanks.


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ