My .NET application is deployed to an EKS cluster, which has an ingress defined with the following relevant annotations
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/ssl-policy: ELBSecurityPolicy-TLS-1-2-2017-01
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP":80}, {"HTTPS":443}]'
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
alb.ingress.kubernetes.io/healthcheck-path: "/swagger/v1/swagger.json"
alb.ingress.kubernetes.io/backend-protocol-version: HTTP2
My app deploys fine on the cluster with all healthchecks passing and pods in running state. However, when I query the ingress endpoint with a GRPC request, I get an error as shown below in brief
Unhandled exception: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation.
---> Grpc.Core.RpcException: Status(StatusCode="Unavailable", Detail="Error starting gRPC call. HttpRequestException: An error occurred while sending the request. IOException: The request was aborted. Http2ConnectionException: The HTTP/2 server sent invalid data on the connection. HTTP/2 error code 'PROTOCOL_ERROR' (0x1).", DebugException="System.Net.Http.HttpRequestException: An error occurred while sending the request.
I am sure there is not an issue with the request in question, because when I do a port-forward on one of the ports and hit the localhost:5000 endpoint, I am getting the desired result.
I checked the loadbalancer and target groups in AWS console and they're in healthy state. However the monitoring dashboard show adds to the ELB 4xx count every time I access the endpoint. I am sure there is an issue at the ingress level but I am unable to figure out what exactly.
Not sure what I am missing here or if there is anything wrong with my setup. But since the port-forward works as expected, this has got to be some issue with the LoadBalancer.
For reference, I have tried changing the backend-protocol-version to GRPC which does not help