profile
viewpoint

Ask questionsproblems with spdy/http2 for some urls - net::ERR_SPDY_PROTOCOL_ERROR net::ERR_INCOMPLETE_CHUNKED_ENCODING

Hello,

I'm receiving net::ERR_SPDY_PROTOCOL_ERROR via https and net::ERR_INCOMPLETE_CHUNKED_ENCODING via http on few urls (sometimes it works but once from 10/20 reloads) , the urls access simple php script which reads local file and send it back (~40kb)

there are just two urls from hundreds which consistently return error

curl also see the same errors

curl 'https:// ...  -o /dev/null --http2 
curl: (92) HTTP/2 stream 0 was not closed cleanly: INTERNAL_ERROR (err 2)

curl 'https:// ...  -o /dev/null --http1.1
curl: (18) transfer closed with outstanding read data remaining

and only http1.0 works without issues  
curl 'https:// ...  -o /dev/null --http1.0

but when I'm accessing backend pod directly (via port-forward/http) there no errors at all

so I suppose issue only with ingress

Master version 1.12.7-gke.10 Node version 1.12.7-gke.10 (as well checked with 1.12.7-gke.7 1.12.6-gke.11)

ingress config

apiVersion: cloud.google.com/v1beta1
kind: BackendConfig
metadata:
  name: web-ingress-config-default
spec:
  cdn:
    enabled: false
  securityPolicy:
    name: ""
  timeoutSec: 1800
---
apiVersion: v1
kind: Service
metadata:
  name: web
  annotations:
    beta.cloud.google.com/backend-config:
      '{"default": "web-ingress-config-default"}'
spec:
  type: NodePort
  selector:
    app: app-portal-web
  ports:
    - port: 30080
      targetPort: 80
      protocol: TCP
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: tls-web-ingress
  annotations:
    kubernetes.io/ingress.global-static-ip-name: app-static-ip
spec:
  tls:
  - secretName: tls-secret
  rules:
  - http:
      paths:
      - path: /*
        backend:
          serviceName: web
          servicePort: 30080

nginx/backend config

server {
    set_real_ip_from  10.0.0.0/8;
    real_ip_header proxy_protocol;

    server_name _;
    listen              80;

    client_max_body_size 4G;

    root /var/www/public;
    index index.php index.html index.htm;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
	fastcgi_buffer_size 32k;
	fastcgi_buffers 4 32k;

        fastcgi_read_timeout 1800;

        fastcgi_param HTTP_X_REMOTE_ADDR $remote_addr;
        fastcgi_param HTTP_X_REALIP_REMOTE_ADDR $realip_remote_addr;
        fastcgi_param HTTP_X_FORWARDED_FOR $proxy_add_x_forwarded_for;

        proxy_set_header X-Forwarded-For $proxy_protocol_addr;

        try_files $uri /index.php =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}
kubernetes/ingress-gce

Answer questions oprudkyi

UPDATE: I have installed ingress-nginx , reconfigured for it and got the same errors, but was able to fix them by

    nginx.ingress.kubernetes.io/proxy-buffering: "on"
    nginx.ingress.kubernetes.io/proxy-buffers-number: "4"
    nginx.ingress.kubernetes.io/proxy-buffer-size: "32k"

so problem now is different - how to enable such settings in ingress-gce ?

useful!
source:https://uonfu.com/
Github User Rank List