search

aws / copilot-cli

The AWS Copilot CLI is a tool for developers to build, release and operate production ready containerized applications on AWS App Runner or Amazon ECS on AWS Fargate.
https://aws.github.io/copilot-cli/
Apache License 2.0
3.5k stars 407 forks source link

Load balancer http version #4551

Open afgallo opened 1 year ago

afgallo commented 1 year ago

It seems that I cannot really use http.version equals http2 as I get the error below when deploying my Load Balance Web Service:

  • An HTTP listener rule for forwarding HTTP traffic to your tasks [delete complete] [149.4s] Internal error reported from downstream service during operation 'List
    ener protocol 'HTTP' is not supported with a target group with the pro
    tocol-version 'HTTP2' (Service: ElasticLoadBalancingV2, Status Code: 4
    00, Request ID: db3f815d-17e3-424b-ad0d-4bb17f0ce872, Extended Request
    ID: null)'.

This is my service manifest file:

http:
  stickiness: false
  redirect_to_https: false
  version: http2
  path: '/'
  healthcheck:
    path: '/hc'
    success_codes: '200'
    healthy_threshold: 3
    unhealthy_threshold: 3
    interval: 10s
    timeout: 3s

image:
  build: Dockerfile
  port: 3001
  healthcheck:
    command: ['CMD-SHELL', 'curl -f http://localhost:3001/hc || exit 1']
    interval: 5s
    retries: 2
    timeout: 5s
    start_period: 0s

cpu: 256
memory: 512
platform: linux/x86_64
count: 1
exec: true

network:
  connect: true
  vpc:
    placement: 'public'

This is my environment manifest file:

name: development
type: Environment

network:
  vpc:
    id: vpc-xxx
    subnets:
      public:
        - id: subnet-xxx
        - id: subnet-xxx
        - id: subnet-xxx
      private:
        - id: subnet-yyy
        - id: subnet-yyy
        - id: subnet-yyy

cdn:
  terminate_tls: true

http:
  public:
    ingress:
       cdn: true

# Configure observability for your environment resources.
observability:
  container_insights: true

This error also made me think that thecdn settings should also support http2.

Thank you 🙏🏻

iamhopaul123 commented 1 year ago

Hello @afgallo. From https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-protocol-version it seems like the only supported listener for HTTP/2 protocol version is HTTPS listener. However, if terminate_tls is configured, only HTTP listener will be used which seems to be non-compatible with your HTTP/2 target group protocol version.

I think you are right. What Copilot should do is supporting http2 at CloudFront level. Does it sound good to you?

afgallo commented 1 year ago

I think you are right. What Copilot should do is supporting http2 at CloudFront level. Does it sound good to you?

Yep, that will be perfect. Thank you @iamhopaul123

morganney commented 9 months ago

Will this include support for http/3 as well?

KollaAdithya commented 9 months ago

http/3 version can also be supported for cdn 👍