search

fnproject / fn

The container native, cloud agnostic serverless platform.
http://fnproject.io
Apache License 2.0
5.76k stars 405 forks source link

[feature-request] HTTP/2 (or gRPC) trigger type #1431

Open denismakogon opened 5 years ago

denismakogon commented 5 years ago

HTTP/2.0 trigger

Intro

The long time ago Fn introduced triggers mechanism. For quite a while there was only HTTP/1.1-compatible trigger type (http).

problem area

As a developer and a user, I'd like to be able to utilize HTTP/2 protocol-based triggers.

why HTTP/2?

gRPC developed on top of the HTTP/2, it means that when Fn will provide HTTP/2.0 protocol-based triggers developers can build the gRPC services on top of the Fn.

impact

Triggers

As for now Fn support only HTTP/1.1 protocol-based triggers as http type. So, there would be a need to make a difference between HTTP/1.1 and HTTP/2.0 triggers.

Runner LB (node type lb and all)

They have to support HTTP/2.0

Alternative

Instead of supporting native HTTP/2.0 triggers Fn might/can support gRPC trigger type.

rdallman commented 5 years ago

this is possible if fn is run with SSL certs (which turns on http/2) seamlessly. afaik, there is no reason to differentiate http versions at the trigger level and we aren't explicitly blocking http/2 in any way. can we close?

denismakogon commented 5 years ago

If so, it has to be documented, because it's not clear out of the box. According to Gin docs and example it seems like HTTPS has to be configured natively, but I'm not sure if that will work with HTTPS -> HTTP reverse proxy.

rdallman commented 5 years ago

we can document turning on h2 if it's not, it only works over https in go, but more complicated installs still wouldn't change the semantics here for triggers, so long as the front door is h2 then the use case outlined here is satisfied?

denismakogon commented 5 years ago

There are a lot questions like:

  1. How do i know if Fn/OF runner LB runs behind reverse proxy (ingres controller) that does support H2?
  2. How to let customers know if they can do h2 triggers using http trigger type.
  3. Are there any technical issues running H2 requests against runner LB like would Fn act normally translating h2 (PUSH, etc.) into an internal H11 request?

Maybe something else, that's what comes into my mind at this moment. Any thougts?

denismakogon commented 5 years ago

it only works over https in go

I figured that out, the main problem may occure around Fn deployment where peole (like us, actually) use an ingress controller. In this case there would be a need to configure SSL on both sides: ingress controller and runner LB

denismakogon commented 5 years ago

so long as the front door is h2 then the use case outlined here is satisfied?

this has to be tested properly, due to things like PUSH there might be a need to actually diffirintiate http2 transport from http11.