Open Nuru opened 4 years ago
aledbf
commented
4 years ago @Nuru thank you for writing this request with some context and analysis of the previous attempts. My only concern is how we can avoid issues/complains with "allow HTTP2 support on port 80 or any non-TLS port".
Nuru
commented
4 years ago @aledbf wrote
My only concern is how we can avoid issues/complaints with "allow HTTP2 support on port 80 or any non-TLS port".
A few ways:
use-http2 ConfigMap setting: by documenting that it toggles support "in secure connections".I suppose we cannot really avoid complaints, but we have a solid answer for them: non-TLS protocol does not support auto-negotiation of protocol. In other words, it just does not work.
fejta-bot
commented
4 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle stale
braxtone
commented
4 years ago Does that seem sufficient to address the prior concerns @aledbf ?
Nuru
commented
4 years ago /remove-lifecycle stale
fejta-bot
commented
3 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale
fejta-bot
commented
3 years ago Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten
Nuru
commented
3 years ago /remove-lifecycle rotten
@aledbf What can I do to move this forward?
fejta-bot
commented
3 years ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
Send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale
fejta-bot
commented
3 years ago Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
Send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten
k8s-triage-robot
commented
3 years ago The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.
This bot triages issues and PRs according to the following rules:
lifecycle/stale is appliedlifecycle/stale was applied, lifecycle/rotten is appliedlifecycle/rotten was applied, the issue is closedYou can:
/reopen/remove-lifecycle rottenPlease send feedback to sig-contributor-experience at kubernetes/community.
/close
k8s-ci-robot
commented
3 years ago @k8s-triage-robot: Closing this issue.
fnkr
commented
3 years ago I need this too. Can we have this reopened please?
johngirvin
commented
3 years ago We also need this ability.
arpit20adlakha
commented
2 years ago We need this too, can someone please pick it up ?
tao12345666333
commented
2 years ago let me reopen it
/reopen
k8s-ci-robot
commented
2 years ago @tao12345666333: Reopened this issue.
iamNoah1
commented
2 years ago /triage accepted /priority important-soon
@fnkr @johngirvin @arpit20adlakha if you want to see this feature, we are happy for any contributions :)
/help
k8s-ci-robot
commented
2 years ago @iamNoah1: This request has been marked as needing help from a contributor.
Please ensure that the issue body includes answers to the following questions:
For more details on the requirements of such an issue, please see here and ensure that they are met.
If this request no longer meets these requirements, the label can be removed
by commenting with the /remove-help command.
rikatz
commented
2 years ago /lifecycle frozen
malthe
commented
2 years ago @nicknovitski how far from this proposal is your existing work on this?
k8s-triage-robot
commented
1 year ago This issue is labeled with priority/important-soon but has not been updated in over 90 days, and should be re-triaged.
Important-soon issues must be staffed and worked on either currently, or very soon, ideally in time for the next release.
You can:
/triage accepted (org members only)/priority important-longterm or /priority backlog/closeFor more details on the triage process, see https://www.kubernetes.dev/docs/guide/issue-triage/
/remove-triage accepted
k8s-ci-robot
commented
1 year ago This issue is currently awaiting triage.
If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.
The triage/accepted label can be added by org members by writing /triage accepted in a comment.
rahulsb
commented
4 months ago This feature will be very useful and I have number of users looking for this on IBM Cloud deployments. Can we triage this ?
aojea
commented
4 months ago Can not be achieved this using gateway API?
ingress API has been GA for a long time, growing the scope of this project with annotations fragments the ecosystem and reduces the capacity to standardize it
rikatz
commented
3 months ago @rahulsb are you willing to implement, maintain, triage bugs, etc for this feature? If so, please feel free to open a PR for it
This feature has been requested and attempted a few times, but keeps losing steam.
I would like to revive it because it should now be relatively easy to implement and there are precedents for it.
Specifically, I would like to have the annotation
nginx.ingress.kubernetes.io/use-http2: "false"disable HTTP2 for that host. We already havenginx.ingress.kubernetes.io/server-snippetwhich can only be used once per host and which affects all paths for the host, but because of the way HTTP2 support is configured (as part of thelistendirective), the server snippet annotation cannot be used to disable HTTP2 support for the server. We also have thenginx.ingress.kubernetes.io/use-regexwhich affects all paths for the host, regardless of which Ingress the paths are defined on.I think #2189 was not allowed because the fact that it applies to the entire host was seen as unacceptable, but this kind of thing, when necessary for architectural reasons, is acceptable now when properly documented. #2482 was a different way to accomplish the same goal and was proposed as a way around a bug in nginx and lost steam when the bug was fixed.
Note that I am not asking for an annotation that would allow HTTP2 support on port 80 or any non-TLS port, which I think is what got #2402 shut down. What I am asking for is an annotation that turns off the now default HTTP2 support for TLS ports on a per-host/server basis.
Proposed documentation:
Use case: We have a large cluster with many hosts and we want to have HTTP2 support for nearly all of them, but some break when HTTP2 support is turned on and we want to disable it only for those hosts. It is acceptable that this be a per-host setting like the server snippet.
/kind feature