yanliang567
commented
1 month ago /assign @haorenfsa does we need -secure in the request in this case? /unassign
Open nish112022 opened 1 month ago
yanliang567
commented
1 month ago /assign @haorenfsa does we need -secure in the request in this case? /unassign
haorenfsa
commented
1 month ago Hi @nish112022, thank you for the feedback. After tlsMode enabled, we should use the scheme https:// instead of http:// in url. You can try use the script below:
curl --request POST --url "https://localhost:19530/v2/vectordb/collections/describe" --header "Authorization: Bearer 'root:milvus'" --header "accept:
application/json" --header "content-type: application/json" -d '{
"dbName": "default",
"collectionName": "hello_milvus"
}'
nish112022
commented
1 month ago MyBad @haorenfsa ,I should have explained a bit more.When I use the script you gave me , I get this error:
When I give the cert as -cacert field I get this error:application/grpc expected not application json
Below are the parameters I use for my hello_milvus.py.The same parameters should work here as well.
connections.connect(
alias='defa',
secure=True, server_name='localhost',
server_pem_path='/root/milvus_2.4/milvus/configs/cert/server.pem',
user='root',
password='Milvus',
host='localhost',
port='19530',
)@nish112022 Oh, I get it. It seems to be the issue of golang's mux server when serving https & gRPC over TLS on the same port.
For now you can walk around by configuring the http server to another port (for example, 8080) in milvus configuration:
proxy:
http:
port: 8080or you may also try force your client to use http/1.1, without changing configuration.
curl --http1.1 ( same thing needs to be done with your http lib if you want to write code to access it later)
Since ALPN protocol decides which handler will handle the request, h2 for gRPC and http/1.1 for restful.
nish112022
commented
1 month ago It seems forcing http1.1 doesn't work as well.To me it seems due to APLN. not being able to select the configuration correctly.
haorenfsa
commented
1 month ago @nish112022 Yes, it's a bug in server side. by the way I just noticed that in the newest release, @chyezh has forbidden enable tls when enable restful & grpc in the same port.
I think we should fix this instead of forbidding the usage, in a way similar to this: https://ahmet.im/blog/grpc-http-mux-go/
haorenfsa
commented
1 month ago @nish112022 For now only this works for me. We'll fix this later. Thank you again for feedback.
proxy:
http:
port: 8080@nish112022 Yes, it's a bug in server side. by the way I just noticed that in the newest release, @chyezh has forbidden enable tls when enable restful & grpc in the same port.
e34fa04#diff-6e86fc33d8695678bc197f60ce811f0a362cb3034cda0cc03823b5bc8822920eR75
I think we should fix this instead of forbidding the usage, in a way similar to this: https://ahmet.im/blog/grpc-http-mux-go/
Yes, you are correct
Is there an existing issue for this?
Environment
Current Behavior
When I run this
It works, giving me the collection details.However, when I run the same command after enabling TLS mode=1 I get the error that application/grpc expected not application json
Link to thread:https://discord.com/channels/1160323594396635310/1293419285045182516
Expected Behavior
The command should work
curl --request POST --url "http://localhost:19531/v2/vectordb/collections/describe" --header "Authorization: Bearer 'admin:3kMjCMzfL25w'" --header "accept: application/json" --header "content-type: application/json" --cacert ./milvus-rest.cert -d '{ "dbName": "default", "collectionName": "hello_milvus" }'Steps To Reproduce
Milvus Log
No response
Anything else?
No response