Upgrading from 1.17-latest to 1.19-latest broke grpc #18095
Description
Title: Upgrading from 1.17-latest to 1.19-latest broke grpc
Description:
Configuration file
static_resources:
listeners:
- name: backend_listener
address:
socket_address:
address: 0.0.0.0
port_value: 80
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
tracing:
provider:
name: envoy.tracers.zipkin
typed_config:
"@type": type.googleapis.com/envoy.config.trace.v3.ZipkinConfig
collector_cluster: jaeger
collector_endpoint: "/api/v2/spans"
shared_span_context: false
collector_endpoint_version: HTTP_JSON
stat_prefix: ingress_http
codec_type: AUTO
access_log:
- name: envoy.access_loggers.file
typed_config:
"@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
path: /dev/stdout
route_config:
name: backend_route
virtual_hosts:
- name: backend
domains: ["*"]
routes:
- match:
grpc: {}
prefix: "/"
route:
cluster: mobile_api_cluster
- match:
prefix: "/"
route:
cluster: web_cluster
http_filters:
- name: envoy.filters.http.jwt_authn
typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication
providers:
cognito_provider:
issuer: "https://cognito-idp.eu-west-1.amazonaws.com/XXXXXXXXXXX"
forward_payload_header: x-jwt-payload
forward: true
remote_jwks:
http_uri:
uri: https://cognito-idp.eu-west-1.amazonaws.com/XXXXXXXXXX/.well-known/jwks.json
cluster: cognito_jwks_cluster
timeout: 5s
cache_duration:
seconds: 600
rules:
- match:
prefix: /
requires: { provider_name: cognito_provider }
- name: envoy.filters.http.router
clusters:
- name: web_cluster
connect_timeout: 30s
type: logical_dns
dns_lookup_family: V4_ONLY
load_assignment:
cluster_name: web_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: web
port_value: 80
- name: mobile_api_cluster
connect_timeout: 30s
type: logical_dns
dns_lookup_family: V4_ONLY
http2_protocol_options: { }
load_assignment:
cluster_name: mobile_api_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: mobile
port_value: 80
- name: cognito_jwks_cluster
connect_timeout: 5s
type: logical_dns
dns_lookup_family: V4_ONLY
load_assignment:
cluster_name: cognito_jwks_cluster
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: cognito-idp.eu-west-1.amazonaws.com
port_value: 443
transport_socket:
name: envoy.transport_sockets.tls
typed_config:
"@type": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext"
common_tls_context:
validation_context:
trusted_ca:
filename: "/etc/ssl/certs/ca-certificates.crt"
sni: "cognito-idp.eu-west-1.amazonaws.com"
- name: jaeger
connect_timeout: 1s
type: STRICT_DNS
lb_policy: ROUND_ROBIN
load_assignment:
cluster_name: jaeger
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: jaeger
port_value: 9411
At 1.17.4 it works fine, but at 1.19.1 I get
[2021-09-13T11:22:11.711Z] "POST <url> HTTP/2" 200 UR 5 0 418 - "-" "dart-grpc/2.0.0" "835a6feb-4db7-940a-9425-70e0c16cc287" "<host>" "172.24.0.4:80"
I couldn't find any breaking changes in docs so what should I modify?