Full HTTP/2 & gRPC proxying #1125
Labels
Milestone
Comments
This was referenced Feb 20, 2019
Open
Closed
Open
krizhanovsky
modified the milestones:
1.1 TBD - ML, DoH and other features after 1.0,
1.2 TBD
6 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Depends
#769 - Full TLS proxying
Scope
gRPC is a widely used on micro-services projects and it uses HTTP/2. Full HTTP/2 proxying (HTTP/2 connections to backed) must be implemented to work in content delivery and filtration network cases and gRPC proxying and load balancing.
There is not much sense in Huffman encoding for response headers, but it's different for requests, so Huffman encoding must be implemented. Keep in mind that not all the headers should be HPACKed. E.g. it seems Cookie - should neither be indexed nor Huffman encoded.
Avoiding headers variation probably makes sense - while the standard is sitll in draft we still can rebuild headers just like we do this for HTTP/2 -> HTTP/1.1 transition, of course if it makes sense from performance point of view.
We got rid of
seq_queuein #309 and in this task we can get rid ofnip_queue.Security
Need special hooks for inspection logic for gRPC traffic, e.g. https://github.com/tempesta-tech/tempesta/wiki/HTTP-security#custom-character-sets . In general, fRPC traffic must be inspected just as HTTP.
Testing
The test must run gRPC client and server communication through Tempesta FW. Create a gRPC issue if some issues with gRPS are discovered by the test.
The text was updated successfully, but these errors were encountered: