Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CSI: set gRPC authority header for unix domain socket #12359

Merged
merged 1 commit into from
Mar 23, 2022

Conversation

tgross
Copy link
Member

@tgross tgross commented Mar 23, 2022

Fixes democratic-csi/democratic-csi#164
(See my commentary at democratic-csi/democratic-csi#164 (comment))

The go-grpc library used by most CSI plugins doesn't require the
authority header to be set, which violates the HTTP2 spec but doesn't
impact Nomad because both sides of the connection are using the same
library. But plugins written in other languages (democratic-csi for
example) may have more strictly conforming gRPC server libraries and
we need to set the authority header manually.

I've tested this out on both a NodeJS-based plugin (democratic-csi) and
a golang-based plugin (aws-ebs)

Note that this appears to have been fixed in grpc/grpc-go@a5a36bd
which we have in Nomad but in my testing this patch seems to be flawed.
You can't pass a target with a unix:// prefix here and get a working connection,
so the header isn't ever set. When I have some time I'll try to put together a
minimal repro and open an issue with upstream.

The go-grpc library used by most CSI plugins doesn't require the
authority header to be set, which violates the HTTP2 spec but doesn't
impact Nomad because both sides of the connection are using the same
library. But plugins written in other languages (`democratic-csi` for
example) may have more strictly conforming gRPC server libraries and
we need to set the authority header manually.
Copy link
Member

@shoenig shoenig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 17, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
backport/1.1.x backport to 1.1.x release line backport/1.2.x backport to 1.1.x release line theme/storage type/bug
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Nomad not marking controllers and nodes as healthy
3 participants