Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: disable HTTP/2 ALPN handshake for connections on routes configured with AI-proxy. #13735

Open
wants to merge 12 commits into
base: master
Choose a base branch
from

Conversation

oowl
Copy link
Member

@oowl oowl commented Oct 9, 2024

Summary

This change will disable HTTP/2 ALPN handshake for connections on routes configured with AI-proxy.

The following are the specific changes

Checklist

  • The Pull Request has tests
  • A changelog file has been created under changelog/unreleased/kong or skip-changelog label added on PR if changelog is unnecessary. README.md
  • There is a user-facing docs PR against https://github.com/Kong/docs.konghq.com - PUT DOCS PR HERE

Issue reference

AG-119

@github-actions github-actions bot added build/bazel cherry-pick kong-ee schedule this PR for cherry-picking to kong/kong-ee labels Oct 9, 2024
@pull-request-size pull-request-size bot added size/XL and removed size/L labels Oct 9, 2024
@oowl oowl changed the base branch from master to disable-h2-alpn-re October 12, 2024 07:00
@oowl oowl changed the title feat: disable http2 traffic when ai-proxy was enabled in the current route feat: disable HTTP/2 ALPN handshakes for requests hitting the route configured with ai-proxy Oct 12, 2024
@oowl oowl changed the title feat: disable HTTP/2 ALPN handshakes for requests hitting the route configured with ai-proxy feat: disable HTTP/2 ALPN handshake for connections on routes configured with AI-proxy. Oct 12, 2024
@oowl oowl force-pushed the disable-h2-alpn-ai-proxy branch 2 times, most recently from 9d538a0 to 9e4bf73 Compare October 12, 2024 11:07
Base automatically changed from disable-h2-alpn-re to master October 21, 2024 08:14
Copy link
Contributor

@fffonion fffonion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm except a minor naming comment

Comment on lines +514 to +515
local snis_set, err = kong.cache:get(sni_cache_key, TTL_FOREVER,
sni_filter.build_ssl_route_filter_set, plugin_name)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if this could cause similar performance impact, just the same as the mTLS plugin's case. Suggest we introduce this PR after https://github.com/Kong/kong-ee/pull/10510/files

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's merge the current PR first,it seems that's different functionality in here. When the ee PR merged, I will cherry-pick it to CE ( actually can not directly cherry-pick due to ee and ce db related core code difference)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants