User guide gRPC #2108
User guide gRPC #2108
Conversation
juliens
added
area/documentation
kind/enhancement
juliens
force-pushed
the
doc/user-guide-grpc
branch
2 times, most recently
from
5460042 to
a95fa3b
Compare
mkdocs.yml
Outdated
| @@ -93,4 +93,6 @@ pages: | |||
| - 'Marathon': 'user-guide/marathon.md' | |||
| - 'Key-value Store Configuration': 'user-guide/kv-config.md' | |||
| - 'Clustering/HA': 'user-guide/cluster.md' | |||
| - 'Let''s Encrypt & Docker': 'user-guide/docker-and-lets-encrypt.md' | |||
| - 'gRPC Example': 'user-guide/grpc.md' | |||
There was a problem hiding this comment.
Let's encrypt entry is already described above.
docs/user-guide/grpc.md
Outdated
| @@ -0,0 +1,136 @@ | |||
| # gRPC example | |||
|
|
|||
| This section explains how to use Traefik has reverse proxy for gRPC application with self-signed certificates. | |||
There was a problem hiding this comment.
s/Traefik/Træfik/ s/has/as/
docs/user-guide/grpc.md
Outdated
|
|
||
| !!! warning | ||
| Has gRPC needs HTTP2, we need to have valid HTTPS on both gRPC Server and Traefik. | ||
|
|
There was a problem hiding this comment.
s/has/as ?
we need to have valid HTTPS on
=> we need valid HTTPS certificates on ?
docs/user-guide/grpc.md
Outdated
| That will prompt for information, the important answer is | ||
| ``` | ||
| Common Name (e.g. server FQDN or YOUR name) []: backend.local | ||
| ``` |
There was a problem hiding this comment.
Maybe show the command line with all information to key (with fake values) and add a note to explain the importance of the CN value?
# Set our CSR variables
SUBJ="
C=FR
ST=MP
O=
localityName=Toulouse
commonName=$DOMAIN
organizationalUnitName=Traefik
emailAddress=
"
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -subj "$(echo -n "$SUBJ" | tr "\n" "/")" -keyout ./backend.key -out ./backend.crt(command to check)
docs/user-guide/grpc.md
Outdated
| with | ||
| ``` | ||
| Common Name (e.g. server FQDN or YOUR name) []: frontend.local | ||
| ``` |
There was a problem hiding this comment.
See above for the subject argument
docs/user-guide/grpc.md
Outdated
| ## Traefik configuration | ||
|
|
||
| At last, we configure our Traefik to use the both self-signed certificate. | ||
|
|
There was a problem hiding this comment.
s/Traefik/Træfik/
our Traefik to
=> our Træfik instance to ?
docs/user-guide/grpc.md
Outdated
| ## Conclusion | ||
|
|
||
| We don't need specific configuration to use gRPC in Traefik, we just need to be careful that all the exchange (between client and Traefik, and between Traefik and backend) are valid HTTPS communication (no InsecureSkipVerify) because gRPC use HTTP2. | ||
|
|
There was a problem hiding this comment.
s/Traefik/Træfik/
s/exchange/exchanges/ ?
s/communication/communications/ ?
no InsecureSkipVerify
=> without the skipInsecureVerify option enabled
docs/user-guide/grpc.md
Outdated
|
|
||
| !!! warning | ||
| In order to use this gRPC example, we need to modify it in order to use HTTPS | ||
|
|
There was a problem hiding this comment.
we need to modify it in order to use HTTPS
we need to modify it to use HTTPS
(in order to twice in the sentence)
juliens
force-pushed
the
doc/user-guide-grpc
branch
from
a95fa3b to
997a05d
Compare
docs/user-guide/grpc.md
Outdated
|
|
||
| ## Træfik configuration | ||
|
|
||
| At last, we configure our Træfik instance to use the both self-signed certificate. |
There was a problem hiding this comment.
Little grammar improvement:
use the both self-signed certificate -> use both self-signed certificates
| As gRPC needs HTTP2, we need valid HTTPS certificates on both gRPC Server and Træfik. | ||
|
|
||
| <p align="center"> | ||
| <img src="/img/grpc.svg" alt="gRPC architecture" title="gRPC architecture" /> |
There was a problem hiding this comment.
Doesn't it need to be /docs/img/grpc.svg? 🤔
There was a problem hiding this comment.
it's relative to web root e.g. docs/, see https://raw.githubusercontent.com/containous/traefik/master/docs/index.md
There was a problem hiding this comment.
traefiker
force-pushed
the
doc/user-guide-grpc
branch
from
8413f27 to
3a02f13
Compare
ldez
force-pushed
the
doc/user-guide-grpc
branch
from
3a02f13 to
d256ab0
Compare
A example on how to use gRPC with self-signed certficate