Thanks to JNK et al for very thorough documentation and examples in ASP NET Core Documentation repo. I think I’m close, but I still cannot get reliable , dev and ops dial-tone for my (hopefully) grpc-enable web service hosted on Azure.
Problem: Non-Functional Grpc on deployed
I'm returning to grpc on asp.net core having last "visited" in 2021. I put that project on hold because I couldn't ever find the right mix to create a devops-friendly aspnet core webservice that was hosted on a linux azure container. Linux docker appservice was newer to azure then.
The "gotcha" (I think) always seemed to be:
- correct Kestrel settings for dev and deploy with azure app-hosted SSL cert and service
- related SSL and HTTP2.0 configuration in Azure
Current Bug
My best effort code (.net 8 linux container targeting, using grpc-web via aspnetcore grpc web) is currently deployed on azure and the asp net core page functionality, ssl (azure cert and keyvault secret store), authentication are all working well, connect to sql etc... But, attempts to call the grpc services hosted in the web service result in:
Grpc.Core.RpcException
HResult=0x80131500
Message=Status(StatusCode="Internal", Detail="Error starting gRPC call. HttpRequestException: The HTTP/2 server sent invalid data on the connection. HTTP/2 error code 'PROTOCOL_ERROR' (0x1). (HttpProtocolError) HttpProtocolException: The HTTP/2 server sent invalid data on the connection. HTTP/2 error code 'PROTOCOL_ERROR' (0x1). (HttpProtocolError)", DebugException="System.Net.Http.HttpRequestException: The HTTP/2 server sent invalid data on the connection. HTTP/2 error code 'PROTOCOL_ERROR' (0x1). (HttpProtocolError)")
Related Azure App Service Runtime Settings
- HTTP: 2.0
- HTTP 2.0 Proxy: ON*
- Minimum Inbound TLS: 1.2
- HTTP20_ONLY_PORT: 8585
*Trying to set this to Grpc-only killed site page serving. Still need to serve pages.( What’s the correct setting for grpc web on asp net core ?) ** Added this Environment Setting toward support of grpc-web on azure (?) per https://learn.microsoft.com/en-us/azure/app-service/configure-grpc
Current appsettings.json
{
"Logging": {
"LogLevel": {
"Default": "Trace",
"System": "Trace",
"Grpc": "Trace",
"Microsoft": "Trace",
"Microsoft.AspNetCore": "Trace"
}
},
"AllowedHosts": "*",
"Kestrel": {
"EndpointDefaults": {
"Protocols": "Http2"
}
}
}
Related Program.cs and Startup.cs Fragments
From Program.cs ConfigureHttps
private static async void ConfigureHttps(HttpsConnectionAdapterOptions options)
{
try
{
// set the Kestrel HTTPS certificate
options.ServerCertificate = await SetRuntimeCertificate(false);
if (options.ServerCertificate == null)
{
throw new Exception("SSL Certificate could net be retrieved.");
}
//TODO: Resolve if we should spec 13 or 12
options.SslProtocols = System.Security.Authentication.SslProtocols.Tls13;
}
catch (Exception ex)
{
Console.Error.WriteLine($"unable to load https cert: {ex}");
throw;
}
}
From startup.cs Configure(IServiceCollection services…
services.AddGrpc(o => o.EnableDetailedErrors = true); //(options => { options.EnableDetailedErrors = true; })
From startup.cs Configure(IApplicationBuilder…
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseMigrationsEndPoint();
}
else
{
app.UseExceptionHandler("/Error");
// The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseCookiePolicy();
app.UseRouting();
//PER
app.UseGrpcWeb(new GrpcWebOptions { DefaultEnabled = true });
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
// Communication with gRPC endpoints must be made through a gRPC client.
// To learn how to create a client, visit: https://go.microsoft.com/fwlink/?linkid=2086909
endpoints.MapGrpcService<MembershipService>().EnableGrpcWeb();
endpoints.MapRazorPages();
});
Azure-Friendly Example?
Is there any chance someone has an example, or could modify an one of ASP NET Docs GRPC samples to demonstrate the correct way to set up an ASP NET Core Web Service
- targeting Azure Docker Linux (http2 support)
- including plumbing implementation needed to dev and test with ssl on docker dev since linux docker azure deploy is pretty standard stuff now. (And only way to get full grpc on azure web service, I think)
I need a sample solution that shows how I can reliably develop with and test locally while publishing regularly to Azure.
Any help appreciated. To reiterate: Are there examples or docs anywhere that can reliably deploy a GRPC-capable asp.net core app as azure web service with azure ?
Or anyone see fixes to my code initialization approaches documented above?
Thanks