From e9fa0cbdd0eabaf21b243ae04ff8cc4868a1aae2 Mon Sep 17 00:00:00 2001 From: savagebidoof Date: Tue, 1 Aug 2023 23:37:44 +0200 Subject: [PATCH] Documented the Jellyfin and HTTP2 upgrading thingie --- Migrations/Forget_Traefik_2023/README.md | 92 +++++++++++++++++++++++- 1 file changed, 91 insertions(+), 1 deletion(-) diff --git a/Migrations/Forget_Traefik_2023/README.md b/Migrations/Forget_Traefik_2023/README.md index 4f1f583..613c139 100644 --- a/Migrations/Forget_Traefik_2023/README.md +++ b/Migrations/Forget_Traefik_2023/README.md @@ -2020,4 +2020,94 @@ This left me some questions, especially **how many things can be affected by thi As well the hassle of this issue, provided more reasons to use the `ACME DNS01` challenge instead of the `ACME HTTP01`, which will be configured as soon as available. -### Jellyfin and HTTP2 upgrading \ No newline at end of file +### Jellyfin and HTTP2 upgrading + +I initially set the Jellyfin `DestinationRule` to have the connection upgraded to HTTP2. + +I set it up. + +All the other services work. + +I am also able to listen music and play videos so everything **seems** fine. + +```yaml +apiVersion: networking.istio.io/v1alpha3 +kind: DestinationRule +metadata: + name: jelly + namespace: external + labels: + app: jellyfin +spec: + host: jelly.external.svc.cluster.local + trafficPolicy: + tls: + mode: SIMPLE + connectionPool: + http: + h2UpgradePolicy: UPGRADE +``` + +Couple days later, decide to watch some video with a friend. + +We notice that things are not syncing. + +I try to upgrade version. + +I try to downgrade version. + +Video still doesn't sync. + +I try to use the Jellyfin locally with only Traefik being the Load Balancer in front the Jellyfin service. + +I works. + +Great, well, "_great_", we confirmed that the issue remains within the Istio LB, but why? Why would Istio LB not work and Traefik yes. + +Also, on the Traefik and Istio LB logs everything seems correct... + +Searching through different GitHub issues I stumble into a post mentioning that websockets are used for room/group sync. + +Searching regarding Istio and websockets, I find [the following post](https://github.com/istio/istio/issues/27078) on the Istio issue, stating that cannot upgrade websocket connection to HTTP2. + +On the post it's mentioned that they have deployed an `EnvoyFilter` on their application in order to set `allow_connect: true`. + +It's important to notice that they set this with the context `SIDECAR_INBOUND` meaning that will be applied to the ingress traffic towards that service. + +I have an issue tho, I don't have the service hosted within the cluster (nor will, it requires a little bit more of horsepower to encode/decode on which I am using a full size PC with its GPU with hardware accelaration.) + +What happens if I don't have the service running within the cluster? + +- I can't attach a `EnvoyFilter` configuration to a non-cluster deployed resource. + +Here there are a couple options: + +- Make the Jellyfin host join the cluster as if it was a Virtual Machine, or, install the required resources to join the cluster as a node. In any case meanwhile some of these options are interesting they will be saved for the future. +- Remove the HTTP2 upgrade for that service. + +> **Note**:\ +> Fore more information regarding the `EnvoyFilter` resource refer to the [pertinent documentation regarding `EnvoyFilter` from Istio](https://istio.io/latest/docs/reference/config/networking/envoy-filter/). +> +> As well, the [following documentation from Envoy Regarding Websocket and HTTP upgrades](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades#websocket-over-http-2-or-http-3-hops) is very helpful and interesting. + +Well I disabled the HTTP2 upgrade because I wanted to watch a movie with a friend at that moment, since it's not causing me any issue whatsoever I am not bothered about it, as well I have other matters to prioritize. + +The `DestinationRule` configuration result was the following: + +```yaml +apiVersion: networking.istio.io/v1alpha3 +kind: DestinationRule +metadata: + name: jelly + namespace: external + labels: + app: jellyfin +spec: + host: jelly.external.svc.cluster.local + trafficPolicy: + tls: + mode: SIMPLE + connectionPool: + http: + h2UpgradePolicy: DO_NOT_UPGRADE +``` \ No newline at end of file