zwass
01/13/2021, 7:46 PMJustin Bowen
01/13/2021, 8:03 PMzwass
01/13/2021, 8:25 PMCarlo Miguel Cruz
01/13/2021, 8:41 PMerr":"enrolling host: transport error in enrollment: rpc error: code = Unavailable desc = unavailable"
) from launcher. The fleetdm web console also gets HTTP error 502 Bad Gateway
on HTTP2. The web console gets HTTP error 464
when we set the target group to gRPC. That is why we went back to using NLB.zwass
01/13/2021, 10:00 PMCarlo Miguel Cruz
01/14/2021, 5:20 AMrpc error: code = Unavailable desc = unavailable
so we can act on it. We are still investigating as well. Were there similar reports like this before?--insecure --insecure_transport
still did not allow gRPC to connect directly to the fleetdm server.
So what we did for now is to terminate SSL on the application load balancer for the UI using AWS ACM. We used a separate network load balancer for the gRPC connection and just terminated the SSL directly on the fleetdm pods using a self-signed certificate. We have separate endpoints now for accessing the UI and for the gRPC connections.
Thanks for helping us. I hope you may find our feedback useful as well. All the best!