4

We have the following setup for Google HTTPS load balancer.

Two Frontends: 1. HTTP traffic to static IP 2. HTTPS traffic to the same static IP(DNS configured to a domain name)

Host and Path rules All going to backend

One Backend: With HTTP protocol with session affinity set to client IP

The backend instance has a MEAN app running on port 3000.

From our client side application we are able to get through to backend app using loadbalancer domain name. But we also have a chat feature with socket.io

For socket connection we were not able to use loadbalancer domain name. It throws 400 error.

If we try to use the backend IP directly for socket connection, it works but the if the client is on HTTPS, it creates another problem because backend is http.

Google documentation says loadbalancer supports websockets by default. So not sure what is going on. All other examples I see are relatively old and not relevant I think. Any help is appreciated. Thanks.

Nunna Suma
  • 141

2 Answers2

2

For WebSockets over an HTTP(S) load balancer, the Backend Service (response) timeout is a connection lifetime limit (WebSockets connections are killed after the configured response timeout). Hence, the timeout should be set to the maximum amount of time a WebSocket connection will remain open. The appropriate response timeout value is dependent on the application you use.

You will need to do some experiments to find an appropriate response timeout to avoid the connection timeout closures (increase its value slightly and retry; for example, if 30 seconds is insufficient, try 40sec,50 sec etc.).

Found on StackOverflow.

Md Daud Walizarif
  • 189
1

Herro, I have struggled with debugging this issue for 2 weeks.

@jfriend00 's comment provided providence for my plebian mind.

On nodejs deployment endpoint I have to pass the order of transports in the following:

  app = express()
  server = require('http').Server(app)# {key: tlskey, cert: tlscert},app)
  io = require('socket.io')(server, { transports: ['websocket', 'polling'], cookie:true, secure: true })
  app.use bodyParser.urlencoded(extended: true)

What is happening? I specify to socket.io to explicitly use the websocket transport. If it fails, please fallback to polling. Because the HTTPS GCE Ingress sets some headers (does some header upgrades to wss), I need the secure:true flag in order to match them on my backend. Without the above an error 400 occurs on the client side.

The service runs as a NodePort, with a Generate_Cookie.

If it still fails, try just transports: ['polling'], this is the most basic protocol.

Here is the link for the socket.io doc

MFC
  • 11
  • 2