feat(controller): disable http2

qJkee · qJkee · commit 69f0f35e7e0e · 2024-09-10T15:11:40.000+04:00
Disable http2 usage in all servers started
by controller manager
diff --git a/cmd/operator/operator.go b/cmd/operator/operator.go
@@ -18,6 +18,7 @@ package operator
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"net/http"
 	"os"
@@ -32,8 +33,8 @@ import (
 	"github.com/openshift/lvm-operator/v4/internal/controllers/lvmcluster"
 	"github.com/openshift/lvm-operator/v4/internal/controllers/lvmcluster/logpassthrough"
 	"github.com/openshift/lvm-operator/v4/internal/controllers/node/removal"
-	"github.com/openshift/lvm-operator/v4/internal/controllers/persistent-volume"
-	"github.com/openshift/lvm-operator/v4/internal/controllers/persistent-volume-claim"
+	persistent_volume "github.com/openshift/lvm-operator/v4/internal/controllers/persistent-volume"
+	persistent_volume_claim "github.com/openshift/lvm-operator/v4/internal/controllers/persistent-volume-claim"
 	internalCSI "github.com/openshift/lvm-operator/v4/internal/csi"
 	"github.com/openshift/lvm-operator/v4/internal/migration/microlvms"
 	"github.com/spf13/cobra"
@@ -186,9 +187,15 @@ func run(cmd *cobra.Command, _ []string, opts *Options) error {
 			BindAddress:    opts.diagnosticsAddr,
 			SecureServing:  true,
 			FilterProvider: filters.WithAuthenticationAndAuthorization,
+			TLSOpts: []func(*tls.Config){
+				func(c *tls.Config) { c.NextProtos = []string{"http/1.1"} },
+			},
 		},
 		WebhookServer: &webhook.DefaultServer{Options: webhook.Options{
 			Port: 9443,
+			TLSOpts: []func(*tls.Config){
+				func(c *tls.Config) { c.NextProtos = []string{"http/1.1"} },
+			},
 		}},
 		Cache: cache.Options{
 			DefaultTransform: NoManagedFields,
diff --git a/cmd/vgmanager/vgmanager.go b/cmd/vgmanager/vgmanager.go
@@ -18,6 +18,7 @@ package vgmanager
 
 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"net/http"
@@ -125,9 +126,21 @@ func run(cmd *cobra.Command, _ []string, opts *Options) error {
 			BindAddress:    opts.diagnosticsAddr,
 			SecureServing:  true,
 			FilterProvider: filters.WithAuthenticationAndAuthorization,
+			TLSOpts: []func(*tls.Config){
+				func(c *tls.Config) {
+					opts.SetupLog.Info("disabling http/2")
+					c.NextProtos = []string{"http/1.1"}
+				},
+			},
 		},
 		WebhookServer: &webhook.DefaultServer{Options: webhook.Options{
 			Port: 9443,
+			TLSOpts: []func(*tls.Config){
+				func(c *tls.Config) {
+					opts.SetupLog.Info("disabling http/2")
+					c.NextProtos = []string{"http/1.1"}
+				},
+			},
 		}},
 		HealthProbeBindAddress: opts.healthProbeAddr,
 		LeaderElection:         false,
