Hi all. We are using the SpiceDB
# spicedbt
Tom C
05/27/2025, 2:05 PMHi all. We are using the SpiceDB operator for our deployment. We're also using an nginx ingress infront of the spiceDB cluster. What we are observing is if a pod is shutdown and a new pod spun up to take its place, for a few minutes after, we are seeing errors like
rpc error: code = DeadlineExceeded desc = received context error while waiting for new LB policy update: context deadline exceededy
yetitwo
05/27/2025, 2:33 PMi don't think nginx is grpc-aware
yetitwo
05/27/2025, 2:34 PMso my guess is that when the upstream becomes unavailable, the http connection is still open, and you're having to wait until the gRPC connection ages out (which is a different configuration value than the shutdown grace period)
yetitwo
05/27/2025, 2:34 PMwe use envoy for ingress in our own infra for this reason
t
Tom C
05/27/2025, 3:25 PMI believe nginx works with gRPC. We have the following config:
Copy code
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"y
yetitwo
05/27/2025, 3:36 PMit saying that it supports gRPC doesn't mean that it handles it well - we've seen the same problem with folks using AWS ALBs, which also claim to support gRPC
6 Views