Efficient way to enable HTTP/2 on my EKS container running behind an AWS network load-balancer controller with Route 53

Question

I have a container running on EKS, which is running behind the AWS network load-balancer controller and I am using Route 53 for my domain.

I want the server and the load balancer to run on HTTP/2 instead of HTTP/1.1 natively.

After passing the required annotations from the documentation both from AWS console and to the controller file directly, it still does not reflect any changes and runs on HTTP/1.1.

My application supports HTTP/2 but right now I have provided a self-signed certificate to it at the application-level since I have Route 53 enabled for hosting.

• Do I require a SSL certificate and manually provide it to my server?
• Or, is there a differnt way do do this, i.e. different documentaion/different service on AWS?

EDIT: Is it possible to force HTTP/2 from the network load balancer level even if the application level is running on HTTP/1.1?

Answer 1

if its possible to change it fully to use the ALB one with aws-load-balancer-controlle and you specify the certificate arn of the AWS ACM and the listen ports with both http 80 and https 443,

its usually will response HTTP/2.

Reference :

• https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.5/guide/ingress/annotations/#tls
• https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.5/guide/ingress/annotations/#listen-ports

then you don't need to provide the self signed to your application.

fyi, the NLB is for the TCP (OSI Layer 4) based Load Balancer so its didn't have visibility on whats going on in the OSI Layer 7, thats why above condition happen.