Route requests of gRPC applications based on cloud-native gateways - Microservices Engine

The Google Remote Procedure Call (gRPC) framework uses the HTTP/2 protocol and supports features such as bidirectional streaming, header compression, and multiplexing. This improves the efficiency of network transmission. This topic describes how to deploy a gRPC application in a Container Service for Kubernetes (ACK) cluster and use a cloud-native gateway to route requests of the gRPC application.

Prerequisites

A cloud-native gateway is created. For more information, see Create an MSE cloud-native gateway.
An ACK cluster is created. For more information, see Create an ACK managed cluster.

Step 1: Deploy a gRPC application in the ACK cluster

For more information about how to deploy an application, see Create a stateless application by using a Deployment.

In this example, the ACK cluster is used for service discovery. The backend service is registered with CoreDNS by using annotation-based service APIs. This example uses an application named grpcbin as a backend service to implement multiple gRPC services. The following code shows the configuration of the resource that is used by the grpcbin application in the ACK cluster.

Note

The name of the gRPC service in the port field of the Kubernetes service must contain grpc.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: grpcbin
spec:
  replicas: 1
  selector:
    matchLabels:
      app: grpcbin
  template:
    metadata:
      labels:
        app: grpcbin
    spec:
      serviceAccountName: grpcbin
      containers:
      - image: docker.io/moul/grpcbin
        imagePullPolicy: IfNotPresent
        name: grpcbin
        ports:
        - containerPort: 9000
        - containerPort: 9001
        resources:
            requests:
              cpu: '1'
              memory: 2Gi
            limit:
              cpu: '1'
              memory: 2Gi
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: grpcbin
---
apiVersion: v1
kind: Service
metadata:
  name: grpcbin-grpc
  labels:
    app: grpcbin
spec:
  ports:
  - name: grpc
    port: 9000
    targetPort: 9000
  selector:
    app: grpcbin

The following code shows the proto definition for the gRPC service.

syntax = "proto3";

package grpcbin;

service GRPCBin {
  rpc Index(EmptyMessage) returns (IndexReply) {}
  // The method that is called without parameters specified. An empty response is returned after the call.
  rpc Empty(EmptyMessage) returns (EmptyMessage) {}
  // The request parameters are returned.
  rpc DummyUnary(DummyMessage) returns (DummyMessage) {}
  // A streaming call is initiated for the response, and 10 response messages are returned.
  rpc DummyServerStream(DummyMessage) returns (stream DummyMessage) {}
  // A streaming call is initiated for the request, 10 requests are received, and the last request body is returned.
  rpc DummyClientStream(stream DummyMessage) returns (DummyMessage) {}
  // The streaming method that is used for both requests and responses.
  rpc DummyBidirectionalStreamStream(stream DummyMessage) returns (stream DummyMessage) {}
  // After this method is called, a specified gRPC error is returned.
  rpc SpecificError(SpecificErrorRequest) returns (EmptyMessage) {}
  // After this method is called, a random error is returned.
  rpc RandomError(EmptyMessage) returns (EmptyMessage) {}
  // After this method is called, a header is returned.
  rpc HeadersUnary(EmptyMessage) returns (HeadersMessage) {}
  // After this method is called, no response is returned.
  rpc NoResponseUnary(EmptyMessage) returns (EmptyMessage) {}
}

message HeadersMessage {
  message Values {
    repeated string values = 1;
  }
  map<string, Values> Metadata = 1;
}

message SpecificErrorRequest {
  uint32 code = 1;
  string reason = 2;
}

message EmptyMessage {}

message DummyMessage {
  message Sub {
    string f_string = 1;
  }
  enum Enum {
    ENUM_0 = 0;
    ENUM_1 = 1;
    ENUM_2 = 2;
  }
  string f_string = 1;
  repeated string f_strings = 2;
  int32 f_int32 = 3;
  repeated int32 f_int32s = 4;
  Enum f_enum = 5;
  repeated Enum f_enums = 6;
  Sub f_sub = 7;
  repeated Sub f_subs = 8;
  bool f_bool = 9;
  repeated bool f_bools = 10;
  int64 f_int64 = 11;
  repeated int64 f_int64s= 12;
  bytes f_bytes = 13;
  repeated bytes f_bytess = 14;
  float f_float = 15;
  repeated float f_floats = 16;
}

message IndexReply {
  message Endpoint {
    string path = 1;
    string description = 2;
  }
  string description = 1;
  repeated Endpoint endpoints = 2;
}

The underlying layer of the gRPC service is based on the HTTP/2 protocol, and the Path field is in the {Package name}.{Service name}/{Method name} format. MSE cloud-native gateways can use the Path field to implement gRPC routing. For example, if you use gRPC to access the Index method of grpcbin, the value of the Path field for the HTTP/2 protocol is grpcbin.GRPCBin/Index.

Step 2: Use the cloud-native gateway to route gRPC requests

Add the ACK cluster as a service source of the cloud-native gateway and add the grpcbin service.

Add a service source

Log on to the MSE console. In the top navigation bar, select a region.
In the left-side navigation pane, choose Cloud-native Gateway > Gateways. On the Gateways page, click the name of the gateway.
In the left-side navigation pane, click Routes. On the page that appears, click the Sources tab.

Click Add Source. In the Add Source panel, set Source Type to Container Service, configure the parameters, and then click OK.

Parameter	Description
ACK/ACK Serverless Cluster	Select the cluster in which the backend services run. Note When you create a gateway, you need to select the VPC in which the cluster is deployed. This way, when you add a service source, the cluster in this VPC is automatically obtained.
Listen to Kubernetes Ingress	If you turn on this switch, the cloud-native gateway automatically listens to the changes of Ingress resources, and the listened configurations of domain names and routes of the Ingress resources take effect. If you turn off this switch, the cloud-native gateway no longer listens to the changes of Ingress resources, and makes the listened configurations of domain names and routes of the Ingress resources become ineffective. Exercise caution when you perform this operation. Important The priorities of the domain names and routes that are manually configured in the MSE console are higher than the priorities of the domain names and routes of the Ingress resources that the cloud-native gateway listens to.
Ingress Class	The Ingress class with which Ingress resources are associated. If you do not specify this parameter, the cloud-native gateway monitors all the Ingress resources in the cluster. If you specify an Ingress class for this parameter, the cloud-native gateway monitors the Ingress resources that have the `class` annotation or whose `Spec.IngressClassName` value is the same as the configured value. You cannot specify multiple Ingress classes for this parameter. If you set this parameter to `nginx`, the cloud-native gateway listens to the Ingress resources whose IngressClass is `nginx` or the Ingress resources that are not associated with any Ingress class.
Namespace	The namespace to which Ingress resources belong. If you do not specify this parameter, the cloud-native gateway listens to all the Ingress resources in all the namespaces of the cluster. If you specify a single namespace for this parameter, the cloud-native gateway listens to the Ingress resources in the specified namespace of the cluster. You cannot specify multiple namespaces for this parameter at a time.
Update Ingress Status	If you select Open for this parameter, the IP address of the Ingress that you listen to is changed to the IP address of the Server Load Balancer (SLB) instance associated with the cloud-native gateway. Note You can use this feature only if the gateway version is 1.2.9 or later.
Security Group Rules	Security groups are configured in the node pool of the ACK cluster. In most cases, if the components outside the cluster want to access services in the cluster, you must enable all ports required by the services in security groups. You can modify security groups. For more information, see Configure security group rules.

Add a service

Log on to the MSE console, and select a region in the top navigation bar.
In the left-side navigation pane, choose Cloud-native Gateway > Gateways. On the Gateways page, click the name of the gateway.
In the left-side navigation pane, click Routes. On the page that appears, click the Services tab.
On the Services tab, click Add Service. In the Add Service panel, configure the parameters and click OK.
Parameter
Description
Source Type
Select Container Service.
Namespace
Select the namespace of the cluster.
Services
Select one or more services from the Services section.

Add a route from the gateway to the grpcbin service

Log on to the MSE console, and select a region in the top navigation bar.
In the left-side navigation pane, choose Cloud-native Gateway > Gateways. On the Gateways page, click the name of the gateway.
In the left-side navigation pane, click Routes, and click the Routes tab.

On the Routes tab, click Add Route. On the Add Route page, configure the parameters and click Save and Advertise. For more information, see Create a route.

Parameter	Description
Routing Rule Name	Enter grpc in this field.
Domain name	Select the default domain name * from the drop-down list.
Path	Select Prefix from the drop-down list and enter a path that starts with /grpcbin.GRPCBin. Note The path of the gRPC service is in the {Package name}.{Service name}/{Method name} format. You can configure the required route prefix.
Scenario	Select Single Service for the route.
Backend Service	Specify the service and configure the Service Port parameter.

Verify the result

Use bloomrpc to test the gRPC service availability. If a response is returned, the gRPC service is available.

You can also use other gRPC clients for testing. 测试gRPC服务可用性

Parameter	Description
Source Type	Select Container Service.
Namespace	Select the namespace of the cluster.
Services	Select one or more services from the Services section.