kubernetes
/
ingress-nginx
mirror of https://github.com/kubernetes/ingress-nginx.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ingress-nginx/examples/grpc/index.html

92 lines
33 KiB
HTML
Raw Blame History

<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><link href=https://kubernetes.github.io/ingress-nginx/examples/grpc/ rel=canonical><link rel="shortcut icon" href=../../assets/images/favicon.png><meta name=generator content="mkdocs-1.1.2, mkdocs-material-6.2.4"><title>gRPC - NGINX Ingress Controller</title><link rel=stylesheet href=../../assets/stylesheets/main.15aa0b43.min.css><link rel=stylesheet href=../../assets/stylesheets/palette.75751829.min.css><meta name=theme-color content=#009485><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700%7CRoboto+Mono&display=fallback"><style>body,input{font-family:"Roboto",-apple-system,BlinkMacSystemFont,Helvetica,Arial,sans-serif}code,kbd,pre{font-family:"Roboto Mono",SFMono-Regular,Consolas,Menlo,monospace}</style><link rel=stylesheet href=../../extra.css><script>window.ga=window.ga||function(){(ga.q=ga.q||[]).push(arguments)},ga.l=+new Date,ga("create","UA-118407822-1","kubernetes.github.io"),ga("set","anonymizeIp",!0),ga("send","pageview"),document.addEventListener("DOMContentLoaded",function(){document.forms.search&&document.forms.search.query.addEventListener("blur",function(){if(this.value){var e=document.location.pathname;ga("send","pageview",e+"?q="+this.value)}})}),document.addEventListener("DOMContentSwitch",function(){ga("send","pageview",document.location.pathname)})</script><script async src=https://www.google-analytics.com/analytics.js></script></head> <body dir=ltr data-md-color-scheme data-md-color-primary=teal data-md-color-accent=green> <input class=md-toggle data-md-toggle=drawer type=checkbox id=__drawer autocomplete=off> <input class=md-toggle data-md-toggle=search type=checkbox id=__search autocomplete=off> <label class=md-overlay for=__drawer></label> <div data-md-component=skip> <a href=#grpc class=md-skip> Skip to content </a> </div> <div data-md-component=announce> </div> <header class=md-header data-md-component=header> <nav class="md-header-nav md-grid" aria-label=Header> <a href=https://kubernetes.github.io/ingress-nginx title="NGINX Ingress Controller" class="md-header-nav__button md-logo" aria-label="NGINX Ingress Controller"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a3 3 0 003-3 3 3 0 00-3-3 3 3 0 00-3 3 3 3 0 003 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg> </a> <label class="md-header-nav__button md-icon" for=__drawer> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2z"/></svg> </label> <div class=md-header-nav__title data-md-component=header-title> <div class=md-header-nav__ellipsis> <div class=md-header-nav__topic> <span class=md-ellipsis> NGINX Ingress Controller </span> </div> <div class=md-header-nav__topic> <span class=md-ellipsis> gRPC </span> </div> </div> </div> <label class="md-header-nav__button md-icon" for=__search> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg> </label> <div class=md-search data-md-component=search role=dialog> <label class=md-search__overlay for=__search></label> <div class=md-search__inner role=search> <form class=md-search__form name=search> <input type=text class=md-search__input name=query aria-label=Search placeholder=Search autocapitalize=off autocorrect=off autocomplete=off spellcheck=false data-md-component=search-query data-md-state=active required> <label class="md-search__icon md-icon" for=__search> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0116 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 019.5 16 6.5 6.5 0 013 9.5 6.5 6.5 0 019.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg> </label> <button type=reset class="md-search__icon md-icon" aria-label=Clear data-md-component=search-reset tabindex=-1> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M19 6.41L17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg> </button> </form> <div class=md-search__output> <div class=md-search__scrollwrap data-md-scrollfix> <div class=md-search-result data-md-component=search-result> <div class=md-search-result__meta> Initializing search </div> <ol class=md-search-result__list></ol> </div> </div> </div> </div> </div> <div class=md-header-nav__source> <a href=https://github.com/kubernetes/ingress-nginx/ title="Go to repository" class=md-source> <div class="md-source__icon md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 00-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 01-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 000 40.81l195.61 195.6a28.86 28.86 0 0040.8 0l194.69-194.69a28.86 28.86 0 000-40.81z"/></svg> </div> <div class=md-source__repository> kubernetes/ingress-nginx </div> </a> </div> </nav> </header> <div class=md-container data-md-component=container> <nav class=md-tabs aria-label=Tabs data-md-component=tabs> <div class="md-tabs__inner md-grid"> <ul class=md-tabs__list> <li class=md-tabs__item> <a href=../.. class=md-tabs__link> Welcome </a> </li> <li class=md-tabs__item> <a href=../../deploy/ class=md-tabs__link> Deployment </a> </li> <li class=md-tabs__item> <a href=../../user-guide/nginx-configuration/ class=md-tabs__link> User guide </a> </li> <li class=md-tabs__item> <a href=../ class="md-tabs__link md-tabs__link--active"> Examples </a> </li> <li class=md-tabs__item> <a href=../../developer-guide/getting-started/ class=md-tabs__link> Developer Guide </a> </li> </ul> </div> </nav> <main class=md-main data-md-component=main> <div class="md-main__inner md-grid"> <div class="md-sidebar md-sidebar--primary" data-md-component=navigation> <div class=md-sidebar__scrollwrap> <div class=md-sidebar__inner> <nav class="md-nav md-nav--primary md-nav--lifted" aria-label=Navigation data-md-level=0> <label class=md-nav__title for=__drawer> <a href=https://kubernetes.github.io/ingress-nginx title="NGINX Ingress Controller" class="md-nav__button md-logo" aria-label="NGINX Ingress Controller"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M12 8a3 3 0 003-3 3 3 0 00-3-3 3 3 0 00-3 3 3 3 0 003 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg> </a> NGINX Ingress Controller </label> <div class=md-nav__source> <a href=https://github.com/kubernetes/ingress-nginx/ title="Go to repository" class=md-source> <div class="md-source__icon md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 448 512"><path d="M439.55 236.05L244 40.45a28.87 28.87 0 00-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 01-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 000 40.81l195.61 195.6a28.86 28.86 0 0040.8 0l194.69-194.69a28.86 28.86 0 000-40.81z"/></svg> </div> <div class=md-source__repository> kubernetes/ingress-nginx </div> </a> </div> <ul class=md-nav__list data-md-scrollfix> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-1 type=checkbox id=nav-1> <label class=md-nav__link for=nav-1> Welcome <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Welcome data-md-level=1> <label class=md-nav__title for=nav-1> <span class="md-nav__icon md-icon"></span> Welcome </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../.. class=md-nav__link> Welcome </a> </li> <li class=md-nav__item> <a href=../../how-it-works/ class=md-nav__link> How it works </a> </li> <li class=md-nav__item> <a href=../../troubleshooting/ class=md-nav__link> Troubleshooting </a> </li> <li class=md-nav__item> <a href=../../kubectl-plugin/ class=md-nav__link> kubectl plugin </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-2 type=checkbox id=nav-2> <label class=md-nav__link for=nav-2> Deployment <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Deployment data-md-level=1> <label class=md-nav__title for=nav-2> <span class="md-nav__icon md-icon"></span> Deployment </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../../deploy/ class=md-nav__link> Installation Guide </a> </li> <li class=md-nav__item> <a href=../../deploy/baremetal/ class=md-nav__link> Bare-metal considerations </a> </li> <li class=md-nav__item> <a href=../../deploy/rbac/ class=md-nav__link> Role Based Access Control (RBAC) </a> </li> <li class=md-nav__item> <a href=../../deploy/upgrade/ class=md-nav__link> Upgrade </a> </li> <li class=md-nav__item> <a href=../../deploy/hardening-guide/ class=md-nav__link> Hardening guide </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-3 type=checkbox id=nav-3> <label class=md-nav__link for=nav-3> User guide <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label="User guide" data-md-level=1> <label class=md-nav__title for=nav-3> <span class="md-nav__icon md-icon"></span> User guide </label> <ul class=md-nav__list data-md-scrollfix> <li class="md-nav__item md-nav__item--section md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-3-1 type=checkbox id=nav-3-1> <label class=md-nav__link for=nav-3-1> NGINX Configuration <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label="NGINX Configuration" data-md-level=2> <label class=md-nav__title for=nav-3-1> <span class="md-nav__icon md-icon"></span> NGINX Configuration </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../../user-guide/nginx-configuration/ class=md-nav__link> Introduction </a> </li> <li class=md-nav__item> <a href=../../user-guide/basic-usage/ class=md-nav__link> Basic usage </a> </li> <li class=md-nav__item> <a href=../../user-guide/nginx-configuration/annotations/ class=md-nav__link> Annotations </a> </li> <li class=md-nav__item> <a href=../../user-guide/nginx-configuration/configmap/ class=md-nav__link> ConfigMap </a> </li> <li class=md-nav__item> <a href=../../user-guide/nginx-configuration/custom-template/ class=md-nav__link> Custom NGINX template </a> </li> <li class=md-nav__item> <a href=../../user-guide/nginx-configuration/log-format/ class=md-nav__link> Log format </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=../../user-guide/cli-arguments/ class=md-nav__link> Command line arguments </a> </li> <li class=md-nav__item> <a href=../../user-guide/custom-errors/ class=md-nav__link> Custom errors </a> </li> <li class=md-nav__item> <a href=../../user-guide/default-backend/ class=md-nav__link> Default backend </a> </li> <li class=md-nav__item> <a href=../../user-guide/exposing-tcp-udp-services/ class=md-nav__link> Exposing TCP and UDP services </a> </li> <li class=md-nav__item> <a href=../../user-guide/fcgi-services/ class=md-nav__link> Exposing FCGI services </a> </li> <li class=md-nav__item> <a href=../../user-guide/ingress-path-matching/ class=md-nav__link> Regular expressions in paths </a> </li> <li class=md-nav__item> <a href=../../user-guide/external-articles/ class=md-nav__link> External Articles </a> </li> <li class=md-nav__item> <a href=../../user-guide/miscellaneous/ class=md-nav__link> Miscellaneous </a> </li> <li class=md-nav__item> <a href=../../user-guide/monitoring/ class=md-nav__link> Prometheus and Grafana installation </a> </li> <li class=md-nav__item> <a href=../../user-guide/multiple-ingress/ class=md-nav__link> Multiple Ingress controllers </a> </li> <li class=md-nav__item> <a href=../../user-guide/tls/ class=md-nav__link> TLS/HTTPS </a> </li> <li class="md-nav__item md-nav__item--section md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-3-13 type=checkbox id=nav-3-13> <label class=md-nav__link for=nav-3-13> Third party addons <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label="Third party addons" data-md-level=2> <label class=md-nav__title for=nav-3-13> <span class="md-nav__icon md-icon"></span> Third party addons </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../../user-guide/third-party-addons/modsecurity/ class=md-nav__link> ModSecurity Web Application Firewall </a> </li> <li class=md-nav__item> <a href=../../user-guide/third-party-addons/opentracing/ class=md-nav__link> OpenTracing </a> </li> </ul> </nav> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--active md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-4 type=checkbox id=nav-4 checked> <label class=md-nav__link for=nav-4> Examples <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Examples data-md-level=1> <label class=md-nav__title for=nav-4> <span class="md-nav__icon md-icon"></span> Examples </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../ class=md-nav__link> Introduction </a> </li> <li class=md-nav__item> <a href=../PREREQUISITES/ class=md-nav__link> Prerequisites </a> </li> <li class=md-nav__item> <a href=../affinity/cookie/ class=md-nav__link> Sticky Sessions </a> </li> <li class="md-nav__item md-nav__item--section md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-4-4 type=checkbox id=nav-4-4> <label class=md-nav__link for=nav-4-4> Auth <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Auth data-md-level=2> <label class=md-nav__title for=nav-4-4> <span class="md-nav__icon md-icon"></span> Auth </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../auth/basic/ class=md-nav__link> Basic Authentication </a> </li> <li class=md-nav__item> <a href=../auth/client-certs/ class=md-nav__link> Client Certificate Authentication </a> </li> <li class=md-nav__item> <a href=../auth/external-auth/ class=md-nav__link> External Basic Authentication </a> </li> <li class=md-nav__item> <a href=../auth/oauth-external-auth/ class=md-nav__link> External OAUTH Authentication </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--section md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-4-5 type=checkbox id=nav-4-5> <label class=md-nav__link for=nav-4-5> Customization <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label=Customization data-md-level=2> <label class=md-nav__title for=nav-4-5> <span class="md-nav__icon md-icon"></span> Customization </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../customization/configuration-snippets/ class=md-nav__link> Configuration Snippets </a> </li> <li class=md-nav__item> <a href=../customization/custom-configuration/ class=md-nav__link> Custom Configuration </a> </li> <li class=md-nav__item> <a href=../customization/custom-errors/ class=md-nav__link> Custom Errors </a> </li> <li class=md-nav__item> <a href=../customization/custom-headers/ class=md-nav__link> Custom Headers </a> </li> <li class=md-nav__item> <a href=../customization/external-auth-headers/ class=md-nav__link> External authentication </a> </li> <li class=md-nav__item> <a href=../customization/ssl-dh-param/ class=md-nav__link> Custom DH parameters for perfect forward secrecy </a> </li> <li class=md-nav__item> <a href=../customization/sysctl/ class=md-nav__link> Sysctl tuning </a> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=../docker-registry/ class=md-nav__link> Docker registry </a> </li> <li class="md-nav__item md-nav__item--active"> <input class="md-nav__toggle md-toggle" data-md-toggle=toc type=checkbox id=__toc> <label class="md-nav__link md-nav__link--active" for=__toc> gRPC <span class="md-nav__icon md-icon"></span> </label> <a href=./ class="md-nav__link md-nav__link--active"> gRPC </a> <nav class="md-nav md-nav--secondary" aria-label="Table of contents"> <label class=md-nav__title for=__toc> <span class="md-nav__icon md-icon"></span> Table of contents </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=#prerequisites class=md-nav__link> Prerequisites </a> <nav class=md-nav aria-label=Prerequisites> <ul class=md-nav__list> <li class=md-nav__item> <a href=#step-1-create-a-kubernetes-deployment-for-grpc-app class=md-nav__link> Step 1: Create a Kubernetes Deployment for gRPC app </a> </li> <li class=md-nav__item> <a href=#step-2-create-the-kubernetes-service-for-the-grpc-app class=md-nav__link> Step 2: Create the Kubernetes Service for the gRPC app </a> </li> <li class=md-nav__item> <a href=#step-3-create-the-kubernetes-ingress-resource-for-the-grpc-app class=md-nav__link> Step 3: Create the Kubernetes Ingress resource for the gRPC app </a> </li> <li class=md-nav__item> <a href=#step-4-test-the-connection class=md-nav__link> Step 4: test the connection </a> </li> <li class=md-nav__item> <a href=#debugging-hints class=md-nav__link> Debugging Hints </a> </li> <li class=md-nav__item> <a href=#notes-on-using-responserequest-streams class=md-nav__link> Notes on using response/request streams </a> </li> </ul> </nav> </li> </ul> </nav> </li> <li class=md-nav__item> <a href=../multi-tls/ class=md-nav__link> Multi TLS certificate termination </a> </li> <li class=md-nav__item> <a href=../rewrite/ class=md-nav__link> Rewrite </a> </li> <li class=md-nav__item> <a href=../static-ip/ class=md-nav__link> Static IPs </a> </li> <li class=md-nav__item> <a href=../tls-termination/ class=md-nav__link> TLS termination </a> </li> <li class=md-nav__item> <a href=../psp/ class=md-nav__link> Pod Security Policy (PSP) </a> </li> </ul> </nav> </li> <li class="md-nav__item md-nav__item--nested"> <input class="md-nav__toggle md-toggle" data-md-toggle=nav-5 type=checkbox id=nav-5> <label class=md-nav__link for=nav-5> Developer Guide <span class="md-nav__icon md-icon"></span> </label> <nav class=md-nav aria-label="Developer Guide" data-md-level=1> <label class=md-nav__title for=nav-5> <span class="md-nav__icon md-icon"></span> Developer Guide </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=../../developer-guide/getting-started/ class=md-nav__link> Getting Started </a> </li> <li class=md-nav__item> <a href=../../developer-guide/code-overview/ class=md-nav__link> Code Overview </a> </li> </ul> </nav> </li> </ul> </nav> </div> </div> </div> <div class="md-sidebar md-sidebar--secondary" data-md-component=toc> <div class=md-sidebar__scrollwrap> <div class=md-sidebar__inner> <nav class="md-nav md-nav--secondary" aria-label="Table of contents"> <label class=md-nav__title for=__toc> <span class="md-nav__icon md-icon"></span> Table of contents </label> <ul class=md-nav__list data-md-scrollfix> <li class=md-nav__item> <a href=#prerequisites class=md-nav__link> Prerequisites </a> <nav class=md-nav aria-label=Prerequisites> <ul class=md-nav__list> <li class=md-nav__item> <a href=#step-1-create-a-kubernetes-deployment-for-grpc-app class=md-nav__link> Step 1: Create a Kubernetes Deployment for gRPC app </a> </li> <li class=md-nav__item> <a href=#step-2-create-the-kubernetes-service-for-the-grpc-app class=md-nav__link> Step 2: Create the Kubernetes Service for the gRPC app </a> </li> <li class=md-nav__item> <a href=#step-3-create-the-kubernetes-ingress-resource-for-the-grpc-app class=md-nav__link> Step 3: Create the Kubernetes Ingress resource for the gRPC app </a> </li> <li class=md-nav__item> <a href=#step-4-test-the-connection class=md-nav__link> Step 4: test the connection </a> </li> <li class=md-nav__item> <a href=#debugging-hints class=md-nav__link> Debugging Hints </a> </li> <li class=md-nav__item> <a href=#notes-on-using-responserequest-streams class=md-nav__link> Notes on using response/request streams </a> </li> </ul> </nav> </li> </ul> </nav> </div> </div> </div> <div class=md-content> <article class="md-content__inner md-typeset"> <a href=https://github.com/kubernetes/ingress-nginx/edit/master/docs/examples/grpc/README.md title="Edit this page" class="md-content__button md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg> </a> <h1 id=grpc>gRPC<a class=headerlink href=#grpc title="Permanent link"></a></h1> <p>This example demonstrates how to route traffic to a gRPC service through the nginx controller.</p> <h2 id=prerequisites>Prerequisites<a class=headerlink href=#prerequisites title="Permanent link"></a></h2> <ol> <li>You have a kubernetes cluster running.</li> <li>You have a domain name such as <code>example.com</code> that is configured to route traffic to the ingress controller.</li> <li>You have the nginx-ingress controller installed as per docs, with gRPC support.</li> <li>You have a backend application running a gRPC server and listening for TCP traffic. If you want, you can use <a href=https://github.com/grpc/grpc-go/blob/91e0aeb192456225adf27966d04ada4cf8599915/examples/features/reflection/server/main.go>https://github.com/grpc/grpc-go/blob/91e0aeb192456225adf27966d04ada4cf8599915/examples/features/reflection/server/main.go</a> as an example.</li> <li>You're also responsible for provisioning an SSL certificate for the ingress. So you need to have a valid SSL certificate, deployed as a Kubernetes secret of type tls, in the same namespace as the gRPC application.</li> </ol> <h3 id=step-1-create-a-kubernetes-deployment-for-grpc-app>Step 1: Create a Kubernetes <code>Deployment</code> for gRPC app<a class=headerlink href=#step-1-create-a-kubernetes-deployment-for-grpc-app title="Permanent link"></a></h3> <ul> <li>Make sure your gRPC application pod is running and listening for connections. For example you can try a kubectl command like this below: <div class=highlight><pre><span></span><code>$ kubectl get po -A -o wide | grep go-grpc-greeter-server
</code></pre></div></li> <li> <p>If you have a gRPC app deployed in your cluster, then skip further notes in this Step 1, and continue from Step 2 below. </p> </li> <li> <p>As an example gRPC application, we can use this app <a href=https://github.com/grpc/grpc-go/blob/91e0aeb192456225adf27966d04ada4cf8599915/examples/features/reflection/server/main.go>https://github.com/grpc/grpc-go/blob/91e0aeb192456225adf27966d04ada4cf8599915/examples/features/reflection/server/main.go</a> .</p> </li> <li> <p>To create a container image for this app, you can use <a href=../../../images/go-grpc-greeter-server/rootfs/Dockerfile>this Dockerfile</a>. </p> </li> <li> <p>If you use the Dockerfile mentioned above, to create a image, then given below is an example of a Kubernetes manifest, to create a deployment resource, that uses that image. If needed, then edit this manifest to suit your needs. Assuming the name of this yaml file is <code>deployment.go-grpc-greeter-server.yaml</code> ;</p> </li> </ul> <div class=highlight><pre><span></span><code>cat &lt;&lt;EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: go-grpc-greeter-server
name: go-grpc-greeter-server
spec:
replicas: 1
selector:
matchLabels:
app: go-grpc-greeter-server
template:
metadata:
labels:
app: go-grpc-greeter-server
spec:
containers:
- image: &lt;reponame&gt;/go-grpc-greeter-server # Edit this for your reponame
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 50m
memory: 50Mi
name: go-grpc-greeter-server
ports:
- containerPort: 50051
EOF
</code></pre></div> <h3 id=step-2-create-the-kubernetes-service-for-the-grpc-app>Step 2: Create the Kubernetes <code>Service</code> for the gRPC app<a class=headerlink href=#step-2-create-the-kubernetes-service-for-the-grpc-app title="Permanent link"></a></h3> <ul> <li>You can use the following example manifest to create a service of type ClusterIP. Edit the name/namespace/label/port to match your deployment/pod ; <div class=highlight><pre><span></span><code>cat &lt;&lt;EOF | kubectl apply -f -
apiVersion: v1
kind: Service
metadata:
labels:
app: go-grpc-greeter-server
name: go-grpc-greeter-server
spec:
ports:
- port: 80
protocol: TCP
targetPort: 50051
selector:
app: go-grpc-greeter-server
type: ClusterIP
EOF
</code></pre></div></li> <li>You can save the above example manifest to a file with name <code>service.go-grpc-greeter-server.yaml</code> and edit it to match your deployment/pod, if required. You can create the service resource with a kubectl command like this ;</li> </ul> <div class=highlight><pre><span></span><code>$ kubectl create -f service.go-grpc-greeter-server.yaml
</code></pre></div> <h3 id=step-3-create-the-kubernetes-ingress-resource-for-the-grpc-app>Step 3: Create the Kubernetes <code>Ingress</code> resource for the gRPC app<a class=headerlink href=#step-3-create-the-kubernetes-ingress-resource-for-the-grpc-app title="Permanent link"></a></h3> <ul> <li>Use the following example manifest of a ingress resource to create a ingress for your grpc app. If required, edit it to match your app's details like name, namespace, service, secret etc. Make sure you have the required SSL-Certificate, existing in your Kubernetes cluster, in the same namespace where the gRPC app is. The certificate must be available as a kubernetes secret resource, of type "kubernete.io/tls" https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets. This is because we are terminating TLS on the ingress;</li> </ul> <div class=highlight><pre><span></span><code>cat &lt;&lt;EOF | kubectl apply -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: &quot;nginx&quot;
nginx.ingress.kubernetes.io/ssl-redirect: &quot;true&quot;
nginx.ingress.kubernetes.io/backend-protocol: &quot;GRPC&quot;
name: fortune-ingress
namespace: default
spec:
rules:
- host: grpctest.dev.mydomain.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: go-grpc-greeter-server
port:
number: 80
tls:
# This secret must exist beforehand
# The cert must also contain the subj-name grpctest.dev.mydomain.com
# https://github.com/kubernetes/ingress-nginx/blob/master/docs/examples/PREREQUISITES.md#tls-certificates
- secretName: wildcard.dev.mydomain.com
hosts:
- grpctest.dev.mydomain.com
EOF
</code></pre></div> <ul> <li>If you save the above example manifest as a file named <code>ingress.go-grpc-greeter-server.yaml</code> and edit it to match your deployment and service, you can create the ingress like this ;</li> </ul> <div class=highlight><pre><span></span><code>$ kubectl create -f ingress.go-grpc-greeter-server.yaml
</code></pre></div> <ul> <li> <p>The takeaway is that we are not doing any TLS configuration on the server (as we are terminating TLS at the ingress level, gRPC traffic will travel unencrypted inside the cluster and arrive "insecure").</p> </li> <li> <p>For your own application you may or may not want to do this. If you prefer to forward encrypted traffic to your POD and terminate TLS at the gRPC server itself, add the ingress annotation <code>nginx.ingress.kubernetes.io/backend-protocol: "GRPCS"</code>.</p> </li> <li> <p>A few more things to note:</p> </li> <li> <p>We've tagged the ingress with the annotation <code>nginx.ingress.kubernetes.io/backend-protocol: "GRPC"</code>. This is the magic ingredient that sets up the appropriate nginx configuration to route http/2 traffic to our service.</p> </li> <li> <p>We're terminating TLS at the ingress and have configured an SSL certificate <code>wildcard.dev.mydomain.com</code>. The ingress matches traffic arriving as <code>https://grpctest.dev.mydomain.com:443</code> and routes unencrypted messages to the backend Kubernetes service.</p> </li> </ul> <h3 id=step-4-test-the-connection>Step 4: test the connection<a class=headerlink href=#step-4-test-the-connection title="Permanent link"></a></h3> <ul> <li>Once we've applied our configuration to Kubernetes, it's time to test that we can actually talk to the backend. To do this, we'll use the <a href=https://github.com/fullstorydev/grpcurl>grpcurl</a> utility:</li> </ul> <div class=highlight><pre><span></span><code>$ grpcurl grpctest.dev.mydomain.com:443 helloworld.Greeter/SayHello
{
&quot;message&quot;: &quot;
}
</code></pre></div> <h3 id=debugging-hints>Debugging Hints<a class=headerlink href=#debugging-hints title="Permanent link"></a></h3> <ol> <li>Obviously, watch the logs on your app.</li> <li>Watch the logs for the nginx-ingress-controller (increasing verbosity as needed).</li> <li>Double-check your address and ports.</li> <li>Set the <code>GODEBUG=http2debug=2</code> environment variable to get detailed http/2 logging on the client and/or server.</li> <li>Study RFC 7540 (http/2) <a href=https://tools.ietf.org/html/rfc7540>https://tools.ietf.org/html/rfc7540</a>.</li> </ol> <blockquote> <p>If you are developing public gRPC endpoints, check out https://proto.stack.build, a protocol buffer / gRPC build service that can use to help make it easier for your users to consume your API.</p> <p>See also the specific GRPC settings of NGINX: https://nginx.org/en/docs/http/ngx_http_grpc_module.html</p> </blockquote> <h3 id=notes-on-using-responserequest-streams>Notes on using response/request streams<a class=headerlink href=#notes-on-using-responserequest-streams title="Permanent link"></a></h3> <ol> <li>If your server does only response streaming and you expect a stream to be open longer than 60 seconds, you will have to change the <code>grpc_read_timeout</code> to accommodate for this.</li> <li>If your service does only request streaming and you expect a stream to be open longer than 60 seconds, you have to change the <code>grpc_send_timeout</code> and the <code>client_body_timeout</code>.</li> <li>If you do both response and request streaming with an open stream longer than 60 seconds, you have to change all three timeouts: <code>grpc_read_timeout</code>, <code>grpc_send_timeout</code> and <code>client_body_timeout</code>.</li> </ol> <p>Values for the timeouts must be specified as e.g. <code>"1200s"</code>.</p> <blockquote> <p>On the most recent versions of nginx-ingress, changing these timeouts requires using the <code>nginx.ingress.kubernetes.io/server-snippet</code> annotation. There are plans for future releases to allow using the Kubernetes annotations to define each timeout separately.</p> </blockquote> </article> </div> </div> </main> <footer class=md-footer> <div class=md-footer-nav> <nav class="md-footer-nav__inner md-grid" aria-label=Footer> <a href=../docker-registry/ class="md-footer-nav__link md-footer-nav__link--prev" rel=prev> <div class="md-footer-nav__button md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg> </div> <div class=md-footer-nav__title> <div class=md-ellipsis> <span class=md-footer-nav__direction> Previous </span> Docker registry </div> </div> </a> <a href=../multi-tls/ class="md-footer-nav__link md-footer-nav__link--next" rel=next> <div class=md-footer-nav__title> <div class=md-ellipsis> <span class=md-footer-nav__direction> Next </span> Multi TLS certificate termination </div> </div> <div class="md-footer-nav__button md-icon"> <svg xmlns=http://www.w3.org/2000/svg viewbox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4z"/></svg> </div> </a> </nav> </div> <div class="md-footer-meta md-typeset"> <div class="md-footer-meta__inner md-grid"> <div class=md-footer-copyright> Made with <a href=https://squidfunk.github.io/mkdocs-material/ target=_blank rel=noopener> Material for MkDocs </a> </div> </div> </div> </footer> </div> <script src=../../assets/javascripts/vendor.93c04032.min.js></script> <script src=../../assets/javascripts/bundle.83e5331e.min.js></script><script id=__lang type=application/json>{"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing"}</script> <script>
app = initialize({
base: "../..",
features: ['navigation.tabs', 'navigation.tabs.sticky', 'navigation.instant', 'navigation.sections'],
search: Object.assign({
worker: "../../assets/javascripts/worker/search.8c7e0a7e.min.js"
}, typeof search !== "undefined" && search)
})
</script> </body> </html>
Reference in New Issue View Git Blame Copy Permalink