PAI-EAS offers various access methods and two communication protocols that you can combine to suit your network and performance requirements.
Scenarios
By default, you can invoke a deployed service through a shared gateway by using HTTP, with no extra configuration required. Use this guide to quickly find the information relevant to your use case:
Quick start: To invoke your deployed service by using the default shared gateway, see Invoke a Service Through a Gateway.
Explore other access methods: If the shared gateway does not meet your needs, see Choose an Access Method to learn about alternatives such as dedicated gateways, VPC direct connection, Network Load Balancer (NLB), or service discovery (Nacos).
Use gRPC: To use the gRPC binary protocol for lower network overhead and better inference performance, see Invoke a PAI-EAS Inference Service by Using gRPC.
How it works
The data flow for a PAI-EAS service invocation is as follows:
Client request: Your application sends an inference request to the PAI-EAS service endpoint, which can be a gateway or a direct connection address.
Endpoint routing: The endpoint routes the request to a backend service instance through your chosen access method: shared gateway, dedicated gateway, VPC direct connection, NLB, or Nacos. For gateway-based methods, the gateway layer handles load balancing and routing. For direct connection methods, the client selects the target service instance.
Service instance processing: When the request reaches a PAI-EAS service instance, the model-serving process performs the inference calculation and serializes the result into the specified format, such as JSON or ProtoBuf, before returning it.
Client receives response: After receiving the inference result, the client parses the response data based on the request type and proceeds with its business logic.
Access methods
The access method you choose depends on your network environment.
Method | Network path | Configuration cost | Use cases |
Internet or VPC via shared gateway | Zero configuration | Quick validation and low-traffic services | |
Internet or VPC via dedicated gateway (supports cross-VPC and cross-cloud access) | Requires creation and incurs additional fees | For services that require high security, stability, and traffic capacity | |
Connects directly to instances in the same VPC, bypassing the gateway | Requires VPC configuration | Low-latency and high-concurrency scenarios | |
Forwards traffic via NLB within the same VPC | Requires creating or associating an NLB instance | High traffic with load balancing | |
Uses Nacos for registration and discovery within the same VPC | Requires a self-managed Nacos instance | For environments already using Nacos for service governance |
After you configure a Virtual Private Cloud (VPC), vSwitch, and security group for your PAI-EAS service:
Not restricted by security group rules: Access through a shared or dedicated gateway is not affected by security group rules. However, you can configure an allowlist for a dedicated gateway.
Restricted by security group rules: Access through a Network Load Balancer (NLB), Nacos, or a VPC direct connection is subject to security group rules. All outbound traffic from PAI-EAS is also subject to these rules.
Supported communication protocols
The protocol you can use depends on your service type:
HTTP/JSON (Default): Enabled by default after deployment and suitable for most scenarios.
gRPC: A high-performance binary protocol suitable for performance-sensitive or streaming inference scenarios. You must manually enable this protocol during deployment.