All Products
Search
Document Center

Server Load Balancer:Enable load balancing for gRPC services

Last Updated:Jan 22, 2024

gRPC is a high-performance, open-source Remote Procedure Call (RPC) framework. If your backend servers support gRPC, you can configure Application Load Balancer (ALB) to balance loads for gRPC services. ALB functions as an ingress that distributes network traffic. gRPC uses HTTP/2 for data transmission. ALB supports encrypted communication with clients by using HTTPS listeners and plaintext communication with backend servers which use gRPC.

Background information

gRPC is a high-performance, open-source RPC framework. It uses Protocol Buffers as the interface description language (IDL) and HTTP/2 as the communication protocol.

gRPC is used to establish inter-service communication in distributed systems. gRPC establishes communication among services that use different programming languages because it supports IDLs and automatically generated code. gRPC helps developers define and call remote procedures. In addition, gRPC supports high-performance, low-latency data transmission because it supports binary encoding and the multiplexing feature of HTTP/2. gRPC grants you access to remote procedures over fast and reliable connections.

gRPC is applicable to microservice architectures, cross-language communication, and large-scale distributed systems. gRPC is an excellent choice for scenarios that require high performance and low latency. gRPC supports multiple call methods, such as unary, streaming, and bi-directional streaming, to meet the requirements of different services.

For more information, see gRPC Documentation.

Scenario

A company deployed gRPC services in a virtual private cloud (VPC) in the China (Hangzhou) region. An ALB instance is created in the VPC, and a gRPC backend server group is created for the ALB instance. An HTTPS listener is created for the ALB instance, and HTTP/2 is enabled for the ALB instance. gRPC health checks are also enabled for the backend server group.

The company wants clients to access the gRPC services in the VPC through the ALB instance.架构图

Prerequisites

  • An ALB instance is created. For more information, see Create an ALB instance.

  • Backend servers are added to the backend server group, and gRPC services are deployed on the backend servers. For more information about how to deploy gRPC services, see gRPC Documentation.

  • The domain name of the ALB instance is registered and an Internet content provider (ICP) number is obtained for the domain name. For more information, see Register a domain name on Alibaba Cloud and ICP filing application overview.

  • Required certificates are deployed. If the certificates are purchased from a third-party service provider, you must upload them to Certificate Management Service. In addition, make sure that the certificates are associated with your domain name. For more information about how to deploy a certificate, see Get started with SSL Certificates Service.

Step 1: Create a server group and add backend servers to the server group

  1. Log on to the ALB console.

  2. In the top navigation bar, select the region in which the ALB instance is deployed.

  3. In the left-side navigation pane, choose ALB > Server Group.

  4. On the Server Group page, click Create Server Group.

  5. In the Create Server Group dialog box, set the following parameters and click Create.

    The following table describes the parameters that are relevant to this topic. Set the other parameters based on your business requirements, or use the default values.

    Parameter

    Description

    Server Group Type

    Select a server group type. In this example, Server Type is selected.

    VPC

    Select the VPC of the ALB instance from the drop-down list. Only servers in the VPC of the ALB instance can be added to the server group.

    Backend Server Protocol

    In this example, gRPC is selected.

    Health Check

    In this example, health checks are enabled.

    Health Check Settings

    Click Modify to modify the health check settings.

    • Health Check Protocol: In this example, gRPC is selected.

    • Health Check Method: In this example, POST is selected.

    • Health Check Status Codes: Select a status code that represents healthy backend servers. Health checks and the gRPC services must use the same status code. In this example, 12 is used.

  6. On the Server Group page, click the ID of the server group that you want to manage.

  7. Click the Backend Servers tab and click Add Backend Server.

  8. In the Add Backend Server panel, select one or more Elastic Compute Service (ECS) instances and click Next.

  9. In the Ports/Weights step, specify ports and weights for the ECS instances and click OK.

    Note

    The ECS instances and gRPC services must use the same ports. Make sure that the security group rules allow requests to the ports.

Step 2: Create an HTTPS listener

  1. Log on to the ALB console.

  2. In the top navigation bar, select the region in which the ALB instance is deployed.

  3. In the left-side navigation pane, click Instances.

  4. On the Instances page, find the ALB instance and click Create Listener in the Actions column.

  5. In the Configure Listener step, set the parameters. The following table describes some of the parameters. Set the other parameters based on your business requirements, or use the default values. After you set the parameters, click Next.

    Parameter

    Description

    Listener Protocol

    In this example, HTTPS is selected.

    Listener Port

    In this example, port 443 is selected.

    Note
    • Only HTTPS is supported when the backend servers use the gRPC protocol.

    • gRPC uses HTTPs/2 as the communication protocol. When the backend servers use gRPC, HTTP/2 must be enabled for the HTTPS listener. HTTP/2 is enabled for ALB by default. Make sure that the status of Enable HTTP/2 is Enabled, and do not disable HTTP/2.

  6. In the Configure SSL Certificate step, set the parameters. The following table describes some of the parameters. Set the other parameters based on your business requirements, or use the default values. After you set the parameters, click Next.

    Parameter

    Description

    Server Certificate

    Select an SSL certificate.

  7. In the Select Server Group step, set the parameters. The following table describes some of the parameters. Set the other parameters based on your business requirements, or use the default values. After you set the parameters, click Next.

    Parameter

    Description

    Server Group

    Select the gRPC server group that you prepared.

  8. In the Configuration Review step, check the parameter settings and click Submit.

Step 3: Configure domain name resolution

  1. Log on to the ALB console.

  2. In the top navigation bar, select the region in which the ALB instance is deployed.

  3. Find the ALB instance for which you want to add a DNS record and copy the domain name.

  4. To create a CNAME record, perform the following steps:

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Domain Name Resolution page, click Add Domain Name.

    3. In the Add Domain Name dialog box, enter the domain name of your host and click OK.

      Important

      Before you add a CNAME record, you must use a TXT record to verify the ownership of the domain name.

    4. In the Actions column of the domain name that you want to manage, click Configure.

    5. On the DNS Settings page, click Add DNS Record.

    6. In the Add Record panel, set the following parameters and click Confirm.

      Parameter

      Description

      Record Type

      Select CNAME from the drop-down list.

      Hostname

      Enter the prefix of your domain name.

      DNS Request Source

      Select Default.

      Record Value

      Enter the CNAME, which is the domain name of the ALB instance.

      TTL

      Select a time-to-live (TTL) value for the CNAME record to be cached on the DNS server. The default value is used in this example.

Step 4: Test network connectivity

After you complete the preceding steps, clients can access backend servers on which the gRPC services are deployed. This section describes how to test the network connectivity between a client and the gRPC services.

Note

You cannot use browsers to access gRPC services. We recommend that you use a tool, such as grpcurl, to run tests.

Run the following command on a client to access a gRPC service deployed on the ECS instances: grpcurl -insecure -v <The custom domain name or the ALB domain name>:<The listener port> <The gRPC service name>/<The method>.

The following echo reply packet shows that the client can access the gRPC service deployed on the ECS instance through the ALB instance.测试结果

References