Accessing gRPC Services through Container Service for Kubernetes Ingress Controller

gRPC is an open-source high-performance remote procedure call (RPC) communication framework developed by Google. It uses Protocol Buffers as its interface definition language (IDL), and therefore can be used on platforms developed using different languages. It is implemented based on HTTP/2 to provide features such as connection multiplexing, header compression, and throttling. It greatly improves communication efficiency between clients and servers.

In gRPC, a client application can directly call methods on a server application from a different server as if it was calling local methods, making it easier for you to create distributed applications and services. As in many RPC frameworks, gRPC also needs to define a service interface and at the same time specify the methods that can be called remotely with their return types. On the server side, the server implements this interface and runs a gRPC server to handle client requests. On the client side, the client has a stub that provides the same methods as the server.

In this article, we will show you how you can grant access to gRPC services through Alibaba Cloud Container Service for Kubernetes Ingress Controller.

Preparing the Environment

  1. Apply for a Kubernetes cluster on the Container Service console.
  2. Install the grpcurl tool. For more information, click here.
  3. Ensure that the version of the Kubernetes Ingress Controller is 0.15.0–1 or later to support gRPC access.

gRPC Service Example

We define a SayHello service interface, through which clients can call the helloworld.Greeter service.

For more information about test examples, click here.

Deploy Example Services

Deploy gRPC services.

Create an SSL certificate.

Configure Ingress routing rules.

Test the access to gRPC services. To do this, perform the following steps:

  1. Check all services provided by the gRPC server.
  • grpcurl -insecure list grpc.reflection.v1alpha.ServerReflection helloworld.Greeter
  1. We can see that the server provides the helloworld.Greeter service.
  2. Check the interface for calling the helloworld.Greeter service.
  • grpcurl -insecure list helloworld.Greeter SayHello
  1. We can see that the helloworld.Greeter service can be called through the SayHello interface.
  2. Query the description of specific protocol parameters of the SayHello interface.
  • grpcurl -insecure describe helloworld.Greeter.SayHello helloworld.Greeter.SayHello is a method: { "name": "SayHello", "inputType": ".helloworld.HelloRequest", "outputType": ".helloworld.HelloReply", "options": { } }
  1. Call the SayHello interface and specify the name parameter.
  • grpcurl -insecure -d '{"name": "gRPC"}' helloworld.Greeter.SayHello { "message": "Hello gRPC" } grpcurl -insecure -d '{"name": "world"}' helloworld.Greeter.SayHello { "message": "Hello world" }

Phased Release of gRPC Services

Alibaba Cloud supports the phased release of gRPC services.

Note: Due to nginx grpc_pass constraints, gRPC services currently do not support the service-weight configuration.

Deploy new-version gRPC services.

Modify Ingress routing rules.

Test the access to gRPC services.

To learn more about Alibaba Cloud Container Service for Kubernetes, visit


Follow me to keep abreast with the latest technology news, industry insights, and developer trends.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store