Help Center> Cloud Container Engine> User Guide> User Guide for Standard and Turbo Clusters> Network> Ingresses> LoadBalancer Ingresses> Configuring gRPC Backend Services for a LoadBalancer Ingress
Updated on 2024-06-26 GMT+08:00
View PDF

Configuring gRPC Backend Services for a LoadBalancer Ingress

Ingresses can interconnect with backend services of different protocols. By default, the backend proxy channel of an ingress is HTTP-compliant. To create a gRPC channel, add the following configuration to the annotations field:

kubernetes.io/elb.pool-protocol: grpc

Notes and Constraints

  • This function is available only in clusters of v1.23.10-r20, v1.25.5-r20, v1.27.2-r20, v1.28.1-r0, or later versions.
  • Ingresses can interconnect with gRPC backend services only when dedicated load balancers are used. This function depends on ELB listeners and is available only in certain regions. Obtain these regions on the CCE console.
  • When an ingress interconnects with a gRPC backend service, the ingress protocol must be HTTPS and HTTP/2 must be enabled.

Configuring gRPC Backend Services on the Console

  1. Log in to the CCE console and click the cluster name to access the cluster console.
  2. Choose Services & Ingresses in the navigation pane, click the Ingresses tab, and click Create Ingress in the upper right corner.
  3. Configure ingress parameters.

    • Name: Customize the name of an ingress, for example, ingress-demo.
    • Load Balancer: Select an interconnected load balancer or automatically create a load balancer. Only dedicated load balancers are supported.
    • Listener: Set External Protocol to HTTPS and Backend Protocol to GRPC. Configure other parameters based on site requirements. For details, see Creating a LoadBalancer Ingress on the Console.

      Only dedicated load balancers support gRPC, and HTTP/2 must be enabled. After HTTP/2 is enabled, CCE will automatically add the kubernetes.io/elb.http2-enable:true annotation. gRPC is available only in certain regions. Obtain these regions on the CCE console.

    • Forwarding Policy: Select a destination Service so that requests can be forwarded to this Service for processing.

      (Optional) Enable health check and select gRPC.

  4. Click OK.

Configuring gRPC Backend Services Using kubectl

An ingress configuration example is as follows:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-test
  namespace: default
  annotations:
    kubernetes.io/elb.port: '443'
    kubernetes.io/elb.id: <your_elb_id>    # In this example, an existing dedicated load balancer is used. Replace its ID with the ID of your dedicated load balancer.
    kubernetes.io/elb.class: performance
    kubernetes.io/elb.pool-protocol: grpc  # Interconnected gRPC backend service
    kubernetes.io/elb.http2-enable: 'true' # Enable HTTP/2.
    kubernetes.io/elb.tls-ciphers-policy: tls-1-2
spec:
  tls: 
    - secretName: ingress-test-secret
  rules:
    - host: ''
      http:
        paths:
          - path: '/'
            backend:
              service:
                name: <your_service_name>  # Replace it with the name of your target Service.
                port:
                  number: 80
            property:
              ingress.beta.kubernetes.io/url-match-mode: STARTS_WITH
            pathType: ImplementationSpecific
  ingressClassName: cce
Parent topic: LoadBalancer Ingresses