GRPC/HTTP2 documentation for kong 1.0.2+

We are using kong as our api gateway for 10K+ TPS, and now we are working to onboard one of the grpc backend. I did not find any powerful documentation on how to enable it.

What we tried?

  • Enabled http2 from kong.conf
  • Created a tcp service and tcp route for one service
  • Added a target
  • But when we tried hitting grpc route using kong, I am always getting 404. Looks like a routing problem

Can someone guide us in setup?

@anuj_jalan Hi, and welcome!

As of today, you can proxy gRPC traffic via Kong only by leveraging Kong’s TCP proxying capabilities (L4). This means indeed configuring a TCP Route/Service couple, but connecting to Kong’s streaming port (stream_listen), and not its HTTP proxying port. The fact that you received an HTTP 404 response code tells me that you connected your client to Kong’s HTTP proxy port (proxy_listen).

Note that Kong will have no understanding of the gRPC protocol from a L7 PoV, given that this port proxies raw TCP streams (L4). Nonetheless, this approach allows you to rely on Kong to handle routing, mTLS, Zipkin tracing, LB and circuit-breaking.

L7 gRPC proxying is upcoming in Kong 1.3 (ETA in the next couple of months), as announced in our recent community call. As of today, you can modify Kong yourself to support gRPC proxying; I have given instructions on how to do so in this thread, and some users have given it a try (successfully). This approach is similar to the one Kong 1.3 will follow.

Best,

1 Like

Thanks @thibaultcha for the explanation !

It seems we need to set sources or destinations while configuring a tcp only route. Can you help me with how to set these fields? I didn’t find any documentation for the same.

I tried setting it like below but was not able to

curl localhost:8001/services/server/routes -d protocols=tcp -d destinations.ip=15.0.0.0/24

Got it working.

Thanks @thibaultcha for your help !

Hi @thibaultcha

Whats your recommendation if we want to run multiple grpc services? In our setup there could be multiple grpc services running on different instances but on same port.

If we do TCP streaming and define a TCP route, I have to run all such services on different ports.

Should we still go ahead with TCP streaming or we should try [this] (GRPC API exposure)

Also, we were looking forward to explore Kong Enterprise. Whom can we get in touch with for the same? I tried connecting but its been a week someone replied back.

Thanks,
Anuj