Let services communicate securely and reliably with gRPC

Let services communicate securely and reliably with gRPC

The history of interprocess communication via remote procedure calls (RPC) is long – examples are CORBA, RMI, XML-RPC and JSON-RPC as well as the RESTful APIs used in many web applications today. All RPC variants have their strengths and weaknesses. As a provider of numerous internet and cloud services, Google has a special interest in a well-functioning stack for communication in the network and therefore developed and used Stubby internally 15 years ago. This resulted in the generally available gRPC (Google Remote Procedure Calls).

Google was able to incorporate experience with heterogeneous and distributed data centers and programming languages ​​such as Go into the development of Stubby. The aim was to meet the requirements for reliable and secure communication that also works efficiently and supports the further growth of the company. However, the proprietary Stubby quickly found competition from SPDY and HTTP/2, as well as other open standards that offered new capabilities. Stubby was also unable to meet the requirements of increasing mobile computing, the cloud and the Internet of Things.

For further development, Google defined some framework conditions that should eventually clear the way for the gRPC remote procedure calls. Instead of communication between objects, as known from RMI or CORBA, any clients and services working on servers should exchange messages with each other – and that on the proven infrastructure of the Internet. In addition, gRPC should be portable and can be used on a wide variety of platforms, including systems with limited CPU and memory equipment – for example in IoT environments. The bidirectional streaming between a client and a service, known from messaging, was also incorporated into the gRPC development.

The protocol’s stack should provide a clean separation of the implemented business logic from vertical aspects such as security, health, load balancing, failover, monitoring, tracking and logging. Extensions in this regard can be introduced transparently into the stack of the gRPC implementation. This is done via metadata in the form of key-value pairs that are not part of the messages in the business protocol. This can be expanded if necessary.

Other challenges for distributed applications are long-term operations with high latencies and possible timeouts, which should be handled with gRPC in such a way that the resources used are released again in a recognizable and traceable manner after their use. In addition, the Google development team has also implemented the exchange of encodings and message types independently of the defined APIs and their usage. The ability to reject connections if the server is down at the time of the request rounds out the gRPC stack for clean communication.

Fortunately, Google – unlike Stubby – provides gRPC for free use. This is important to the success of the underlying libraries and associated products, given the continuing trend toward the use of open source software. All components are released with a license that facilitates adoption by others. Today, the Cloud Native Computing Foundation (CNCF) oversees the project.

Regardless of the programming language used, working with gRPC starts with defining the API. The protocol compilers of the various languages ​​convert this into the corresponding libraries. The tool required for this must first be installed on your own computer: on the Mac with Homebrew and the command brew install protobufunder Linux, depending on the distribution, with apt install -y protobuf-compiler. Without a package manager, a few extra commands are required.

$ PB_REL="https://github.com/protocolbuffers/protobuf/releases"
$ curl -LO $PB_REL/download/v3.20.1/protoc-3.20.1-linux-x86_64.zip
$ unzip protoc-3.20.1-linux-x86_64.zip -d $HOME/bin

In addition to the tool, the plug-ins for the languages ​​used are required. In this article, it’s Go. Its installation uses the Go tool with the command go install.

$ go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.28
$ go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2

With the programs installed in this way in the path, work on the services and their clients can begin.

To home page

Security Update: Fixed eleven security issues in Google Chrome Previous post Security Update: Fixed eleven security issues in Google Chrome
Count and Care: Data on the Darknet - Consumer protection advises caution Next post Count and Care: Data on the Darknet – Consumer protection advises caution