gRPC Support

This guide explains how to configure and deploy gRPC services on Runway for Kubernetes (AWS EKS or GCP GKE).

Overview New in v4.18.2

Runway provides end-to-end gRPC support for services deployed on both GKE and EKS clusters. This includes support for:

External load balancers with optional Runway managed Cloudflare zone
Internal load balancers for private gRPC services

Protocol configuration

To enable gRPC for your service, set the spec.protocol field in your default-values.yaml:

apiVersion: runway/v1
kind: RunwayKubernetesService
metadata:
  name: example-service
spec:
  image: "registry.gitlab.com/gitlab-com/gl-infra/platform/runway/example-service:{{ .AppVersion }}"
  command: ["/bin/grpc-server"]
  container_port: 50051
  protocol: grpc  # Enable gRPC protocol

Health checks

Runway supports gRPC health checks that conform to the standard gRPC Health Checking Protocol. Health checks verify the overall server health and are configured at two levels: Kubernetes probes and load balancer health checks.

Runway only supports overall server health checks and does not support per-service health checking. This means health checks verify that the entire gRPC server is healthy, not individual services. When designing your health check implementation, ensure that your server’s overall health status accurately reflects the health of all critical services running on it. For example (Python):

health_servicer.set("", health_pb2.HealthCheckResponse.SERVING) # good, global
health_servicer.set("service_name", health_pb2.HealthCheckResponse.SERVING) # bad, specifies service name

Kubernetes probes (startup, liveness, readiness)

Configure startup, liveness, and readiness probes for Kubernetes to monitor pod health:

spec:
  protocol: grpc
  container_port: 50051

  # Health check configuration
  startup_probe:
    timeout_seconds: 1
    period_seconds: 10
    failure_threshold: 10

  liveness_probe:
    timeout_seconds: 1
    period_seconds: 10
    failure_threshold: 3

  readiness_probe:
    timeout_seconds: 1
    period_seconds: 5
    failure_threshold: 1

Load balancer health checks

Runway automatically configures load balancer health checks for gRPC services based on your target runtime.

EKS (ALB Ingress)

For EKS, Runway configures the ALB Ingress health check path to /grpc.health.v1.Health/Check as part of the ALB ingress annotations. This tells the AWS Application Load Balancer to use the standard gRPC health check service for overall server health.

GKE (Gateway API)

For GKE, Runway leverages the Gateway API’s first-class support for gRPC. The Gateway API implicitly handles gRPC health checks using the standard service name grpc.health.v1.Health.Check defined by the gRPC Health Checking Protocol for overall server health.

Complete example

Here’s a complete example of a gRPC service configuration for both EKS and GKE:

Default values configuration

apiVersion: runway/v1
kind: RunwayKubernetesService
metadata:
  name: grpc-example
spec:
  image: "registry.gitlab.com/gitlab-com/gl-infra/platform/runway/grpc-example:{{ .AppVersion }}"
  command: ["/bin/grpc-server"]
  container_port: 50051
  protocol: grpc

  # Autoscaling configuration
  scalability:
    min_instances: 2
    max_instances: 10
    cpu_utilization: 70

  # Resource requirements
  resources:
    requests:
      cpu: "100m"
      memory: "128Mi"
      ephemeral-storage: "512Mi"
    limits:
      cpu: "500m"
      memory: "512Mi"
      ephemeral-storage: "1Gi"

  # Health check configuration
  startup_probe:
    timeout_seconds: 1
    period_seconds: 10
    failure_threshold: 10

  liveness_probe:
    timeout_seconds: 1
    period_seconds: 10
    failure_threshold: 3

  readiness_probe:
    timeout_seconds: 1
    period_seconds: 5
    failure_threshold: 1

  # Prometheus metrics configuration
  observability:
    scrape_targets:
      - "localhost:8082"

Refer to the schema for more information on these settings.

EKS deployment configuration

grpc-example-eks:
  serviceMixins:
    - "runway-eks.service-mixin"

  metadata:
    labels:
      gitlab.com/department: eng-infra
      gitlab.com/department_group: eng-infra-scalability
      gitlab.com/owner_email_handle: your-handle
      gitlab.com/product_category: scalability

GKE deployment configuration

grpc-example-gke:
  serviceMixins:
    - "runway-gke.service-mixin"

  metadata:
    labels:
      gitlab.com/department: eng-infra
      gitlab.com/department_group: eng-infra-scalability
      gitlab.com/owner_email_handle: your-handle
      gitlab.com/product_category: scalability

Troubleshooting

Cloudflare considerations

Health checks failing

If your gRPC health checks are failing:

Check the health check implementation: Confirm your service implements the gRPC Health Checking Protocol
Review logs: Check pod logs for health check errors: kubectl logs <pod-name>
Test locally: Use grpcurl to test health checks locally:
Terminal window
```
grpcurl -plaintext localhost:50051 grpc.health.v1.Health/Check
```

Connection issues

If clients cannot connect to your gRPC service:

Verify HTTPS: gRPC requires HTTP/2 over HTTPS. Ensure your client uses TLS
Check load balancer: Verify the load balancer is configured for gRPC (check annotations on EKS)

Support

For questions or issues with gRPC support, contact the Runway team in #f_runway.