12

I'm trying to work out whether I could use one of the (A/E/N)LBs to load balance gRPC traffic. A simple round robin would suffice in our case.

I've read that ALB doesn't fully support HTTP2 and therefore can't be used with gRPC. Specifically lack of support of sending HTTP2 traffic downstream and lack of support for trailer headers was mentioned. Is it still true?

Couldn't find any definitive answers with regards to NLBs or "classic" ELBs. Any hints?

sumek
  • 26,495
  • 13
  • 56
  • 75
  • Both classic ELBs and NLBs should work. The biggest deciding factor would probably be TLS termination. – mewa Feb 13 '20 at 14:34
  • Does ELB support HTTP2 these days? Or would it be still L4 load balancing? My further research on the topic suggests that NLBs reset front-end connections after connection idle timeout[1] and you need keep-alive [1] https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#connection-idle-timeout – sumek Feb 13 '20 at 15:25

2 Answers2

8

Using gRPC on AWS had some major challenges. Without full HTTP/2 support on AWS Application Load Balancer, you have to spin up and manage your own load balancers. Neither NLB and ELB are viable alternatives on AWS due to issues with traffic to and from the same host, dynamic port mappings, SSL termination complications, and sub-optimal client and server-side round-robining of TCP connections.

gRPC demonstrated performance improvements, however, it would take considerable infrastructure efforts to adopt, whether it be using LBs such as Nginx or Envoy; or setting up a service mesh with something of the likes of Istio. Another possibility would be to make use of thick client load balancing, though this would also require additional service discovery infrastructures such as Consul or ZooKeeper.

AWS recently announced a new service called AWS App Mesh. AWS App Mesh supports HTTP2 and gRPC services

gRPC can now model and manage their inter-service communications using AWS App Mesh.

Reference:

enter image description here

Devesh mehta
  • 1,505
  • 8
  • 22
  • Thanks! That's a useful answer. Could you list how the specific problems affect specific Load Balancers? Starting to use the mesh might be too much. At the moment it seems that Traeffik might be the best option for me: https://jsherz.com/grpc/ecs/aws/docker/containers/load-balancer/elb/nlb/alb/2019/02/04/using-traefik-ecs-grpc.html – sumek Feb 16 '20 at 09:17
  • Traeffik can be a good choice. Use ELB/ALB at Layer-3 and put your own HTTP2 compliant proxy behind it (Envoy, nghttpx, Linkerd, Traefik, ...). You can find more information on gRPC and Load Balancers in this discussion - gist.github.com/bojand/6a604f7e369d7c7d8c39eb77878a42c2 – Devesh mehta Feb 16 '20 at 17:07
  • I've seen the discussion, but I knowing little about networking I wasn't sure about the conclusions. Also the discussion is 1-2 years old so wasn't sure if this is still up to date – sumek Feb 17 '20 at 10:42
  • The conclusion is, either use Service Mesh (AWS App Mesh, ISTIO,..) or use ELB/ALB at Layer-3 and put your own HTTP2 compliant proxy behind it (Envoy, nghttpx, Linkerd, Traefik, ...) – Devesh mehta Feb 17 '20 at 15:09
  • Why would I use both ELB and Traefik? – sumek Feb 18 '20 at 14:59
  • I have added a network diagram that shows how ELB will be used with Traefik. ELB, because it will provide a static address to create a Route53 DNS record to route external traffic to Traefik. – Devesh mehta Feb 18 '20 at 19:57
8

As of October 29, 2020, Application Load Balancers now support HTTP/2 and gRPC load balancing. From the announcement:

To use the feature on your ALB, choose HTTPS as your listener protocol, gRPC as the protocol version for your target group and register instance or IP as targets for the configured target group. ALB provides rich content based routing features that will let you inspect gRPC calls and route them to the appropriate target group based on the service and method requested. Within a target group, ALB will use gRPC specific health checks to determine availability of targets and provide gRPC specific access logs to monitor your traffic.

The support for gRPC and end-to-end HTTP/2 is available for existing and new Application Load Balancers at no extra charge in all AWS Regions. To learn more, please refer to the blog post, demo, and the ALB documentation.

Theo
  • 1,303
  • 12
  • 11