In a Citrix ADC appliance, gRPC is a lightweight, high performance, open-source universal remote procedure call (RPC) framework. It’s optimal for working across multiple languages running on any operating system and delivers better performance and security than other protocols.

By using gRPC over HTTP/2 protocol, you can:

  • Build distributed applications for a data center and public/private cloud infrastructure
  • Provide client-server communication for mobile, web, or cloud for faster communication
  • Access cloud services and applications easily
  • Deploy microservices.

In this post, I’ll provide an overview of gRPC and show you why gRPC is beneficial for Citrix ADC cloud deployments, how gRPC works, and how you can configure gRPC. This post will help you to decide if using the gRPC protocol to publish gRPC services over an HTTP/2 connection is right for you.

Why gRPC in Citrix ADC

gRPC in Citrix ADC is implemented over HTTP/2 to support highly performant and scalable APIs. Using binary values instead of text makes the payload more efficient in terms of memory and storing values in numeric formats.

In Citrix ADC, the HTTP/2 requests are multiplexed over a single TCP connection, allowing multiple concurrent messages to be in flight without compromising network resource usage. It also uses header compression to reduce the size of requests and responses.

How gRPC End-to-End Deployment Works

The gRPC end-to-end configuration works by sending a gRPC request from a client over HTTP/2 protocol and sending back gRPC messages received from the gRPC server. The following diagram shows how a gRPC configuration works in a Citrix ADC appliance.

In the diagram, you can see how the gRPC works and how the traffic flows. The following functional sequence details how the components interact when traffic flows into the appliance and how the appliance handles a gRPC service:

  1. To deploy the gRPC configuration, you must first enable HTTP/2 in the HTTP profile and enable HTTP/2 support globally on the server side.
  2. When a client sends a gRPC request, the load balancing virtual server evaluates the gRPC traffic using policies.
  3. Based on the policy evaluation, the load balancing virtual server (with gRPC service bound to it) terminates the request and forwards it as a gRPC request to the back-end gRPC server.
  4. Similarly, when the gRPC server responds to the client, the appliance terminates the response and forwards it as a gRPC response to the client.

Example: gRPC Request Sent to a gRPC Server

In this example, the request header is sent as HTTP/2 headers in HEADERS+CONTINUATION frames:

HEADERS (flags = END_HEADERS)
: method = POST
: scheme = http
: path = /helloworld.citrix-adc/SayHello
: authority = 10.10.10.10.:80
grpc-timeout = 15
content-type = application/grpc+proto
grpc-encoding = gzip
DATA (flags = END_STREAM)
<Length-Prefixed Message>

Example: gRPC Response Header from gRPC Server to Citrix ADC Appliance

Response-Headers and Trailers-Only are delivered in a single HTTP/2 HEADERS frame block. You can expect most responses to have both headers and trailers, but Trailers-Only is permitted for calls that produce an immediate error. The status must be sent in Trailers even if the HTTP status code is OK.

HEADERS (flags = END_HEADERS)
: status = 200
Grpc-encoding= gzip
Content-type = application/grpc+proto
DATA
<Length-Prefixed Message>
HEADERS (flags = END_STREAM, END_HEADERS)
grpc-status = 0 # OK

Configure gRPC Using the CLI

To configure an end-to-end gRPC deployment, you must do the following:

  1. Add HTTP profile with HTTP/2 and HTTP/2 direct enabled
  2. Enable global back end HTTP/2 support in HTTP parameter
  3. Add a load balancing virtual server of type SSL/HTTP and set the HTTP profile
  4. Add a service for gRPC endpoint and set the HTTP profile
  5. Bind the gRPC endpoint service to the load balancing virtual server

Add HTTP Profile with HTTP/2 and HTTP/2 Direct Enabled

You must enable HTTP/2 and HTTP/2 direct parameters in the HTTP profile, as well as the HTTP/2 direct parameter if gRPC over HTTP/2 cleartext is required.

At the command prompt, type:

add ns httpProfile <name> - http2 ( ENABLED | DISABLED ) [-http2Direct ( ENABLED | DISABLED )]

Example:

add ns httpProfile http2gRPC -http2Direct ENABLED -http2 ENABLED

Enable Global Back-End HTTP/2 support Through HTTP Parameter

To enable HTTP/2 support globally on the server side by using the Citrix ADC command line, type the following at the command prompt:

set ns httpParam -http2ServerSide( ON | OFF )

Example:

set ns httpParam -http2ServerSide ON

Add Load Balancing Virtual Server of Type SSL/HTTP and Set HTTP Profile

To add a load balancing virtual server using the Citrix ADC command interface, type the following at the command prompt:

add lb vserver <name> <service type> [(<IP address>@ <port>)] [-httpProfileName <string>]

Example:

add lb vserver lb-grpc HTTP 10.10.10.11 80 -httpProfileName http2gRPC

Please note, if you are using a load balancing virtual server of type SSL, then you must bind the server certificate.

Add Service for gRPC Endpoint and Set HTTP Profile

To add a gRPC service with HTTP profile by using the Citrix ADC command interface, type the following at the command prompt:

add service <name> (<IP> | <serverName> ) <serviceType> <port> [-httpProfileName <string>]

Example:

add service svc-grpc 10.10.10.10 HTTP 80 -httpProfileName http2gRPC

Bind gRPC Endpoint Service to Load Balancing Virtual Server

To bind a gRPC service to a load balancing virtual server by using the Citrix ADC command interface, type the following at the command interface:

bind lb vserver <name> <serviceName>

Example:

bind lb vserver lb-grpc svc-grpc

Configure End-to-End gRPC Deployment Using the GUI

Follow these steps to configure gRPC using the GUI.

Add HTTP profile with HTTP/2 and HTTP/2 direct enabled

  1. Navigate to System → Profiles and click HTTP Profiles.
  2. Enable the HTTP/2 option in a new HTTP profile or an existing HTTP profile.
Add HTTP profile with HTTP/2 and HTTP/2 direct enabled

Enable global back end HTTP/2 support in HTTP parameter

  1. Navigate to System → Settings → HTTP Parameters.
  2. On the Configure HTTP Parameter page, then select HTTP/2 on the server side.
  3. Click OK.
Enabling global back end HTTP/2 support in HTTP parameter

Add load balancing virtual server of type SSL/HTTP and set HTTP profile

  1. Navigate to Traffic Management → Load Balancing → Virtual Servers.
  2. Click Add to create a load balancing virtual server for gRPC traffic.
  3. On the Load Balancing Virtual Server page, click Profiles.
  4. In the Profiles section, select the profile type as HTTP.
  5. Click OK and then Done.
Setting HTTP profile

Add Service for a gRPC endpoint and set the HTTP profile

  1. Navigate to Traffic Management → Load Balancing → Services.
  2. Click Add to create an application server for gRPC traffic.
  3. On the Load Balancing Service page, go to the Profile section.
  4. Under Profiles, add the HTTP profile for gRPC endpoint.
  5. Click OK and then Done.
Adding a service for gRPC endpoint

Get Started Today!

Using gRPC in your Citrix ADC deployment has benefits over traditional APIs because it works over HTTP/2 protocol. This supports fast and efficient communication for microservice deployments in the cloud. As more Citrix services move to cloud, it becomes easier to manage services that are capable of handling gRPC calls.

For more information about gRPC, its configuration, and how you can deploy it as a service, see our gRPC documentation.