GRPC

Last updated
gRPC
Developer(s) Google
Initial releaseAugust 2016;8 years ago (2016-08)
Stable release
1.65.0 [1] / June 28, 2024;5 months ago (2024-06-28)
Repository
Written inAndroid Java, C#, C++, Dart, Go, Java, Kotlin/JVM, Node.js, Objective-C, PHP, Python, Ruby
Type Remote procedure call framework
License Apache License 2.0
Website grpc.io

gRPC (recursive acronym for gRPC Remote Procedure Calls [2] ) is a cross-platform high-performance remote procedure call (RPC) framework. gRPC was initially created by Google, but is open source and is used in many organizations. Use cases range from microservices to the "last mile" of computing (mobile, web, and Internet of Things). gRPC uses HTTP/2 for transport, Protocol Buffers as the interface description language, and provides features such as authentication, bidirectional streaming and flow control, blocking or nonblocking bindings, and cancellation and timeouts. It generates cross-platform client and server bindings for many languages. Most common usage scenarios include connecting services in a microservices style architecture, or connecting mobile device clients to backend services. [3]

Contents

As of 2019, gRPC's use of HTTP/2 makes it impossible to implement a gRPC client in a browser, instead requiring a proxy. [4]

History

From about 2001, Google created a general-purpose RPC infrastructure called Stubby to connect the large number of microservices running within and across its data centers. [5] In March 2015, Google decided to build the next version of Stubby and make it open source. The result was gRPC.

Authentication

gRPC supports the usage of Transport Layer Security (TLS) and token-based authentication. Connection to Google services must use TLS. There are two types of credentials: channel credentials and call credentials.

For token-based authorization, gRPC provides Server Interceptor [6] and a Client Interceptor. [7]

Encoding

gRPC uses Protocol Buffers to encode data. Protocol buffers provide a serialization format and an Interface Definition Language. [8]

Testing

Some of the software tools used for testing gRPC implementations include Postman, ezy, [9] Insomnia, and Step CI. [10]

Adoption

Many organizations use gRPC, including Uber, [11] Square, Netflix, IBM, CoreOS, Docker, CockroachDB, Arista Networks, Cisco, Juniper Networks, [12] Spotify, [13] Zalando, [14] Dropbox, [15] and Google as the original developer.

The open source project u-bmc uses gRPC to replace Intelligent Platform Management Interface (IPMI). [16] On 8 January 2019, Dropbox announced that the next version of "Courier", their RPC framework at the core of their service-oriented architecture (SOA), would be migrated to be based on gRPC, primarily because it aligned well with their existing custom RPC frameworks. [17]

Alternatives

See also

Related Research Articles

In distributed computing, a remote procedure call (RPC) is when a computer program causes a procedure (subroutine) to execute in a different address space, which is written as if it were a normal (local) procedure call, without the programmer explicitly writing the details for the remote interaction. That is, the programmer writes essentially the same code whether the subroutine is local to the executing program, or remote. This is a form of client–server interaction, typically implemented via a request–response message passing system. In the object-oriented programming paradigm, RPCs are represented by remote method invocation (RMI). The RPC model implies a level of location transparency, namely that calling procedures are largely the same whether they are local or remote, but usually, they are not identical, so local calls can be distinguished from remote calls. Remote calls are usually orders of magnitude slower and less reliable than local calls, so distinguishing them is important.

OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.

The Central Authentication Service (CAS) is a single sign-on protocol for the web. Its purpose is to permit a user to access multiple applications while providing their credentials only once. It also allows web applications to authenticate users without gaining access to a user's security credentials, such as a password. The name CAS also refers to a software package that implements this protocol.

Extensible Authentication Protocol (EAP) is an authentication framework frequently used in network and internet connections. It is defined in RFC 3748, which made RFC 2284 obsolete, and is updated by RFC 5247. EAP is an authentication framework for providing the transport and usage of material and parameters generated by EAP methods. There are many methods defined by RFCs, and a number of vendor-specific methods and new proposals exist. EAP is not a wire protocol; instead it only defines the information from the interface and the formats. Each protocol that uses EAP defines a way to encapsulate by the user EAP messages within that protocol's messages.

The Internet Communications Engine, or Ice, is an open-source RPC framework developed by ZeroC. It provides SDKs for C++, C#, Java, JavaScript, MATLAB, Objective-C, PHP, Python, Ruby and Swift, and can run on various operating systems, including Linux, Windows, macOS, iOS and Android.

strongSwan is a multiplatform IPsec implementation. The focus of the project is on authentication mechanisms using X.509 public key certificates and optional storage of private keys and certificates on smartcards through a PKCS#11 interface and on TPM 2.0.

Data Protection Application Programming Interface (DPAPI) is a simple cryptographic application programming interface available as a built-in component in Windows 2000 and later versions of Microsoft Windows operating systems. In theory, the Data Protection API can enable symmetric encryption of any kind of data; in practice, its primary use in the Windows operating system is to perform symmetric encryption of asymmetric private keys, using a user or system secret as a significant contribution of entropy. A detailed analysis of DPAPI inner-workings was published in 2011 by Bursztein et al.


This is a comparison of notable free and open-source configuration management software, suitable for tasks like server configuration, orchestration and infrastructure as code typically performed by a system administrator.

Thrift is an IDL and binary communication protocol used for defining and creating services for programming languages. It was developed by Facebook. Since 2020, it is an open source project in the Apache Software Foundation.

<span class="mw-page-title-main">OpenSocial</span> Public specification aimed at social networking applications

OpenSocial is a public specification that outlines a set of common application programming interfaces (APIs) for web applications. Initially designed for social network applications, it was developed collaboratively by Google, MySpace and other social networks. It has since evolved into a runtime environment that allows third-party components, regardless of their trust level, to operate within an existing web application.

Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. The extension allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites to be served by the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. This also allows a proxy to forward client traffic to the right server during TLS/SSL handshake. The desired hostname is not encrypted in the original SNI extension, so an eavesdropper can see which site is being requested. The SNI extension was specified in 2003 in RFC 3546

Protocol Buffers (Protobuf) is a free and open-source cross-platform data format used to serialize structured data. It is useful in developing programs that communicate with each other over a network or for storing data. The method involves an interface description language that describes the structure of some data and a program that generates source code from that description for generating or parsing a stream of bytes that represents the structured data.

In web development, a webhook is a method of augmenting or altering the behavior of a web page or web application with custom callbacks. These callbacks may be maintained, modified, and managed by third-party users who need not be affiliated with the originating website or application. In 2007, Jeff Lindsay coined the term webhook from the computer programming term hook.

WAMP is a WebSocket subprotocol registered at IANA, specified to offer routed RPC and PubSub. Its design goal is to provide an open standard for soft, real-time message exchange between application components and ease the creation of loosely coupled architectures based on microservices. Because of this, it is a suitable enterprise service bus (ESB), fit for developing responsive web applications or coordinating multiple connected IoT devices.

NATS is an open-source messaging system. The NATS server is written in the Go programming language. Client libraries to interface with the server are available for dozens of major programming languages. The core design principles of NATS are performance, scalability, and ease of use. The acronym NATS stands for Neural Autonomic Transport System.

<span class="mw-page-title-main">Pydio</span> Mature open source software solution for file sharing and synchronization

Pydio Cells, previously known as just Pydio and formerly known as AjaXplorer, is an open-source file-sharing and synchronisation software that runs on the user's own server or in the cloud.

FlatBuffers is a free software library implementing a serialization format similar to Protocol Buffers, Thrift, Apache Avro, SBE, and Cap'n Proto, primarily written by Wouter van Oortmerssen and open-sourced by Google. It supports “zero-copy” deserialization, so that accessing the serialized data does not require first copying it into a separate part of memory. This makes accessing data in these formats much faster than data in formats requiring more extensive processing, such as JSON, CSV, and in many cases Protocol Buffers. Compared to other serialization formats however, the handling of FlatBuffers requires usually more code, and some operations are not possible.

Application Layer Transport Security (ALTS) is a Google-developed authentication and transport encryption system used for securing remote procedure call (RPC) within Google machines. Google started its development in 2023, as a tailored modification of TLS.

Cap’n Proto is a data serialization format and Remote Procedure Call (RPC) framework for exchanging data between computer programs. The high-level design focuses on speed and security, making it suitable for network as well as inter-process communication. Cap'n Proto was created by the former maintainer of Google's popular Protocol Buffers framework and was designed to avoid some of its perceived shortcomings.

References

  1. "gRPC releases". GitHub . Retrieved 2024-07-06.
  2. "FAQ". gRPC.
  3. "About gRPC". gRPC. Retrieved 2021-05-25.
  4. "The state of gRPC in the browser". gRPC. 8 January 2019.
  5. "gRPC: a true internet-scale RPC framework is now 1.0 and ready for production deployments". 24 August 2016. Retrieved 2023-04-03.
  6. "gRPC Server Interceptor". 27 February 2023.
  7. "gRPC". grpc.io. Retrieved 2020-02-24.
  8. JamesNK. "Compare gRPC services with HTTP APIs". docs.microsoft.com. Retrieved 2020-02-24.
  9. "ezy on GitHub". GitHub .
  10. "Step CI Documentation".
  11. "gRPC at Uber". 19 May 2021.
  12. "gRPC". grpc.io. Retrieved 2020-02-24.
  13. "gRPC at Spotify" (PDF). jfokus.se. Retrieved 2020-05-12.
  14. "Zalando Tech Radar". opensource.zalando.com. Retrieved 2021-04-08.
  15. "How we migrated Dropbox from Nginx to Envoy". Dropbox.Tech. Retrieved 2020-10-30.
  16. "u-bmc". GitHub.com. 5 October 2022.
  17. Nigmatullin, Ruslan; Ivanov, Alexey (2019-01-08). "Courier: Dropbox migration to gRPC" . Retrieved 2019-01-09.