gRPC Gateway

7 minutes read
Edit on GitHub

gRPC Gateway exposes the client’s gRPC API to manage user’s devices.

SOURCE Copy
Copied
        docker pull ghcr.io/plgd-dev/hub/grpc-gateway:latest
    

A configuration template is available on grpc-gateway/config.yaml.

PropertyTypeDescriptionDefault
log.levelstringLogging enabled from level."info"
log.encodingstringLogging format. The supported values are: "json", "console""json"
log.stacktrace.enabledboolLog stacktrace.false
log.stacktrace.levelstringStacktrace from level."warn"
log.encoderConfig.timeEncoderstringTime format for logs. The supported values are: "rfc3339nano", "rfc3339"."rfc3339nano"

gRPC API of the gRPC Gateway service as defined here.

PropertyTypeDescriptionDefault
apis.grpc.addressstringListening address in the format <host>:<port> for accepting gRPC client connections."0.0.0.0:9100"
apis.grpc.sendMsgSizeint32Set the max message size in bytes the server can send. 0 means 2147483647.4194304
apis.grpc.recvMsgSizeint32Set the max message size in bytes the server can receive. 0 means 4194304.4194304
apis.grpc.ownerCacheExpirationstringTime limit of how long to keep subscribed to device updates after last use of the given cache item.1m
apis.grpc.subscriptionBufferSizeintThe maximum buffer size for one events subscription.1000
apis.grpc.enforcementPolicy.minTimestringThe minimum amount of time a client should wait before sending a keepalive ping. Otherwise, the server closes the connection.5s
apis.grpc.enforcementPolicy.permitWithoutStreamboolIf true, the server allows keepalive pings even when there are no active streams (RPCs). Otherwise, the server closes the connection.true
apis.grpc.keepAlive.maxConnectionIdlestringA duration for the amount of time after which an idle connection would be closed by sending a GoAway. 0s means infinity.0s
apis.grpc.keepAlive.maxConnectionAgestringA duration for the maximum amount of time a connection may exist before it will be closed by sending a GoAway. 0s means infinity.0s
apis.grpc.keepAlive.maxConnectionAgeGracestringAn additive period after MaxConnectionAge, after which the connection will be forcibly closed. 0s means infinity.0s
apis.grpc.keepAlive.timestringAfter a duration of this time if the server doesn't see any activity it pings the client to see if the transport is still alive.2h
apis.grpc.keepAlive.timeoutstringAfter having pinged for keepalive check, the client waits for a duration of Timeout and if no activity is seen even after that the connection is closed.20s
apis.grpc.tls.caPool[]stringFile paths to the root certificates in PEM format. The file may contain multiple certificates.[]
apis.grpc.tls.keyFilestringFile path to private key in PEM format.""
apis.grpc.tls.certFilestringFile path to certificate in PEM format.""
apis.grpc.tls.clientCertificateRequiredboolIf true, require client certificate.true
apis.grpc.authorization.ownerClaimstringClaim used to identify owner of the device."sub"
apis.grpc.authorization.audiencestringIdentifier of the API configured in your OAuth provider.""
apis.grpc.authorization.endpoints[].authoritystringAuthority is the address of the token-issuing authentication server. Services will use this URI to find and retrieve the public key that can be used to validate the token’s signature.""
apis.grpc.authorization.endpoints[].http.maxIdleConnsintIt controls the maximum number of idle (keep-alive) connections across all hosts. Zero means no limit.16
apis.grpc.authorization.endpoints[].http.maxConnsPerHostintIt optionally limits the total number of connections per host, including connections in the dialing, active, and idle states. On limit violation, dials will block. Zero means no limit.32
apis.grpc.authorization.endpoints[].http.maxIdleConnsPerHostintIf non-zero, controls the maximum idle (keep-alive) connections to keep per-host. If zero, DefaultMaxIdleConnsPerHost is used.16
apis.grpc.authorization.endpoints[].http.idleConnTimeoutstringThe maximum amount of time an idle (keep-alive) connection will remain idle before closing itself. Zero means no limit.30s
apis.grpc.authorization.endpoints[].http.timeoutstringA time limit for requests made by this Client. A Timeout of zero means no timeout.10s
apis.grpc.authorization.endpoints[].http.tls.caPool[]stringFile paths to the root certificates in PEM format. The file may contain multiple certificates.[]
apis.grpc.authorization.endpoints[].http.tls.keyFilestringFile path to private key in PEM format.""
apis.grpc.authorization.endpoints[].http.tls.certFilestringFile path to certificate in PEM format.""
apis.grpc.authorization.endpoints[].http.tls.useSystemCAPoolboolIf true, use system certification pool.false
apis.grpc.authorization.tokenTrustVerification.cacheExpirationstringDuration for which a valid token is kept in a runtime cache before re-verification is required.30s

Client configurations to internally connect to Identity Store service.

PropertyTypeDescriptionDefault
clients.identityStore.grpc.addressstringIdentity Store service address."127.0.0.1:9100"
clients.identityStore.grpc.tls.caPool[]stringFile paths to the root certificates in PEM format. The file may contain multiple certificates.[]
clients.identityStore.grpc.tls.keyFilestringFile path to private key in PEM format.""
clients.identityStore.grpc.tls.certFilestringFile path to certificate in PEM format.""
clients.identityStore.grpc.tls.useSystemCAPoolboolIf true, use system certification pool.false
clients.identityStore.grpc.keepAlive.timestringAfter a duration of this time if the client doesn't see any activity it pings the server to see if the transport is still alive.10s
clients.identityStore.grpc.keepAlive.timeoutstringAfter having pinged for keepalive check, the client waits for a duration of Timeout and if no activity is seen even after that the connection is closed.20s
clients.identityStore.grpc.keepAlive.permitWithoutStreamboolIf true, client sends keepalive pings even with no active RPCs. If false, when there are no active RPCs, Time and Timeout will be ignored and no keepalive pings will be sent.false

plgd hub uses NATS messaging system as a event bus.

PropertyTypeDescriptionDefault
clients.eventBus.goPoolSizeintNumber of routines to process events in projection.16
clients.eventBus.nats.urlstringURL to nats messaging system."nats://localhost:4222"
clients.eventBus.nats.pendingLimits.msgLimitintLimit number of messages in queue. -1 means unlimited524288
clients.eventBus.nats.pendingLimits.bytesLimitintLimit buffer size of queue. -1 means unlimited67108864
clients.eventBus.nats.tls.caPool[]stringFile paths to the root certificates in PEM format. The file may contain multiple certificates.[]
clients.eventBus.nats.tls.keyFilestringFile name of private key in PEM format.""
clients.eventBus.nats.tls.certFilestringFile name of certificate in PEM format.""
clients.eventBus.nats.tls.useSystemCAPoolboolIf true, use system certification pool.false
clients.eventBus.nats.leadResourceType.enabledboolIf true, subscribe to NATS with lead resource type subject token included.false

Client configurations to internally connect to Resource Aggregate service.

PropertyTypeDescriptionDefault
clients.resourceAggregate.grpc.addressstringResource Aggregate service address."127.0.0.1:9100"
clients.resourceAggregate.grpc.tls.caPool[]stringFile paths to the root certificates in PEM format. The file may contain multiple certificates.[]
clients.resourceAggregate.grpc.tls.keyFilestringFile path to private key in PEM format.""
clients.resourceAggregate.grpc.tls.certFilestringFile path to certificate in PEM format.""
clients.resourceAggregate.grpc.tls.useSystemCAPoolboolIf true, use system certification pool.false
clients.resourceAggregate.grpc.keepAlive.timestringAfter a duration of this time if the client doesn't see any activity it pings the server to see if the transport is still alive.10s
clients.resourceAggregate.grpc.keepAlive.timeoutstringAfter having pinged for keepalive check, the client waits for a duration of Timeout and if no activity is seen even after that the connection is closed.20s
clients.resourceAggregate.grpc.keepAlive.permitWithoutStreamboolIf true, client sends keepalive pings even with no active RPCs. If false, when there are no active RPCs, Time and Timeout will be ignored and no keepalive pings will be sent.false

Client configurations to internally connect to Resource Directory service.

PropertyTypeDescriptionDefault
clients.resourceDirectory.grpc.addressstringResource Directory service address."127.0.0.1:9100"
clients.resourceDirectory.grpc.tls.caPool[]stringFile paths to the root certificates in PEM format. The file may contain multiple certificates.[]
clients.resourceDirectory.grpc.tls.keyFilestringFile path to private key in PEM format.""
clients.resourceDirectory.grpc.tls.certFilestringFile path to certificate in PEM format.""
clients.resourceDirectory.grpc.tls.useSystemCAPoolboolIf true, use system certification pool.false
clients.resourceDirectory.grpc.keepAlive.timestringAfter a duration of this time if the client doesn't see any activity it pings the server to see if the transport is still alive.10s
clients.resourceDirectory.grpc.keepAlive.timeoutstringAfter having pinged for keepalive check, the client waits for a duration of Timeout and if no activity is seen even after that the connection is closed.20s
clients.resourceDirectory.grpc.keepAlive.permitWithoutStreamboolIf true, client sends keepalive pings even with no active RPCs. If false, when there are no active RPCs, Time and Timeout will be ignored and no keepalive pings will be sent.false

The plgd open telemetry exporter configuration.

PropertyTypeDescriptionDefault
clients.openTelemetryCollector.grpc.enabledboolEnable OTLP gRPC exporterfalse
clients.openTelemetryCollector.grpc.addressstringThe gRPC collector to which the exporter is going to send data""
clients.openTelemetryCollector.grpc.keepAlive.timestringAfter a duration of this time if the client doesn't see any activity it pings the server to see if the transport is still alive.10s
clients.openTelemetryCollector.grpc.keepAlive.timeoutstringAfter having pinged for keepalive check, the client waits for a duration of Timeout and if no activity is seen even after that the connection is closed.20s
clients.openTelemetryCollector.grpc.keepAlive.permitWithoutStreamboolIf true, client sends keepalive pings even with no active RPCs. If false, when there are no active RPCs, Time and Timeout will be ignored and no keepalive pings will be sent.true
clients.openTelemetryCollector.grpc.tls.caPoolstringFile path to the root certificate in PEM format which might contain multiple certificates in a single file.""
clients.openTelemetryCollector.grpc.tls.keyFilestringFile path to private key in PEM format.""
clients.openTelemetryCollector.grpc.tls.certFilestringFile path to certificate in PEM format.""
clients.openTelemetryCollector.grpc.tls.useSystemCAPoolboolIf true, use system certification pool.false
Note

Note that the string type related to time (i.e. timeout, idleConnTimeout, expirationTime) is decimal numbers, each with optional fraction and a unit suffix, such as “300ms”, “1.5h” or “2h45m”. Valid time units are “ns”, “us”, “ms”, “s”, “m”, “h”.

Oct 1, 2021

Get started

plgd makes it simpler to build a successful IoT initiative – to create a proof of concept, evaluate, optimize, and scale.

Get Started Illustration Get Started Illustration