Skip to main content

Intranet Access

Cloud hosting supports Intranet Access between services, allowing efficient communication across cloud hosting services. Intranet calls enhance the speed and security of inter-service communication, avoiding public internet latency and potential risks.

Using gRPC to connect to other services

This page introduces details specific to cloud hosting services to developers who wish to use gRPC to connect cloud hosting services with other services (for example, to directly provide high-performance communication between internal services). You will be able to use all gRPC types (streaming or unary) with cloud hosting.

Possible scenarios include:

  • Communication between internal microservices
  • Using streaming gRPC in gRPC servers to build faster-response applications and APIs.

To integrate your service with gRPC, perform the following steps:

  • Enable the Intranet switch in Service Settings -> Network Access, and access each other via Intranet domain names.
  • If using streaming gRPC, configure the service to use HTTP/2. HTTP/2 is the transport method for gRPC streaming.
  • Define request and response messages in the proto file and compile them.
  • Create a client to send requests and handle responses from the gRPC server.
  • Build and deploy the service.

Listen for gRPC requests in cloud hosting services

The only special requirement for a gRPC server running in cloud hosting is to listen on the port specified by the PORT environment variable, as shown in the following code:

func main() {
    log.Printf("grpc-ping: starting server...")

    port := os.Getenv("PORT")
    if port == "" {
        port = "8080"
        log.Printf("Defaulting to port %s", port)
    }

    listener, err := net.Listen("tcp", ":"+port)
    if err != nil {
        log.Fatalf("net.Listen: %v", err)
    }

    grpcServer := grpc.NewServer()
    pb.RegisterPingServiceServer(grpcServer, &pingService{})
    if err = grpcServer.Serve(listener); err != nil {
        log.Fatal(err)
    }
}

Open a gRPC connection to the service

To open a gRPC connection to the service for sending gRPC messages, enable the Intranet switch for the service, obtain the Intranet domain name, and access it via the port specified by the PORT environment variable, as shown in the following code:

import (
    "crypto/tls"
    "crypto/x509"

    "google.golang.org/grpc"
    "google.golang.org/grpc/credentials"
)

// NewConn creates a new gRPC connection.
// host should be of the form domain:port, e.g., example.com:443
func NewConn(host string, insecure bool) (*grpc.ClientConn, error) {
    var opts []grpc.DialOption
    if host != "" {
        opts = append(opts, grpc.WithAuthority(host))
    }

    if insecure {
        opts = append(opts, grpc.WithInsecure())
    } else {
        // Note: On the Windows platform, use of x509.SystemCertPool() requires
        // Go version 1.18 or higher.
        systemRoots, err := x509.SystemCertPool()
        if err != nil {
            return nil, err
        }
        cred := credentials.NewTLS(&tls.Config{
            RootCAs: systemRoots,
        })
        opts = append(opts, grpc.WithTransportCredentials(cred))
    }

    return grpc.Dial(host, opts...)
}

Send Request

The following sample demonstrates how to use a gRPC connection configured as described previously to send service requests.

import (
    "context"
    "time"

    pb "github.com/GoogleCloudPlatform/golang-samples/run/grpc-ping/pkg/api/v1"
    "google.golang.org/grpc"
)

// pingRequest sends a new gRPC ping request to the server configured in the connection.
func pingRequest(conn *grpc.ClientConn, p *pb.Request) (*pb.Response, error) {
    ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
    defer cancel()

    client := pb.NewPingServiceClient(conn)
    return client.Send(ctx, p)
}