Sign in Subscribe
Concepts

gRPC Traffic Routing through Kubernetes Ingress

Andrios Robert

1 min read

The request hit the network. The container came alive. You need gRPC traffic routing through Kubernetes, and you need it to work cleanly with Ingress. No silent drops. No protocol confusion. Just fast, predictable service.

Kubernetes Ingress is the layer that routes external requests to services inside your cluster. For HTTP, it’s straightforward. For gRPC, you must ensure the Ingress controller understands HTTP/2 and passes requests without downgrading or breaking the stream. The wrong config will terminate your connection before the payload arrives.

Key requirements for gRPC over Kubernetes Ingress

  • HTTP/2 support: gRPC depends on HTTP/2. Use an Ingress controller that supports it natively, such as NGINX, Kong, or Envoy-based gateways.
  • Proper backend protocol setup: Annotate your Ingress resource to signal HTTP/2 upstream communication. For NGINX, this often means nginx.ingress.kubernetes.io/backend-protocol: "GRPC".
  • TLS termination: Ingress should terminate TLS while keeping HTTP/2 between Ingress and service pods, or use end-to-end HTTP/2 with passthrough if required.
  • Load balancing strategy: gRPC’s long-lived streams interact with load balancers differently than short HTTP calls. Avoid load balancers that reset connections too early.
  • Health checks: gRPC services can use custom health endpoints, but your Ingress controller must be configured accordingly to avoid false negatives.

Example NGINX Ingress config for gRPC

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
 name: my-grpc-ingress
 annotations:
 nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
spec:
 rules:
 - host: grpc.example.com
 http:
 paths:
 - path: /
 pathType: ImplementationSpecific
 backend:
 service:
 name: my-grpc-service
 port:
 number: 50051

This tells NGINX to keep HTTP/2 and use the gRPC protocol when forwarding requests to the service. Without this, gRPC calls will fail with mysterious status codes, often UNAVAILABLE.

Troubleshooting tips

  • Verify the Ingress controller is current and built with HTTP/2 enabled.
  • Use grpcurl to test endpoints via Ingress directly.
  • Inspect logs from both Ingress and gRPC servers for protocol mismatches.

Running gRPC through Kubernetes Ingress brings the power of microservices with clean external access. Configure it carefully, and you get secure, stable, high-performance streaming and unary calls across your cluster.

Deploy it now and see it live in minutes at hoop.dev.