Skip to main content

gRPC Settings

This reference covers all of Pomerium's gRPC Settings:

gRPC Address

gRPC Address specifies the host and port to serve gRPC requests from.

How to configure

Config file keysEnvironment variablesTypeDefault
grpc_addressGRPC_ADDRESSstring:443 (:5443 if in all-in-one mode)

Examples

# config file key
grpc_address: :8443

# environment variable
GRPC_ADDRESS=:8443

gRPC Client DNS RoundRobin

gRPC Client DNS RoundRobin enables DNS-based round-robin load balancing. This method uses DNS to resolve endpoints and distributes load balancing of all addresses returned by the DNS record client side. Do not disable unless you have a specific use case.

How to configure

Config file keysEnvironment variablesTypeDefault
grpc_client_dns_roundrobinGRPC_CLIENT_DNS_ROUNDROBINbooleantrue

Examples

# config file key
grpc_client_dns_roundrobin: false

# environment variable
GRPC_CLIENT_DNS_ROUNDROBIN=false

gRPC Client Timeout

gRPC Client Timeout sets the maximum time before canceling an upstream gRPC request. During transient failures, the proxy will retry upstream servers for this duration. You should leave this high enough to handle backend service restart and rediscovery so that client requests do not fail.

How to configure

Config file keysEnvironment variablesTypeDefault
grpc_client_timeoutGRPC_CLIENT_TIMEOUTstring (Go Duration formatting)10s

Examples

# config file key
grpc_client_timeout: 15s

# environment variable
GRPC_CLIENT_TIMEOUT=15s

gRPC Insecure

gRPC Insecure disables transport security for gRPC communication. If running in all-in-one mode, defaults to true as communication will run over localhost's own socket.

How to configure

Config file keysEnvironment variablesTypeDefault
grpc_insecureGRPC_INSECUREbooleantrue (If in all-in-one mode)

Examples

# config file key
grpc_insecure: false

# environment variable
GRPC_INSECURE=false