gRPC Settings
This reference covers all of Pomerium's gRPC Settings:
gRPC Address
gRPC Address specifies the host and port to serve gRPC requests from.
How to configure
- Core
- Enterprise
- Kubernetes
Config file keys | Environment variables | Type | Default |
---|---|---|---|
grpc_address | GRPC_ADDRESS | string | :443 (:5443 if in all-in-one mode) |
grpc_address
is a bootstrap configuration setting and is not configurable in the Console.
gRPC Address is not customizable with Kubernetes
Examples
# config file key
grpc_address: :8443
# environment variable
GRPC_ADDRESS=:8443
gRPC Client DNS RoundRobin
gRPC Client DNS RoundRobin enables DNS-based round-robin load balancing. This method uses DNS to resolve endpoints and distributes load balancing of all addresses returned by the DNS record client side. Do not disable unless you have a specific use case.
How to configure
- Core
- Enterprise
- Kubernetes
Config file keys | Environment variables | Type | Default |
---|---|---|---|
grpc_client_dns_roundrobin | GRPC_CLIENT_DNS_ROUNDROBIN | boolean | true |
grpc_client_dns_roundrobin
is a bootstrap configuration setting and is not configurable in the Console.
Kubernetes does not support gRPC Client DNS RoundRobin
Examples
# config file key
grpc_client_dns_roundrobin: false
# environment variable
GRPC_CLIENT_DNS_ROUNDROBIN=false
gRPC Client Timeout
gRPC Client Timeout sets the maximum time before canceling an upstream gRPC request. During transient failures, the proxy will retry upstream servers for this duration. You should leave this high enough to handle backend service restart and rediscovery so that client requests do not fail.
How to configure
- Core
- Enterprise
- Kubernetes
Config file keys | Environment variables | Type | Default |
---|---|---|---|
grpc_client_timeout | GRPC_CLIENT_TIMEOUT | string (Go Duration formatting) | 10s |
grpc_client_timeout
is a bootstrap configuration setting and is not configurable in the Console.
Kubernetes does not support gRPC Client Timeout
Examples
# config file key
grpc_client_timeout: 15s
# environment variable
GRPC_CLIENT_TIMEOUT=15s
gRPC Insecure
gRPC Insecure disables transport security for gRPC communication. If running in all-in-one mode, defaults to true as communication will run over localhost's own socket.
How to configure
- Core
- Enterprise
- Kubernetes
Config file keys | Environment variables | Type | Default |
---|---|---|---|
grpc_insecure | GRPC_INSECURE | boolean | true (If in all-in-one mode) |
grpc_insecure
is a bootstrap configuration setting and is not configurable in the Console.
gRPC Insecure is not customizable in Kubernetes
Examples
# config file key
grpc_insecure: false
# environment variable
GRPC_INSECURE=false