https://authzed.com logo
Join Discord
Powered by
but am i correct that gRPC clients are designed to...
# spicedb
y
but am i correct that gRPC clients are designed to do client-side load balancing, meaning that a load balancer between gRPC client and server is potentially counterproductive?
e
grpc clients are capable of client side load balancing, but it's not required. if you want to do that, every spicedb node needs to have a routable address from your client
y
gotcha... which i assume is the mechanism that's happening behind the scenes with k8s or xDS systems?
e
yep, exactly
y
and i take it there are potential gotchas with using a load balancer if it isn't aware of gRPC semantics?
e
you really just need http2 load balancing, you shouldn't need anything grpc specific
y
won't that by default pin a single client to a single server, though?
e
yes, sorry, I'm forgetting a layer
we typically do an infra-provided LB (NLB on aws) with long-lived connections to an ingress reverse proxy (we use envoy, nginx grpc sometimes drops requests), and those are grpc aware to load balance against spicedb
if you're doing client-side load balancing you could just set up envoy as the xds server and make sure your clients can reach it and all of the spicedb nodes
y
gotcha. NLB helps - that was one of the things that i was evaluating. that's interesting that a gRPC-aware load balancer will do that downstream. makes me wonder if that's somehow a part of the gRPC bits of ALB 🤔
and i appreciate you sharing this - i know it's somewhat outside the scope of spicedb 😅
e
np! and let us know if you do end up using xDS, we haven't heard of anyone doing that yet and we could use feedback / docs help
haven't tried an ALB either, though it should work
PreviousNext
Powered by