Book Image

gRPC Go for Professionals

By : Clément Jean
Book Image

gRPC Go for Professionals

By: Clément Jean

Overview of this book

In recent years, the popularity of microservice architecture has surged, bringing forth a new set of requirements. Among these, efficient communication between the different services takes center stage, and that's where gRPC shines. This book will take you through creating gRPC servers and clients in an efficient, secure, and scalable way. However, communication is just one aspect of microservices, so this book goes beyond that to show you how to deploy your application on Kubernetes and configure other tools that are needed for making your application more resilient. With these tools at your disposal, you’ll be ready to get started with using gRPC in a microservice architecture. In gRPC Go for Professionals, you'll explore core concepts such as message transmission and the role of Protobuf in serialization and deserialization. Through a step-by-step implementation of a TODO list API, you’ll see the different features of gRPC in action. You’ll then learn different approaches for testing your services and debugging your API endpoints. Finally, you’ll get to grips with deploying the application services via Docker images and Kubernetes.
Table of Contents (13 chapters)
10
Epilogue

Middleware = interceptor

In the context of gRPC, a middleware is an interceptor. It lies between the code registered by the developers and the actual gRPC framework. When gRPC receives some data from the wire, it will pass this data through the middleware first, and then if it is allowed to go through, the data will arrive in the actual endpoint handler.

These middleware are generally used in order to secure the endpoints against malicious actors or enforce certain prerequisites. An example of securing the API is rate-limiting clients. This is a limit on the number of requests that a client can make in a given timeframe and this is important because it prevents a lot of attacks, such as brute force attacks, DoS and DDoS, and web-scraping. And to enforce a certain prerequisite, we already saw an example where the client needs to be authenticated before being able to call an endpoint.

Before going to see some of the middleware provided by the community, I want to remind you that...