Configuring a gRPC tunnel in SR OS

About this task

To configure use gRPC tunnel, perform the following steps:

Procedure

  1. Configure the destination group.
    1. Configure 1 or 2 destinations using the destination command.
    2. Configure whether transport is secure or unsecure using the allow-secure-connection command.
    3. Configure the router instance using the router-instance command.
    4. Optionally, configure a local source address using the local-source-address command.
    5. Optionally, configure the TCP keepalive interval using the tcp-keepalive command.
  2. Configure the gRPC tunnel.
    1. Assign a destination group using the destination-group command.
    2. Enable the tunnel.
    3. Define the target name using the target-name command.
    4. Configure one or more handlers using the handler command.
  3. Configure the internal application server.
    Example MD-CLI
    *(ex)[/configure system]
    grpc-tunnel {
        destination-group "ba-server" {
            allow-unsecure-connection
            destination 1.1.1.1 port 33333 {
                   router-instance "management"
               }
            }
        tunnel “test” {
            admin-state enable
            destination-group “ba-server”
            target-name { node-name} 
            handler “my-grpc” {
                admin-state enable
                target-type { grpc-server } 
                port 57400
            }
            handler “ssh” {             
                admin-state enable
                target-type { ssh-server } 
                port 22
            }
        }
    }   
    grpc {
        admin-state enable
        allow-unsecure-connection
        gnmi {
            admin-state enable
        }
    }
    Example Classic CLI
    *A:cses-V23>config>system#
    grpc-tunnel {
        destination-group "ba-server" create {
            allow-unsecure-connection
            destination 1.1.1.1 port 33333 create {
                   router-instance "management"
               }
            }
        tunnel “test” create{
            destination-group “ba-server”
            target-name { node-name} 
            no shutdown
            handler “my-grpc” create{
                target-type { grpc-server } 
                port 57400
                no shutdown
            }
            handler “ssh” create{             
                target-type { ssh-server } 
                port 22
                no shutdown
            }
        }
    }   
    grpc {
        allow-unsecure-connection
        no shutdown
        gnmi {
            no shutdown
        }
    }
Parent topic: gRPC tunnels in SR OS