Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Microservices on Cloud Run @ KAUCHE

Yuki Ito
November 17, 2022

Microservices on Cloud Run @ KAUCHE

Yuki Ito

November 17, 2022
Tweet

More Decks by Yuki Ito

Other Decks in Technology

Transcript

  1. Microservices on Cloud Run @ KAUCHE Yuki Ito (@mrno110) GCPUG

    Modern Architecture Talk
  2. Kauche Architect Yuki Ito @mrno110

  3. None
  4. Architecture Run Tasks Pub/Sub Mobile App External Service Mobile API

    Web Hook API Job API Scheduler
  5. What is Cloud Run Cloud Run is a managed compute

    platform that enables you to run containers that are invocable via requests or events. Cloud Run is serverless: it abstracts away all infrastructure management... https://cloud.google.com/run/docs
  6. Architecture - Key Concepts - ɾEverything runs on Cloud Run

    ɾEverything runs as an API (gRPC)
  7. Architecture Run Tasks Pub/Sub Mobile App External Service Mobile API

    Web Hook API Job API Scheduler
  8. Architecture Run Tasks Pub/Sub Mobile App External Service Mobile API

    Web Hook API Job API Scheduler
  9. Architecture - Key Concepts - e.g.) VS. Cloud Functions Trigger

    Run Pub/Sub Functions Run Firestore Functions
  10. Architecture Run Tasks Pub/Sub Mobile App External Service Mobile API

    Web Hook API Job API Scheduler
  11. Architecture ✅ Everything is Managed as API De fi nitions

    ✅ Reuse same implementation logic as APIs ✅ Use same Monitoring environments
  12. Architecture: 2020 ~ Run Customer App Customer gRPC

  13. Architecture: 2022 ~ Customer App Customer gRPC Partner App Partner

    gRPC Envoy (API Gateway)
  14. O ffl oading Cross-Cutting Concerns to the API Gateway ✓

    Authentication / Authorization ✓ Transcoding ✓ Being Internet facing (TLS / Domain / CDN / IP ...) ✓ ...
  15. API Gateway Pattern Customer App Customer gRPC Partner App Partner

    gRPC Envoy (API Gateway)
  16. proxy-wasm https://github.com/proxy-wasm/spec/blob/c8 ff 5a8ac7b18a65360fe8ab843a6291b8947682/docs/WebAssembly-in-Envoy.md

  17. e.g. Fetching access tokens from Google Cloud Metadata Server API

    Gateway Upstream Microservice Metadata Server Access Token Access Token Get Access Token Request
  18. Architecture: 2022 ~ Customer App Customer gRPC Partner App Partner

    gRPC Envoy (API Gateway)
  19. Network: Single Service

  20. Network: Microservices

  21. Network: Access Control

  22. Access Control - Cloud Run - • Access Control with

    IAM • Restricting Ingress
  23. Network: Shared VPC + Service Controls Perimeter

  24. Architecture: 2022 ~ Customer App Customer gRPC Partner App Partner

    gRPC Envoy (API Gateway)