Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Microservices on Cloud Run @ KAUCHE

Yuki Ito
November 17, 2022

Microservices on Cloud Run @ KAUCHE

Yuki Ito

November 17, 2022
Tweet

More Decks by Yuki Ito

Other Decks in Technology

Transcript

  1. Microservices on Cloud Run @ KAUCHE
    Yuki Ito (@mrno110)
    GCPUG


    Modern Architecture Talk

    View Slide

  2. Kauche


    Architect
    Yuki Ito


    @mrno110

    View Slide

  3. View Slide

  4. Architecture
    Run
    Tasks
    Pub/Sub
    Mobile App External Service
    Mobile API Web Hook API Job API
    Scheduler

    View Slide

  5. What is Cloud Run
    Cloud Run is a managed compute
    platform that enables you to run
    containers that are invocable via
    requests or events.


    Cloud Run is serverless: it abstracts
    away all infrastructure management...
    https://cloud.google.com/run/docs

    View Slide

  6. Architecture - Key Concepts -
    ɾEverything runs on Cloud Run


    ɾEverything runs as an API (gRPC)

    View Slide

  7. Architecture
    Run
    Tasks
    Pub/Sub
    Mobile App External Service
    Mobile API Web Hook API Job API
    Scheduler

    View Slide

  8. Architecture
    Run
    Tasks
    Pub/Sub
    Mobile App External Service
    Mobile API Web Hook API Job API
    Scheduler

    View Slide

  9. Architecture - Key Concepts -
    e.g.) VS. Cloud Functions Trigger
    Run Pub/Sub Functions
    Run Firestore Functions

    View Slide

  10. Architecture
    Run
    Tasks
    Pub/Sub
    Mobile App External Service
    Mobile API Web Hook API Job API
    Scheduler

    View Slide

  11. Architecture
    ✅ Everything is Managed as API De
    fi
    nitions


    ✅ Reuse same implementation logic as APIs


    ✅ Use same Monitoring environments

    View Slide

  12. Architecture: 2020 ~
    Run
    Customer App
    Customer gRPC

    View Slide

  13. Architecture: 2022 ~
    Customer App
    Customer gRPC
    Partner App
    Partner gRPC
    Envoy (API Gateway)

    View Slide

  14. O
    ffl
    oading Cross-Cutting Concerns to the API Gateway
    ✓ Authentication / Authorization


    ✓ Transcoding


    ✓ Being Internet facing (TLS / Domain / CDN / IP ...)


    ✓ ...

    View Slide

  15. API Gateway Pattern
    Customer App
    Customer gRPC
    Partner App
    Partner gRPC
    Envoy (API Gateway)

    View Slide

  16. proxy-wasm
    https://github.com/proxy-wasm/spec/blob/c8
    ff
    5a8ac7b18a65360fe8ab843a6291b8947682/docs/WebAssembly-in-Envoy.md

    View Slide

  17. e.g. Fetching access tokens from Google Cloud Metadata Server
    API Gateway
    Upstream Microservice
    Metadata Server
    Access Token Access Token
    Get Access Token
    Request

    View Slide

  18. Architecture: 2022 ~
    Customer App
    Customer gRPC
    Partner App
    Partner gRPC
    Envoy (API Gateway)

    View Slide

  19. Network: Single Service

    View Slide

  20. Network: Microservices

    View Slide

  21. Network: Access Control

    View Slide

  22. Access Control - Cloud Run -
    • Access Control with IAM


    • Restricting Ingress

    View Slide

  23. Network: Shared VPC + Service Controls Perimeter

    View Slide

  24. Architecture: 2022 ~
    Customer App
    Customer gRPC
    Partner App
    Partner gRPC
    Envoy (API Gateway)

    View Slide