Microservices on Cloud Run @ KAUCHEYuki Ito (@mrno110)GCPUGModern Architecture Talk
View Slide
KaucheArchitectYuki Ito@mrno110
ArchitectureRunTasksPub/SubMobile App External ServiceMobile API Web Hook API Job APIScheduler
What is Cloud RunCloud Run is a managed computeplatform that enables you to runcontainers that are invocable viarequests or events.Cloud Run is serverless: it abstractsaway all infrastructure management...https://cloud.google.com/run/docs
Architecture - Key Concepts -ɾEverything runs on Cloud RunɾEverything runs as an API (gRPC)
Architecture - Key Concepts -e.g.) VS. Cloud Functions TriggerRun Pub/Sub FunctionsRun Firestore Functions
Architecture✅ Everything is Managed as API Definitions✅ Reuse same implementation logic as APIs✅ Use same Monitoring environments
Architecture: 2020 ~RunCustomer AppCustomer gRPC
Architecture: 2022 ~Customer AppCustomer gRPCPartner AppPartner gRPCEnvoy (API Gateway)
Offloading Cross-Cutting Concerns to the API Gateway✓ Authentication / Authorization✓ Transcoding✓ Being Internet facing (TLS / Domain / CDN / IP ...)✓ ...
API Gateway PatternCustomer AppCustomer gRPCPartner AppPartner gRPCEnvoy (API Gateway)
proxy-wasmhttps://github.com/proxy-wasm/spec/blob/c8ff5a8ac7b18a65360fe8ab843a6291b8947682/docs/WebAssembly-in-Envoy.md
e.g. Fetching access tokens from Google Cloud Metadata ServerAPI GatewayUpstream MicroserviceMetadata ServerAccess Token Access TokenGet Access TokenRequest
Network: Single Service
Network: Microservices
Network: Access Control
Access Control - Cloud Run -• Access Control with IAM• Restricting Ingress
Network: Shared VPC + Service Controls Perimeter