Microservices on Cloud Run @ KAUCHE

Transcript

1. Microservices on Cloud Run @ KAUCHE Yuki Ito (@mrno110) GCPUG

   Modern Architecture Talk

2. Kauche Architect Yuki Ito @mrno110

3. None

4. Architecture Run Tasks Pub/Sub Mobile App External Service Mobile API

   Web Hook API Job API Scheduler

5. What is Cloud Run Cloud Run is a managed compute

   platform that enables you to run containers that are invocable via requests or events. Cloud Run is serverless: it abstracts away all infrastructure management... https://cloud.google.com/run/docs

6. Architecture - Key Concepts - ɾEverything runs on Cloud Run

   ɾEverything runs as an API (gRPC)

7. Architecture Run Tasks Pub/Sub Mobile App External Service Mobile API

   Web Hook API Job API Scheduler

8. Architecture Run Tasks Pub/Sub Mobile App External Service Mobile API

   Web Hook API Job API Scheduler

9. Architecture - Key Concepts - e.g.) VS. Cloud Functions Trigger

   Run Pub/Sub Functions Run Firestore Functions

10. Architecture Run Tasks Pub/Sub Mobile App External Service Mobile API

    Web Hook API Job API Scheduler

11. Architecture ✅ Everything is Managed as API De fi nitions

    ✅ Reuse same implementation logic as APIs ✅ Use same Monitoring environments

12. Architecture: 2020 ~ Run Customer App Customer gRPC

13. Architecture: 2022 ~ Customer App Customer gRPC Partner App Partner

    gRPC Envoy (API Gateway)

14. O ffl oading Cross-Cutting Concerns to the API Gateway ✓

    Authentication / Authorization ✓ Transcoding ✓ Being Internet facing (TLS / Domain / CDN / IP ...) ✓ ...

15. API Gateway Pattern Customer App Customer gRPC Partner App Partner

    gRPC Envoy (API Gateway)

16. proxy-wasm https://github.com/proxy-wasm/spec/blob/c8 ff 5a8ac7b18a65360fe8ab843a6291b8947682/docs/WebAssembly-in-Envoy.md

17. e.g. Fetching access tokens from Google Cloud Metadata Server API

    Gateway Upstream Microservice Metadata Server Access Token Access Token Get Access Token Request

18. Architecture: 2022 ~ Customer App Customer gRPC Partner App Partner

    gRPC Envoy (API Gateway)

19. Network: Single Service

20. Network: Microservices

21. Network: Access Control

22. Access Control - Cloud Run - • Access Control with

    IAM • Restricting Ingress

23. Network: Shared VPC + Service Controls Perimeter

24. Architecture: 2022 ~ Customer App Customer gRPC Partner App Partner

    gRPC Envoy (API Gateway)