GCP 101: Getting Started through Cloud Run

Slide 1

Slide 1 text

GCP 101: Getting Started through Cloud Run Jun Sakata @sakajunquality Google Developers Expert, Cloud 14 December 2019 #DevFest19 #GDGTokyo

Slide 2

Slide 2 text

This is me - Jun Sakata - Google Developers Expert, Cloud - SRE at Ubie, Inc. - Social Media: @sakajunquality - Based in Tokyo - Covered all of Cloud Next this year - My last DevFest this year -

Slide 3

Slide 3 text

Today’s Goal - Getting started with GCP - Being able to deploy app on Cloud Run - Have an overview of Cloud Run - Be production ready

Slide 4

Slide 4 text

I will not cover... - General serverless computing models - Detailed container technology - Docker Best Practices - Microservices principles - Databases - Machine Learning - etc...

Slide 5

Slide 5 text

Google Cloud Platform

Slide 6

Slide 6 text

GCP Products - Network - Compute - Database - Data Analytics - Machine Learning

Slide 7

Slide 7 text

VMs

Slide 8

Slide 8 text

Demo

Slide 9

Slide 9 text

Serveless

Slide 10

Slide 10 text

Demo

Slide 11

Slide 11 text

Serverless Functions

Slide 12

Slide 12 text

Serverless Functions

Slide 13

Slide 13 text

Serverless Computing in GCP

Slide 14

Slide 14 text

Serverless Computing in GCP Cloud Functions App Engine Cloud Run

Slide 15

Slide 15 text

Container

Slide 16

Slide 16 text

Docker - Create, Deploy and Run using Containers - Using Linux cgroup and namespace - De facto standard format for containers docker image build … docker image push … docker container run …

Slide 17

Slide 17 text

Kubernetes - Container Platform based on Google’s Borg - Borg has supported Google’s service over 12+ years - Orchestrates computing, networking, and storage infrastructure - Microservices Platform - GKE = Google Kubernetes Engine - Fully-managed version of Kubernetes on GCP

Slide 18

Slide 18 text

Containers Kubernetes

Slide 19

Slide 19 text

Containers Kubernetes

Slide 20

Slide 20 text

No content

Slide 21

Slide 21 text

https://twitter.com/steren/status/1115648277356077058

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

https://twitter.com/ahmetb/status/1195056373983145984

Slide 24

Slide 24 text

Cloud Run - Generally Available - Fully-managed serverless environment - Knative API Compatible - Deploy Container - Container with HTTP listening to $PORT - Pay for CPU and memory @100ms + network transfer

Slide 25

Slide 25 text

Cloud Run - Managed Endpoint - Custom Domains - SSL Termination - 1-80 concurrent requests per instance - Default to 80 - Auto scaling from Zero to 1000 instances scale - Default to 1000

Slide 26

Slide 26 text

Cloud Run - Cloud SQL connection - Serverless VPC connection - not yet available as of 13 Dec 2019

Slide 27

Slide 27 text

Some Limitations for Cloud Run - CPU: 1 vCPU - RAM: 128MB ~ 2GB (Default to 256MB) - Timeout: 15min (Default to 5 min)

Slide 28

Slide 28 text

Pricing - https://cloud.google.com/run/pricing?hl=en

Slide 29

Slide 29 text

https://github.com/meteatamel/knative-tutorial

Slide 30

Slide 30 text

Demo

Slide 31

Slide 31 text

3 Steps to Deploy! Make App - Any Language - Listen to $PORT Containerize - docker build ... - docker push ... Deploy - gcloud run deploy - run run run 1 2 3

Slide 32

Slide 32 text

3 Steps to Deploy! Make App - Any Language - Listen to $PORT Containerize - docker build ... - docker push ... Deploy - gcloud run deploy - run run run 1 2 3

Slide 33

Slide 33 text

Make App - Any Language, any Framework - Listen to HTTP on $PORT // main.go package main // ... func main() { r := chi.NewRouter() r.Get("/", func(w http.ResponseWriter, r *http.Request) { m := &Message{ Status: http.StatusOK, Text: os.Getenv("MESSAGE"), } render.JSON(w, r, m) }) port := os.Getenv("PORT") if port == "" { port = "8080" } log.Fatal(http.ListenAndServe(":"+port, r)) } // ...

Slide 34

Slide 34 text

3 Steps to Deploy! Make App - Any Language - Listen to $PORT Containerize - docker build ... - docker push ... Deploy - gcloud run deploy - run run run 1 2 3

Slide 35

Slide 35 text

Containerize - Make it in to a Docker container // Dockerfile FROM golang:1.13 as go FROM gcr.io/distroless/base-debian10 as run FROM go as build WORKDIR /go/src/app COPY go.mod . COPY go.sum . RUN go mod download COPY . . RUN go build -o /go/bin/app FROM run COPY --from=build /go/bin/app /usr/local/bin/app CMD ["app"] $ docker image build … $ docker image push … $ docker container run …

Slide 36

Slide 36 text

https://www.slideshare.net/Docker/dcsf19-dockerfile-best-practices

Slide 37

Slide 37 text

https://medium.com/@tonistiigi/advanced-multi-stage-build-patterns-6f741b852fae

Slide 38

Slide 38 text

3 Steps to Deploy! Make App - Any Language - Listen to $PORT Containerize - docker build ... - docker push ... Deploy - gcloud run deploy - run run run 1 2 3

Slide 39

Slide 39 text

Deploy - Cloud Console or gcloud command $ gcloud run deploy my-app --image=gcr.io/...

Slide 40

Slide 40 text

3 Steps to Deploy! Make App - Any Language - Listen to $PORT Containerize - docker build ... - docker push ... Deploy - gcloud run deploy - run run run 1 2 3

Slide 41

Slide 41 text

What’s next? Make App - Any Language - Listen to $PORT Containerize - docker build ... - docker push ... Deploy - gcloud run deploy - run run run 1 2 3 4 ???

Slide 42

Slide 42 text

What’s next with Cloud Run? - CI/CD - Authentication - Firebase Integration - Database - gRPC Protocol - and more ….!

Slide 43

Slide 43 text

CI/CD

Slide 44

Slide 44 text

CI/CD - Previously built and deployed manually… - For production automated CI/CD is mandatory

Slide 45

Slide 45 text

Cloud Build - Fully-managed CI - https://cloud.google.com/cloud-build/ - Save Artifact to GCR/GCS - Deploy to GCP products - Manual submit or Trigger - Configuration - cloudbuild.yaml or Dockerfile

Slide 46

Slide 46 text

CI/CD with Cloud Build Cloud Build Build Image Save image Container Registry (GCR) Cloud Run Deploy Use image

Slide 47

Slide 47 text

CI/CD with Cloud Build // cloudbuild.yaml steps: - name: gcr.io/cloud-builders/docker args: - image - build - -t - gcr.io/$PROJECT_ID/my-api - . dir: app // continues - name: gcr.io/cloud-builders/docker args: - image - push - gcr.io/$PROJECT_ID/my-api // continues

Slide 48

Slide 48 text

CI/CD with Cloud Build - name: gcr.io/cloud-builders/gcloud args: - run - deploy - demo-app - --image=gcr.io/$PROJECT_ID/demo-app - --platform=managed - --region=asia-northeast1 - --allow-unauthenticated - --set-env-vars - MESSAGE=HELLO!!!! - --project=$PROJECT_ID

Slide 49

Slide 49 text

Demo

Slide 50

Slide 50 text

CI/CD with GitHub Actions Official Resource https://github.com/GoogleCloudPlatform/github-actions // ... - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master with: version: '270.0.0' service_account_email: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} service_account_key: ${{ secrets.SERVICE_ACCOUNT_KEY }} // ...

Slide 51

Slide 51 text

CI/CD with Terraform https://twitter.com/steren/status/1202308468645826560

Slide 52

Slide 52 text

Authentication

Slide 53

Slide 53 text

Authentication Like microservices, service-to-service authentication might be required Service A Service B Implement Authentication…?

Slide 54

Slide 54 text

Authentication Or Managed-Service integration like Cloud Pub/Sub, Cloud Tasks and Cloud Scheduler Cloud Pub/Sub Service Implement Authentication…?

Slide 55

Slide 55 text

Authentication Cloud Run can use Cloud IAM to authenticate! Service A Service B Service A has roles/run.invoker privileges Service B is deployed with --no-allow-unauthenticated option

Slide 56

Slide 56 text

https://medium.com/google-cloud-jp/gcp-%E3%81%8B%E3%82%89%E3%81%AE-http-%E3%83%AA%E3%82% AF%E3%82%A8%E3%82%B9%E3%83%88%E3%82%92%E3%82%BB%E3%82%AD%E3%83%A5%E3%82% A2%E3%81%AB%E8%AA%8D%E8%A8%BC%E3%81%99%E3%82%8B-dda4933afcd6

Slide 57

Slide 57 text

Firebase Integration

Slide 58

Slide 58 text

Firebase Integration Cloud Run can be combined with Firebase Hosting Client /foo /bar

Slide 59

Slide 59 text

Firebase Integration - Cloud Run can be integrated with Firebase Hosting with “run” - Cache can be controlled with http headers // firebase.json { "hosting": { "public": "static", "rewrites": [ { "source": "**", "run": { "serviceId": "hello-run", "region": "asia-northeast1" } }, { "source": "/static/**", "destination": "/static/index.html" } ] } } $ firebase deploy

Slide 60

Slide 60 text

Demo

Slide 61

Slide 61 text

Database

Slide 62

Slide 62 text

Database Access - Non-VPC resources - Cloud Firestore - Cloud Spanner - etc… - VPC resources - Cloud Memorystore - other VPC resources... - Cloud SQL (RDB)

Slide 63

Slide 63 text

Database Access - Non-VPC resources - Cloud Firestore - Cloud Spanner - etc… - VPC resources - Cloud Memorystore - other VPC resources... - Cloud SQL (RDB) Google Cloud SDK Deploy Run w/ --add-cloudsql-instances option Wait for Serverless VPC Access

Slide 64

Slide 64 text

gRPC Protocol

Slide 65

Slide 65 text

https://ahmet.im/blog/grpc-auth-cloud-run/

Slide 66

Slide 66 text

https://github.com/steren/awesome-cloudrun

Slide 67

Slide 67 text

Need more flexible environment?

Slide 68

Slide 68 text

No content

Slide 69

Slide 69 text

Kubernetes - 16:05~ @ B202 - @amsy810

Slide 70

Slide 70 text

https://twitter.com/kelseyhightower/status/935252923721793536

Slide 71

Slide 71 text

Choose the right platform?

Slide 72

Slide 72 text

https://cloud.google.com/blog/products/containers-kuberne tes/when-to-use-google-kubernetes-engine-vs-cloud-run-f or-containers

Slide 73

Slide 73 text

https://www.youtube.com/watch?v=wzPmgWJ5fpU

Slide 74

Slide 74 text

Takeaways

Slide 75

Slide 75 text

Takeaways 1/2 - Cloud Run is a container serverless platform. - You can run any container listening http on $PORT - Cloud Run allows you to deploy containerized applications with a single command or a few clicks. - Cloud Run can use most of the GCP resources - API, Database, Storage … - More features are coming!

Slide 76

Slide 76 text

Takeaways 1/2 - Kubernetes is not only option for running containers. - (for the record I love Kubernetes) - Choose the right platform depending on your app and team!

Slide 77

Slide 77 text

Kubernetes - 16:05~ @ B202 - @amsy810

Slide 78

Slide 78 text

Try Following - @ahmetb - @steren - @martinomander - @glaforge - @meteatamel - @alexismp

Slide 79

Slide 79 text

Thank you