GCP 101: Getting Started through Cloud Run

GCP 101: Getting Started through Cloud Run Jun Sakata @sakajunquality
Google Developers Expert, Cloud 14 December 2019 #DevFest19 #GDGTokyo

This is me - Jun Sakata - Google Developers Expert,
Cloud - SRE at Ubie, Inc. - Social Media: @sakajunquality - Based in Tokyo - Covered all of Cloud Next this year - My last DevFest this year -

Today’s Goal - Getting started with GCP - Being able
to deploy app on Cloud Run - Have an overview of Cloud Run - Be production ready

I will not cover... - General serverless computing models -
Detailed container technology - Docker Best Practices - Microservices principles - Databases - Machine Learning - etc...

Google Cloud Platform

GCP Products - Network - Compute - Database - Data
Analytics - Machine Learning

Serveless

Serverless Functions

Serverless Computing in GCP

Serverless Computing in GCP Cloud Functions App Engine Cloud Run

Container

Docker - Create, Deploy and Run using Containers - Using
Linux cgroup and namespace - De facto standard format for containers docker image build … docker image push … docker container run …

Kubernetes - Container Platform based on Google’s Borg - Borg
has supported Google’s service over 12+ years - Orchestrates computing, networking, and storage infrastructure - Microservices Platform - GKE = Google Kubernetes Engine - Fully-managed version of Kubernetes on GCP

Containers Kubernetes

https://twitter.com/steren/status/1115648277356077058

https://twitter.com/ahmetb/status/1195056373983145984

Cloud Run - Generally Available - Fully-managed serverless environment -
Knative API Compatible - Deploy Container - Container with HTTP listening to $PORT - Pay for CPU and memory @100ms + network transfer

Cloud Run - Managed Endpoint - Custom Domains - SSL
Termination - 1-80 concurrent requests per instance - Default to 80 - Auto scaling from Zero to 1000 instances scale - Default to 1000

Cloud Run - Cloud SQL connection - Serverless VPC connection
- not yet available as of 13 Dec 2019

Some Limitations for Cloud Run - CPU: 1 vCPU -
RAM: 128MB ~ 2GB (Default to 256MB) - Timeout: 15min (Default to 5 min)

Pricing - https://cloud.google.com/run/pricing?hl=en

https://github.com/meteatamel/knative-tutorial

3 Steps to Deploy! Make App - Any Language -
Listen to $PORT Containerize - docker build ... - docker push ... Deploy - gcloud run deploy - run run run 1 2 3

Make App - Any Language, any Framework - Listen to
HTTP on $PORT // main.go package main // ... func main() { r := chi.NewRouter() r.Get("/", func(w http.ResponseWriter, r *http.Request) { m := &Message{ Status: http.StatusOK, Text: os.Getenv("MESSAGE"), } render.JSON(w, r, m) }) port := os.Getenv("PORT") if port == "" { port = "8080" } log.Fatal(http.ListenAndServe(":"+port, r)) } // ...

Containerize - Make it in to a Docker container //
Dockerfile FROM golang:1.13 as go FROM gcr.io/distroless/base-debian10 as run FROM go as build WORKDIR /go/src/app COPY go.mod . COPY go.sum . RUN go mod download COPY . . RUN go build -o /go/bin/app FROM run COPY --from=build /go/bin/app /usr/local/bin/app CMD ["app"] $ docker image build … $ docker image push … $ docker container run …

https://www.slideshare.net/Docker/dcsf19-dockerfile-best-practices

https://medium.com/@tonistiigi/advanced-multi-stage-build-patterns-6f741b852fae

Deploy - Cloud Console or gcloud command $ gcloud run
deploy my-app --image=gcr.io/...

What’s next? Make App - Any Language - Listen to
$PORT Containerize - docker build ... - docker push ... Deploy - gcloud run deploy - run run run 1 2 3 4 ???

What’s next with Cloud Run? - CI/CD - Authentication -
Firebase Integration - Database - gRPC Protocol - and more ….!

CI/CD - Previously built and deployed manually… - For production
automated CI/CD is mandatory

Cloud Build - Fully-managed CI - https://cloud.google.com/cloud-build/ - Save Artifact
to GCR/GCS - Deploy to GCP products - Manual submit or Trigger - Configuration - cloudbuild.yaml or Dockerfile

CI/CD with Cloud Build Cloud Build Build Image Save image
Container Registry (GCR) Cloud Run Deploy Use image

CI/CD with Cloud Build // cloudbuild.yaml steps: - name: gcr.io/cloud-builders/docker
args: - image - build - -t - gcr.io/$PROJECT_ID/my-api - . dir: app // continues - name: gcr.io/cloud-builders/docker args: - image - push - gcr.io/$PROJECT_ID/my-api // continues

CI/CD with Cloud Build - name: gcr.io/cloud-builders/gcloud args: - run
- deploy - demo-app - --image=gcr.io/$PROJECT_ID/demo-app - --platform=managed - --region=asia-northeast1 - --allow-unauthenticated - --set-env-vars - MESSAGE=HELLO!!!! - --project=$PROJECT_ID

CI/CD with GitHub Actions Official Resource https://github.com/GoogleCloudPlatform/github-actions // ... -
uses: GoogleCloudPlatform/github-actions/setup-gcloud@master with: version: '270.0.0' service_account_email: ${{ secrets.SERVICE_ACCOUNT_EMAIL }} service_account_key: ${{ secrets.SERVICE_ACCOUNT_KEY }} // ...

CI/CD with Terraform https://twitter.com/steren/status/1202308468645826560

Authentication

Authentication Like microservices, service-to-service authentication might be required Service A
Service B Implement Authentication…?

Authentication Or Managed-Service integration like Cloud Pub/Sub, Cloud Tasks and
Cloud Scheduler Cloud Pub/Sub Service Implement Authentication…?

Authentication Cloud Run can use Cloud IAM to authenticate! Service
A Service B Service A has roles/run.invoker privileges Service B is deployed with --no-allow-unauthenticated option

https://medium.com/google-cloud-jp/gcp-%E3%81%8B%E3%82%89%E3%81%AE-http-%E3%83%AA%E3%82% AF%E3%82%A8%E3%82%B9%E3%83%88%E3%82%92%E3%82%BB%E3%82%AD%E3%83%A5%E3%82% A2%E3%81%AB%E8%AA%8D%E8%A8%BC%E3%81%99%E3%82%8B-dda4933afcd6

Firebase Integration

Firebase Integration Cloud Run can be combined with Firebase Hosting
Client /foo /bar

Firebase Integration - Cloud Run can be integrated with Firebase
Hosting with “run” - Cache can be controlled with http headers // firebase.json { "hosting": { "public": "static", "rewrites": [ { "source": "**", "run": { "serviceId": "hello-run", "region": "asia-northeast1" } }, { "source": "/static/**", "destination": "/static/index.html" } ] } } $ firebase deploy

Database

Database Access - Non-VPC resources - Cloud Firestore - Cloud
Spanner - etc… - VPC resources - Cloud Memorystore - other VPC resources... - Cloud SQL (RDB)

Database Access - Non-VPC resources - Cloud Firestore - Cloud
Spanner - etc… - VPC resources - Cloud Memorystore - other VPC resources... - Cloud SQL (RDB) Google Cloud SDK Deploy Run w/ --add-cloudsql-instances option Wait for Serverless VPC Access

gRPC Protocol

https://ahmet.im/blog/grpc-auth-cloud-run/

https://github.com/steren/awesome-cloudrun

Need more flexible environment?

Kubernetes - 16:05~ @ B202 - @amsy810

https://twitter.com/kelseyhightower/status/935252923721793536

Choose the right platform?

https://cloud.google.com/blog/products/containers-kuberne tes/when-to-use-google-kubernetes-engine-vs-cloud-run-f or-containers

https://www.youtube.com/watch?v=wzPmgWJ5fpU

Takeaways

Takeaways 1/2 - Cloud Run is a container serverless platform.
- You can run any container listening http on $PORT - Cloud Run allows you to deploy containerized applications with a single command or a few clicks. - Cloud Run can use most of the GCP resources - API, Database, Storage … - More features are coming!

Takeaways 1/2 - Kubernetes is not only option for running
containers. - (for the record I love Kubernetes) - Choose the right platform depending on your app and team!

Kubernetes - 16:05~ @ B202 - @amsy810

Try Following - @ahmetb - @steren - @martinomander - @glaforge
- @meteatamel - @alexismp

Thank you

GCP 101: Getting Started through Cloud Run

GCP 101: Getting Started through Cloud Run

More Decks by sakajunquality

Other Decks in Technology

Featured

Transcript