cloud-run-faq | Unofficial FAQ and everything | GCP library
kandi X-RAY | cloud-run-faq Summary
kandi X-RAY | cloud-run-faq Summary
Cloud Run is a service by Google Cloud Platform to run your stateless HTTP containers without worrying about provisioning machines, clusters or autoscaling. With Cloud Run, you go from a "container image" to a fully managed web application running on a domain name with TLS certificate that auto-scales with requests in a single command. You only pay while a request is handled.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of cloud-run-faq
cloud-run-faq Key Features
cloud-run-faq Examples and Code Snippets
Community Discussions
Trending Discussions on cloud-run-faq
QUESTION
i am currently getting my head around "gcp cloud run". my biggest concern at the moment is that it seems traffic behind the endpoint (loadbalancer) is not encrypted up to the container instance. is that assumption correct?
client -> internet -> gloud run endpoint (TLS) -> 1-n "my container instance(s)" on port 8080 (http, unencrypted, on shared gcp infrastructure)
that would be a no-go for my companies security policies which say that all traffic um to the instance needs to be "encrypted in transport"
from the unofficial cloud run faq i read this (which doesn't really make sense to me):
Since your app serves traffic on PORT (by default 8080) unencrypted, you might think the connection between Cloud Run’s load-balanced endpoint and your application is unencrypted.
However, the transit between Google’s frontend/load balancer and your Cloud Run container instance is encrypted. Google terminates TLS/HTTPS connections before they reach your application, so that you don’t have to handle TLS yourself.
thanks, any help highly appreciated
marcel
...ANSWER
Answered 2020-Sep-07 at 12:02Traffic is entirely encrypted all the time during request. After termination of TLS connection at GFE, request is encapsulated into RPC call with Application Layer Transport Security. These RPCs are authenticated and encrypted.
Please check this part of documentation for more insights.
QUESTION
I want to put a CDN in front of a Google Cloud Run service in order to cache some responses.
Right now it seems Cloud CDN requires a Google Load Balancer, and they cannot point to a Google Cloud Run service (https://github.com/ahmetb/cloud-run-faq/tree/e7a0fc43d3054456613c09e073db289ddf76dd33#how-can-i-configure-cdn-for-cloud-run-services).
Is there another way?
...ANSWER
Answered 2020-Feb-15 at 22:52As captured here Cloud CDN is not yet supported by Cloud Run.
QUESTION
I am trying to deploy a new revision to Cloud Run via a CI/CD job and immediately start serving 100% of the traffic to the new revision.
This service is not customer facing and we do not need canary deployments or traffic splitting.
Currently the image is build in gitlab ci pipeline and published gcr. The next step is a gcloud run deploy command. The command is working just fine, I get a new revision. However 0% of the traffic is served to this revision, and I can't for the life of me figure out how to manage that programatically.
- I have read the FAQ here: https://github.com/ahmetb/cloud-run-faq#serving-traffic
- I have read the contents of
gcloud run deploy --help
The only relevant piece of information I can find is this from the FAQ:
However, Cloud Run (currently) only supports serving traffic from the last healthy revision of your service. Therefore, it currently does not support revision based traffic splitting and canary deployments.
But it seems outdated, since I can currently split traffic between revisions manually via the UI. Any clarification would be greatly appreciated. Thank you!
...ANSWER
Answered 2020-May-09 at 19:07(The FAQ repo you linked is out of date, since I'm maintaining that I'll update it thanks for reminding.)
Cloud Run now offers traffic splitting. Here's how it works in a nutshell:
- if there's no traffic split in place (latest=100%),
gcloud run deploywill make the new revision 100% - if there's a split in place,
gcloud run deploywill make the new revision 0%.
To prevent the new revision getting traffic, you can explicitly use --no-traffic.
If you want to split traffic programmatically, I recommend doing this:
Before new deployment promote latest version (given it's stable/good) to 100%:
QUESTION
Can I have Google send http/2 requests to my server in cloud run?
I am not sure how google would know my server supports it since google terminates the SSL on the loadbalancer and sends http to the stateless servers in cloud run.
If possible, I am thinking of grabbing a few pieces from webpieces and creating a pure http/2 server with no http1.1 for microservices that I 'know' will only be doing http/2.
Also, if I have a pure http/2 server, is there a way that google translates from http1 requests to http/2 when needed so I could host websites as well?
The only info I could find was a great FAQ that seems to be missing the does it support http/2 on the server side(rather than client)...
https://github.com/ahmetb/cloud-run-faq
thanks, Dean
...ANSWER
Answered 2020-Apr-15 at 17:08Cloud Run container contract requires your application to serve on an unencrypted HTTP endpoint. However, this can be either HTTP/1 or HTTP/2.
Today, gRPC apps work on Cloud Run and gRPC actually uses HTTP/2 as its transport. This works because the gRPC servers (unless configured with TLS certificates) use the H2C (HTTP/2 unencrypted cleartext) protocol.
So, if your application can actually serve traffic unencrypted using h2c protocol, the traffic between Cloud Run load balancer <=> your application can be HTTP/2, without ever being downgraded to HTTP/1.
For example, in Go, you can use https://godoc.org/golang.org/x/net/http2/h2c package to automatically detect and upgrade http2 connections.
To test if your application implements h2c correctly, you need to locally run:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install cloud-run-faq
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
