I would like to know how to go about setting up a Google Cloud Load Balancer for a Cloud Run App and would like to retain/use the same Cloud Run - .a.run.app URL
Is this possible? Could someone point me in the direction of some documentation. What I find in the GCP seems to only document use cases when a custom domain is setup for the load balancer, In my case I would like to stick to the run.app URL.
Thanks
The Cloud Run URL is controlled/managed by Google Cloud. This URL maps to the Google Frontend (GFE). You have no ability to redirect that mapping to an HTTP(S) Load Balancer.
Once you have configured the load balancer you can configure a new custom domain, but you will not be able to remap the existing URL to point to the load balancer.
Related
Is it possible to disable the default URL like this https://my-app-332mpca-uc.a.run.app and only use my custom domain as defined in domain mapping?
You can't achieve that with custom domain. You can achieve something similar by adding a Load Balancer in front of Cloud Run thanks to serverless NEG.
As you do that, you have an IP that you can add to your registrar (similar to custom domain in fact). To remove the public access of the Cloud Run default URL, you can set the ingress parameter of Cloud Run service to Internal and Cloud Load Balancer.
And then, you have it.
No.
The Cloud Run service URL is the definitive address for the service.
Your DNS CNAME needs a unique identifier for the service and the endpoint is it.
The only alternative to a URL would be for Google to publish IP addresses for Cloud Run services but that's impractical (with IPv4) and still provides an alternative way to access the service.
I have an google cloud storage buckets and one rails app to access this buckets. My app works with files from 1M until 300M in uploads/downloads.
On my rails app I use carriewave gem, so ...all the throughput comes to my app, after to the bucket....until now, everything normal.
Recently I implement GCP direct upload but, the base url is storage.googleapis.com. This is terrible for my customers that have such a high level security in their local networks.
I need that storage.googleapis.com becomes storage.mycustomdomain.com. In this approach my customers will just allow *.mycustomdomain.com in their networks.
Someone could help me?
Tnks
Cloud Storage public objects are served directly from GCP through storage.googleapis.com, as explained in the documentation. From John Hanley’s comment, and according to this guide, Cloud Storage does not directly support custom domains:
Because Cloud Storage doesn't support custom domains with HTTPS on its own, this tutorial uses Cloud Storage with HTTP(S) Load Balancing to serve content from a custom domain over HTTPS.
The guide goes into creating a load balancer service which you can use to serve user content from your own domain, using the buckets as the service backend. Otherwise, it is also possible to create a CDN which is supported by Cloud Storage and uses a custom domain, as mentioned by the blog objectives:
I want to serve images on my website (comparison for contact lenses) from a cloud bucket.
I want to serve it from my domain, cdn.kontaktlinsen-preisvergleich.de
I need HTTPS for that domain, because my website uses HTTPS everywhere and I don’t want to mix that.
This related thread also mentions implementation of a CDN to use a custom domain to serve Cloud Storage objects.
I want to use API Gateway for its mutual TLS capability and add it to an existing .net fx 4.8 web application hosted in IIS which is fronted by and AWS ALB:-
client browser -> apigw -> alb -> ec2
I have configured the apigw method to return html and to use proxy integration, but I am having issues in a couple of places:-
any request made to a subfolder of the mapped path returns {"message":"Missing Authentication Token"}
images are not being returned (tested by using the iis home page on the root
In the absence of any api auth being configured, I understand that the missing token response could indicate a bad url. I am new to apigw so I may be missing something obvious, but I cannot believe I would have to map every single possible path available in our web app in the apigw config - there are simply too many!
I have read a few articles/messages talking about handling images but these either refer to using s3 as the store or, in the case of the image being the only thing in the response, configuring the apigw to return an image content type. In this case of a .net web app which will return html and images, I have not found any advice.
So my question is (before I spend way too long trying to make this work!), is it possible or even advisable to front a .net fx web app with an aws api gateway?
You need to configure "Catch-all Path Variables" in API Gateway, as described here.
My backend is a simple dockerized Node.js express app deployed onto elastic beanstalk. It is exposed on port 80. It would be located somewhere like
mybackend.eba-p4e52d.us-east-1.elasticbeanstalk.com
I can call my APIs on the backend
mybackend.eba-p4e52d.us-east-1.elasticbeanstalk.com/hello
mybackend.eba-p4e52d.us-east-1.elasticbeanstalk.com/postSomeDataToMe
and they work! Yay.
The URL is not very user friendly so I was hoping to set up API gateway to allow to me simply forward API requests from
api.myapp.com/apiFamily/ to mybackend.eba-p4e52d.us-east-1.elasticbeanstalk.com
so I can call api.myapp.com/apiFamily/hello or api.myapp.com/apiFamily/postMeSomeData
Unfortunately, I can't figure out (i) if I can do this (ii) how to actually do it.
Can anybody point me to a resource that explains clearly how to do this?
Thanks
Yes, you can do this. For this to happen you need two things:
a custom domain that you own and control, e.g. myapp.com.
a valid, public SSL certificate issued for that domain.
If you don't have them, and want to stay within AWS ecosystem, you can use Route53 to buy and manage your custom domain. For SSL you can use AWS ACM which will provide you with free SSL certificate for the domain.
AWS instructions on how to set it up all is:
Setting up custom domain names for REST APIs
I have two apps I wanted to have "fully managed" by Cloud Run. One is a pure Vue.js SPA and the other is the belonging backend server for it that is connected to a MySQL and also fetches some other API endpoints.
Now I have deployed both apps but am totally unaware on how I can give the frontend app access to the backend app. They should be both running on the same domain to avoid the frontend from.
Current URL of the frontend app: https://myapp-xl23p3zuiq-ew.a.run.app
So I'd love to have the server accessible by: https://myapp-xl23p3zuiq-ew.a.run.app/api
Is this somewhat possible to achieve with Cloud Run?
I was having the same issue. The general idea that one usually has is to use path mapping and map / to your client and /server to your backend. After googling for a while I found this:
https://cloud.google.com/run/docs/mapping-custom-domains
Base path mapping: not supported
The term base path refers to the URL
path name that is after the domain name. For example, users is the
base path of example.com/users. Cloud Run only allows you to map a
domain to /, not to a specific base path. So any path routing has to
be handled by using a router inside the service's container or by
using Firebase Hosting.
Option1:
I ended up creating an "all in one" docker image with an nginx as reverse proxy and the client (some static files) and server (in my case a python application powered by uwsgi).
If you are looking for inspiration, you can check out the public repository here: https://gitlab.com/psono/psono-combo
Opttion2:
An alternative would be to host your client on client.example.com, your server on server.example.com and then create a third docker run instance with a reverse proxy under example.com.
All requestes would be "proxied" to the client and server. Your users will only interact with example.com so CORS won't be an issue.
Option3:
Configure CORS, so people accessing example.com can also connect to server.example.com
Currently this is not possible in Cloud Run, as already said on the comments to your question.
You could check if there are any Feature Request for this functionality on Buganizer (Google Issue Tracker), currently there seems to be none, and if that is indeed the case, you can create a new Feature Request by changing the request type from Bug to Feature Request and as Google develops it on their road map, you will be informed.
Hope this helped you.