Course Outline
Module 1
Introducing Application Development with Cloud Run
Objectives:
- A general understanding of Cloud Run
- Understand how how high availability, low end-user latency and developer productivity are important architectural drivers for web based applications today
- Understand the advantages of serverless on Google Cloud.
Topics Covered - This module gives a general overview of Cloud Run. If you’re new to Cloud Run (or even to Google Cloud), this will be a great introduction.
Module 2
Understanding Cloud Run
Objective:
- Understand Container Images and Containers
- Understand how Cloud Run is different from an always-on server
- Implement the deployment of a container image to Cloud Run (hands-on lab)
- Understand auto-scaling and on-demand containers
Topics Covered
-
You can use any language, any library and any binary. Cloud Run expects your app (in a container image) to listen on a port and respond to HTTP requests.
-
Use a docker repository on Artifact Registry to store your images: Cloud Run only deploys from there.
-
Cloud Run uses autoscaling to handle all incoming requests
-
Pay for use pricing model
-
No background tasks: Container lifetime is only guaranteed while handling requests
-
There is no persistent storage: Store data downstream
-
Cloud Run is portable (containers and Knative)
Module 3
Building Container Images
Objective:
- Deeply understand what is inside a container image
- Package an application into a container image with Buildpacks (hands-on lab activity)
- Understand that Dockerfiles are a lower-level and more transparent alternative to Buildpacks
Topics Covered
-
The contents of a container image (deep dive)
-
There are two ways to build container images: Buildpacks (hands-off) and Docker (you’re in control).
-
Cloud Run supports both source-based and a container image based workflow
-
The most important considerations of building a secure container image.
Module 4
Developing with Cloud Run
Objectives:
- Understand the advantages of the shutdown lifecycle hook
- Understand how to avoid request queuing
- Implement new versions of an application (hands-on lab activity)
- Implement gradual traffic migration (hands-on lab activity)
Topics Covered
-
Container lifecycle: Idle vs serving and Shutdown lifecycle hook
-
Cold starts: Min instances
-
Container readiness
-
The service resource and what it describes
-
Configuring memory limits and CPU allocation
-
Deploying a new revision
-
Traffic steering (tagging, gradual rollouts)
Module 5
Configuring Service Identity and Authorization
Objectives:
- Understand that every action on a Cloud resource is actually an API call
- Understand how and why to limit the permissions in your Cloud Run service to only specific and necessary API calls
- Understand the process needed to make the default permissions of a Cloud API more secure
- Use the client libraries to call other Google Cloud services (hands-on lab activity)
Topics Covered
Cloud IAM
- Service account, policy binding, roles, types of members, resource hierarchy (in practice)
- Service accounts
- Cloud Run IAM roles
Cloud Run
- Default service account
- Risks of using the default service account
Module 6
Serving Requests
Objectives:
- Use Cloud CDN to improve the reliability and performance of an application
- Use path-based routing to combine multiple applications on one domain
- Route incoming requests to the Cloud Run service closest to clients
Topics Covered
-
Custom Domains
-
Global Load Balancer (URL Map, Frontend, Backend services)
-
Benefits and drawbacks of GLB over custom domain
-
Types of GLB Backends
-
Multi-region load balancing
-
Multi-regional applications challenges
-
Cloud CDN
Module 7
Using Inbound and Outbound Access Control
Objectives:
- Connecting your project to resources with a private IP
- Implementing controls to prevent outbound traffic to dangerous or unwanted hosts
- Implementing filters for inbound traffic using content-based rules
- Implementing controlled access to only specific service accounts
Topics Covered:
- Ingress settings
- Cloud Armor
- Using Cloud IAM to protect services: Understand how authenticated requests (IAM + OIDC tokens) work (builds on Module 5)
- VPC, VPC Access Connector
- Egress settings
Module 8
Persisting Data
Objectives:
- Understand how to connect your application with Cloud SQL to store relational data
- Use a VPC Connector to reach a private Memorystore instance
- Understand how to connect with Cloud Storage, Spanner and Firestore
Topics Covered
-
Understanding why you need to store data externally when running a workload on Cloud Run.
-
Connect with Cloud SQL from Cloud Run: Understand how it works (managed Cloud SQL Proxy)
-
Managing concurrency as a way to safeguard performance (understand why and when)
-
Connecting with Memorystor
-
VPC Connector: Challenges with scaling Memorystore (throughput)
-
Briefly introduce Cloud Storage, Firestore and Cloud Spanner, while reinforcing how the client libraries use the built-in service account to connect (Module 5 is prerequisite knowledge).
-
Multi-region data storage (and what Spanner and Firestore can do for you)
Module 9
Implementing Service-to-Service Communication
Objectives:
- Using Cloud Pub/Sub to send messages between services
- Discovering the URL of other Cloud Run services
- Receiving events from other Google Cloud services
- Processing background tasks asynchronously
Topics Covered
-
Understanding Cloud Pub/Sub
-
Understanding topics, push subscriptions
-
Idempotency (Handling retries and at-least-once invocation. Event ID, design for resume, or use a lease.
-
Handling undeliverable message
-
How to asynchronously schedule a background task on a different service
-
Cloud Tasks, and when to choose it over Cloud Pub/Sub
-
Benefits of using Pub/Sub to pass messages over making sync RPC requests
-
Learn about services in Google Cloud with a built-in integration to push events to Pub/Sub (Cloud Build, Artifact Registry, Cloud Storage, IOT Core, BigQuery)
-
Cloud Scheduler to invoke services on a schedule.
-
CloudEvents
-
EventArc, and how to consume Audit logs. What to expect now, and how EventArc will develop over time
Module 10
Orchestrating and Automating Serverless Workflows
Objectives:
- Understand the capabilities of Cloud Workflows
- Learn how to model a simple workflow with steps and conditional jumps
- Integrating Cloud Run with Cloud Workflows
- Understand how to invoke workflows
Topics Covered
-
Conceptual overview of Cloud Workflows
-
Invoking and passing parameters
-
Understand steps and jumps
-
Defining, using and passing values with variables
-
Using the switch statement to add logic
-
Workflow visualization
-
Calling HTTPS endpoints
-
Calling an authenticated Cloud Run service
-
Example: polling API for completion