K
Q

Is there a way to run GCP's Cloud Run with Private GKE cluster?

9/25/2019

I understand there are two ways in which a container can be deployed on Google Cloud Run:

  1. Cloud Run Fully managed: This runs independently managed by GCP without us creating a cluster
  2. Cloud Run for Anthos: This needs us to create a GKE cluster with Cloud Run enable

I want to go for the second option but would like to keep the GKE cluster private so that no external traffic is allowed.

All the documentation and resources I am going through are explaining everything with Public GKE Clusters (with external IPs).

Is there a way to achieve what I am looking for?

What problems will I face while doing the setup?

Is istio always necessary when using Cloud Run with GKE?

-- Amit Yadav
google-anthos
google-cloud-platform
google-cloud-run
google-kubernetes-engine
istio

Similar Questions

Is it possible to use Node.js v8 on Google Kubernetes Engine after October 1, 2019?
IAM ServiceAccount for CloudRun service endpoint invocation
How Kubernetes API Server watch mechanism works?
Ingress does not update ALB

1 Answer

9/25/2019

You can deploy Cloud Run on GKE in private mode (not really easy to found in documentation, here the link to the gcloud command line).

If the connectivity is private, the service will be reachable only from inside the cluster, and not from internet.

I don't figure what problem you can have for the set up.

Finally, Knative is based on Istio. You can't deploy Knative element without it. And Cloud Run on GKE is simply a package of Knative product by Google. (For managed is different)

-- guillaume blaquiere
Source: StackOverflow