Search code examples
dockergoogle-cloud-platformgoogle-cloud-runknative

Create service or container from another container, on Google Cloud Run or Cloud Run on GKE

Can I create a service or container from another container, on Google Cloud Run or Cloud Run on GKE ?

I basically want to manage my containers/services dynamically from another container and not sure how to go about this

Adding more details:

One of my microservices needs to create new isolated containers that will run some user-land code. I would like to have full life-cycle control of these containers, run the code, and then destroy as needed.

I also looked at Cloud Run APIs but not sure how to run something like 'kubectl create ...' through the APIs? Is that the right approach?

Solution

  • Yes, you should be able to deploy Cloud Run services from Cloud Run services.

    • on Cloud Run (hosted): services by default run with Editor permissions, so this should be possible without any extra configuration
      • note that if you deploy apps with --allow-unauthenticated which requires setting IAM permissions, the Editor role will not be enough, as you need Owner role on the GCP project for that.
    • on Cloud Run on GKE: services by default run with limited scopes (as they by default inherit GKE node's permissions/scopes). You should add a service account to the Kubernetes Pod and use it to authenticate.

    From there, you have several options:

    1. Use the REST API directly: Since run.googleapis.com behaves like a Kubernetes API server, you can directly apply JSON objects of Knative Services. (You can use gcloud ... --log-http to learn how deployments are made using REST API requests).

    2. Use gcloud: you can ship your container image with gcloud and invoke it from your process.

    3. Use Google Cloud Client Libraries: You can use the client libraries that are available for Cloud Run (for example this Go library) to construct in-memory Service objects and send them to the API using a higher level client library (recommended approach)