This article provide a guidance to complete GSP328 Serverless Cloud Run Development: Challenge Lab. It won’t provide steps directly, only tips to finish the lab. The challenge contains 7 tasks. As it has staging and production environment, so actually is 3 different sets of tasks. Provision the Qwiklabs environment run those commands to set config and checkout files Task 1: Assessment Build an image using Cloud Build Deploy a Cloud Run service as an unauthenticated service Test service responds when the endpoint is accessed
|
1 2 3 4 5 6 7 8 |
+-----------------+-----------------------------------+ | FIELD | VALUE | +-----------------+-----------------------------------+ | Billing Image | billing-staging-api:0.1 | | Billing Service | public-billing-service | | Authentication | unauthenticated | | Code | pet-theory/lab07/unit-api-billing | +-----------------+-----------------------------------+ |
gCloud build command reference: https://cloud.google.com/sdk/gcloud/reference/beta/builds/submit
|
1 2 3 |
cd ~/<CODE> gcloud builds submit \ --tag gcr.io/$GOOGLE_CLOUD_PROJECT/<BILLING_IMAGE> |
2. gCloud deploy command reference: https://cloud.google.com/sdk/gcloud/reference/run/deploy https://cloud.google.com/sdk/gcloud/reference/run/deploy#–[no-]allow-unauthenticated
|
1 2 3 |
gcloud run deploy <SERVICE> \ --image gcr.io/$GOOGLE_CLOUD_PROJECT/<BILLING_IMAGE> \ --<AUTHENTICATED> |
3. optional: click on the Service URL in cloud shell, or curl manually. e.g. curl https://public-billing-service-XXXXXXX.a.run.app Task 2: Same as task 1, with different values.
|
1 2 3 4 5 6 7 8 |
+----------------+-------------------------------------------+ | FIELD | VALUE | +----------------+-------------------------------------------+ | Image Name | frontend-staging:0.1 | | Service Name | frontend-staging-service | | Authentication | unauthenticated | | Code | pet-theory/lab07/staging-frontend-billing | +----------------+-------------------------------------------+ |
Task 3:
|
1 2 3 4 5 6 7 8 |
+----------------+--------------------------------------+ | FIELD | VALUE | +----------------+--------------------------------------+ | Image Name | billing-staging-api:0.2 | | Service Name | private-billing-service | | Authentication | authenticated | | Code | pet-theory/lab07/staging-api-billing | +----------------+--------------------------------------+ |
Delete the existing Billing Service
|
1 2 |
cd ~/<CODE> gcloud beta run services delete public-billing-service |
2. Build an image using Cloud Build: similar to task 1 3. Deploy the image to Cloud Run requiring authentication: similar to above, just be aware this time is authenticated. --no-allow-unauthenticated 4. Test service:
|
1 2 3 4 |
BILLING_SERVICE=private-billing-service BILLING_URL=$(gcloud run services describe $BILLING_SERVICE \ --format "value(status.URL)") curl -X get -H "Authorization: Bearer $(gcloud auth print-identity-token)" $BILLING_URL |
Task 4:
|
1 2 3 4 5 6 |
+-----------------+---------------------------+ | FIELD | VALUE | +-----------------+---------------------------+ | Service Account | billing-service-sa | | Display Name | Billing Service Cloud Run | +-----------------+---------------------------+ |
create service account reference: https://cloud.google.com/iam/docs/creating-managing-service-accounts#creating
|
1 |
gcloud iam service-accounts create <SERVICE_ACOUNT> --display-name "<DISPLAY_NAME>" |
Task 5:
|
1 2 3 4 5 6 7 8 9 |
+-----------------+-----------------------------------+ | FIELD | VALUE | +-----------------+-----------------------------------+ | Image Name | billing-prod-api:0.1 | | Service Name | billing-prod-service | | Authentication | authenticated | | Code | pet-theory/lab07/prod-api-billing | | Service Account | billing-service-sa | +-----------------+-----------------------------------+ |
Deploy the image to Cloud Run & Enable Authentication
|
1 2 |
cd ~/<CODE> ## similar to task 3 build and deploy command above |
2. Enable Service Account https://cloud.google.com/sdk/gcloud/reference/run/services/add-iam-policy-binding
|
1 2 3 |
gcloud run services add-iam-policy-binding <SERVICE_NAME> \ --member=serviceAccount:<SERVICE_ACCOUNT>@$GOOGLE_CLOUD_PROJECT.iam.gserviceaccount.com \ --role=roles/run.invoker |
3. optional: Test service url: lab instructions URL is case sensitive.
|
1 2 3 4 5 6 |
PROD_BILLING_SERVICE=private-billing-servicePROD_BILLING_URL=$(gcloud run services \ describe $PROD_BILLING_SERVICE \ --format "value(status.URL)") curl -X get -H "Authorization: Bearer \ $(gcloud auth print-identity-token)" \ $PROD_BILLING_URL |
Task 6:
|
1 2 3 4 5 6 |
+-----------------+-----------------------------------+ | FIELD | VALUE | +-----------------+-----------------------------------+ | Service Account | frontend-service-sa | | Display Name | Billing Service Cloud Run Invoker | +-----------------+-----------------------------------+ |
same command as Task 4 Task 7:
|
1 2 3 4 5 6 7 8 9 |
+-----------------+----------------------------------------+ | FIELD | VALUE | +-----------------+----------------------------------------+ | Image Name | frontend-prod:0.1 | | Service Name | frontend-prod-service | | Authentication | unauthenticated | | Code | pet-theory/lab07/prod-frontend-billing | | Service Account | frontend-service-sa | +-----------------+----------------------------------------+ |
Deploy the image to Cloud Run & Enable Authentication: refer to Task 5
|
1 2 |
cd ~/<CODE> ## similar to task 5 build and deploy command above |
2. Enable Service Account: similar to task 5
|
1 2 3 |
gcloud run services add-iam-policy-binding <SERVICE_NAME> \ --member=serviceAccount:<SERVICE_ACCOUNT>@$GOOGLE_CLOUD_PROJECT.iam.gserviceaccount.com \ --role=roles/run.invoker |
…
This blog post is recording my journey on proof of concept development on ionic 4 capacitor & PWA development in December 2018, just note down some obstacles I faced or founding in the journey, and this is not a tutorial. Although Progressive Web Apps (PWA) are installable without app store, as of today business requirement may still need the distribute channel via app store. With ionic (UI) and Cordova framework, one single code base can serve native apps and web apps together. ionic 4 Capacitor or Stencil Capacitor is still in Release Candidate in Dec 2018, and 1.0 production in 2019. Integrate with Angular. Cross platform: iOS, android, Web, Electron (win & macOS) Stencil: web component (similar to ploymer), reusable, independent (angular, react, vue) selected Capacitor as per requirement. Toolings: Intellij Idea (as subscribed), or Visual Studio Code (free) Installation follow the official documentation. run $ ng build to create /www folder Creation on iOS & android projects is smooth and easy. ionic team really did a great job there. However, PWA isn’t that user-friendly. npm install @ionic/pwa-elements only adding UI component. PWA services worker angular-worker: basic usage, npm install -g @angular/cli ; ng add @angular/pwa ngsw-config.json. workbox: advance usage. pre-caching, background sync …etc very difficult to setup, due to angular builder. Need to manually add “glob”: “workbox-<Component>.<dev|prod>.js” to angular.json . See https://golb.hplar.ch/2018/06/workbox-serviceworker-in-angular-project.html for more details Development $ ionic server –> live reload on source folder, so PWA doesn’t work as pre-caching & routing info in /www (build) folder, not src/service-worker.js edit package.json, add "dist": "ng build && workbox injectManifest" Then run $ npm run dist to build. Then run $ npx cap serve alternatively, http-server can be used, …
唔想每個server 行一次 ssh 再run command,寫個script 同做一次所有servers 既時間差。不過下次再run 就可以慳好多時間。IaC / automation always win. Ansible playbook 可能都有,可惜冇機會用到Ansible 。 放左去gist。有用既請拍下 likecoin ,Thanks:)