[Originally published on LinkedIn 29 May 2024]
Google Cloud‘s Yunong Xiao presented Cloud Run at AppDev Field Day 1, and the stated Cloud Run value proposition hits all the developer hot buttons:
- start quickly
- write code fast and securely
- ship fast and frequently
- integrate ai (of course)
- managed infrastructure stack
Cloud Run’s abstraction layer is a containerized application. Upload your container to the environment, and Cloud Run takes care of the entire infrastructure. The system provides “t-shirt” sizing (small, medium, large) type configuration and limited ability to tweak the environment to the specific needs of your app.
To support CICD, Cloud Run supports “blue/green” functionality, where you can direct a specific percentage of traffic to a specific revision of your app. You can also have version specific URLs for testing new versions and apps.
New features include:
- Stateful apps can mount NFS or Cloud Storage Fuse filesystems as R/O or RW.
- Automatic security updates – within 48 hrs of a minor revision to the language base being published, Google will update the infrastructure.
- Deploy the same app to multiple regions with a global endpoint that auto-routes to the closest region
- Large Enterprise support to meet speed/scale and safety needs. Once policies are defined, the developer doesn’t have to worry about any of the fine-grained decisions.
Lots of new security features including
- access control
- encryption
- Network security
- supply chain security
- compliance
But all of this comes with a big caveat.
To take advantage of Cloud Run, you must make the decision to use GCP tools. This introduces one level of indirection for much of the security stack. For example, if you want to use your own identity provider, your app uses Google’s IAM, and, outside of the Cloud Run environment, you can integrate your IDP and SSO with Google. To some extent, this ameliorates Cloud Run’s value prop for the enterprise — that Cloud Run speeds application development.
Google, of course, couldn’t leave out AI. Cloud Run can be a fundamental component in the development of a larger GenAI app. Because Cloud Run abstracts away many container management issues, developers can focus on writing the GenAI app.
However, like the security features, you really need to use the whole Google environment to build a GenAI app. Cloud Run itself doesn’t have any built-in GenAI support – it’s just a container runtime environment where the front end to your GenAi app can run.
In the modern DevOps world, CloudRun is really targeted at the Ops side more than the Dev side. When you’re wearing your developer hat, you can focus on app functionality, not on app management, which is a win for developers. Likewise, when you’re wearing your operational hat, your life is simplified, as Google is managing the majority of the infrastructure, and you can focus on ensuring all your apps are running and secured.
The real question:
Because so much of the complexity of the environment is abstracted away to make a simplified one-size-fits-all solution, and users have limited knobs and levers, can Cloud Run provide the security, speed, scale, configurability, and flexibility needed by enterprise organizations?
#ADFD1 #AppDev #containers #DevOps #DevSecOps #security #cybersecurity #CICD #GKE #K8S