Skip to content

Instantly share code, notes, and snippets.

@ahmetb

ahmetb/script.sh Secret

Last active Jul 21, 2020
Embed
What would you like to do?
Cloud Run multi-region deployment script https://ahmet.im/blog/cloud-run-multi-region/
#!/usr/bin/env bash
set -euo pipefail
PROJECT_ID="${PROJECT_ID:-ahmetb-samples-playground}"
IMAGE="${IMAGE:-gcr.io/ahmetb-public/zoneprinter}"
APP_NAME="${APP_NAME:-zoneprinter}"
DOMAIN="${DOMAIN:-zoneprinter.ahmet.im}"
log () {
echo >&2 "$(tput setaf 2)$*$(tput sgr0)"
}
gcloud() {
set -x
command gcloud -q --project "${PROJECT_ID}" "$@"
}
run_regions() {
local token
token="$(gcloud auth print-access-token)"
curl -sSLfH "Authorization: Bearer $token" \
"https://run.googleapis.com/v1/projects/${PROJECT_ID}/locations?alt=json" |\
jq -r '.locations[].locationId'
}
log "Deploying Cloud Run service in all regions."
for r in $(run_regions); do
gcloud run deploy "${APP_NAME}" --image="${IMAGE}" --platform=managed \
--allow-unauthenticated --region="$r"
true
done
log "Creating regional serverless NEGs."
for r in $(run_regions); do
(
gcloud alpha compute network-endpoint-groups create \
"${APP_NAME}-${r}" \
--region="$r" --network-endpoint-type=SERVERLESS \
--cloud-run-service="${APP_NAME}"
)
done
log "Done"
backend="${APP_NAME}-backend"
log "Creating a backend-service."
(
gcloud compute backend-services create "${backend}" --global
)
log "Done."
log "Adding regional NEGs to the backend-service."
for r in $(run_regions); do
(
gcloud alpha compute backend-services add-backend "${backend}" --global \
--network-endpoint-group="${APP_NAME}-${r}" \
--network-endpoint-group-region="$r"
)
done
log "Done"
log "Creating a url-map."
urlmap="${APP_NAME}-urlmap"
(
gcloud compute url-maps create "${urlmap}" --default-service="${backend}"
)
log "Done."
log "Creating a managed ssl-certificate."
cert="${APP_NAME}-cert"
(
gcloud beta compute ssl-certificates create "${cert}" --domains="${DOMAIN}"
)
log "Done."
log "Creating a target-https-proxy."
target_https="${APP_NAME}-https"
(
gcloud compute target-https-proxies create "${target_https}" \
--ssl-certificates="${cert}" \
--url-map="${urlmap}"
)
log "Done."
log "Creating a static IPv4 address."
ip="${APP_NAME}-ip"
(
gcloud compute addresses create --global "${ip}"
)
log "Done."
log "Creating a global forwarding-rule for HTTPS."
fwdrule_https="${APP_NAME}-lb"
(
gcloud compute forwarding-rules create --global "${fwdrule_https}" \
--target-https-proxy="${target_https}" \
--address="${ip}" \
--ports=443
)
log "Done."
log "Creating url-map for http-to-https redirect."
urlmap_redir="${APP_NAME}-httpredirect"
(
gcloud compute url-maps import "${urlmap_redir}" \
--global \
--source /dev/stdin <<EOF
name: "${urlmap_redir}"
defaultUrlRedirect:
redirectResponseCode: MOVED_PERMANENTLY_DEFAULT
httpsRedirect: True
EOF
)
log "Done."
log "Creating target-http-proxy for http-to-https redirect."
target_http="${APP_NAME}-http"
(
gcloud compute target-http-proxies create "${target_http}" \
--url-map="${urlmap_redir}"
)
log "Done."
log "Creating global forwarding-rule for http-to-https redirect."
fwdrule_http="${APP_NAME}-httplb"
(
gcloud compute forwarding-rules create --global "${fwdrule_http}" \
--target-http-proxy="${target_http}" \
--address="${ip}" \
--ports=80
)
log "Done."
ipv4addr=$(gcloud compute forwarding-rules describe --global "${fwdrule_https}" \
--format='value(IPAddress)')
log "Now, update DNS A records to point ${DOMAIN} to ${ipv4addr}."
log "Then wait for domain name to start working,"
log "Or simply wait for certificate provisioning status using:"
log " gcloud beta compute ssl-certificates describe ${cert}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.