Cloud Run Service Chart¶
A Helm chart to template the manifest of a Cloud Run service or job.
name¶
0.1.0 string 63 ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Name of the Cloud Run Service to deploy. Must be unique within the project region combination.
project¶
0.1.0 string
The google cloud project to deploy the Cloud Run service to.
region¶
0.1.0 string ^(asia|europe|me|us|africa|australia|northamerica|southamerica)-[a-z]+(\d+)$ us-central1
The region to deploy the CloudRun service to. Uses the default region if not provided.
image¶
next object, string
Container image to deploy. You can provide a direct reference to an image using a string or split up the inputs using the object.
name¶
0.1.0 string
Container image name.
registry¶
0.1.0 string
Container image registry.
repository¶
0.1.0 string
Container image repository.
tag¶
0.1.0 string latest
Container image tag.
revisionName¶
0.1.0 string
The name of the Cloud Run revision to deploy. If not provided, a random name will be generated. The revision will always be prefixed with the service name.
containerName¶
0.1.0 string
Optional name for the container within a revision. Automatically generated if not supplied.
description¶
0.1.0 string
A human-readable description of the CloudRun service.
env¶
0.1.0 object
Environment variables to set in the CloudRun container. Using an object allows merging of multiple values, e.g. env.staging and env.production.
secrets¶
0.1.0 object
Secrets to map as environment variables in the Cloud Run container.
command¶
0.1.0 array []
Command that runs when the container starts.
args¶
0.1.0 array []
Arguments to pass to the command.
autoscaling¶
next object
minScale¶
0.1.0 integer 1
Minimum number of replicas to scale down to. 0 enables scale to zero.
maxScale¶
0.1.0 integer 100
Maximum number of replicas to scale up to.
maxConcurrentRequests¶
0.1.0 integer 80
The number of concurrent requests per instance. Controls how many requests are processed before the autoscaler scales up. Setting this to 1 means 1 request per instance at a time.
timeoutSeconds¶
0.1.0 integer 60
The maximum time the container will wait before responding with a 504 error. Especially important for startup times of newly spawned containers.
sessionAffinity¶
0.1.0 boolean False
Whether to enable session affinity for the CloudRun service. When enabled, requests from the same client are routed to the same container instance.
resources¶
0.1.0 object
Resource requests and limits for the CloudRun container. If not provided, defaults are used.
cpuThrottling¶
0.1.0 boolean True
Whether to throttle the CPU. This has significant impact on billing if set to false.
gpu¶
0.1.0 boolean False
Whether to enable GPU support for the Cloud Run container. Only a single GPU per cloud run container is supported and will incur additional costs.
limits¶
0.1.0 object
cpu¶
0.1.0 number 1
Maximum CPUs to allocate for the Cloud Run container.
Can be 1, 2, 4, 6, 8, or any fractional value from 0.08 to less than 1 in increments of 0.01.
The following are minimum memory requirements for CPUs:
| CPUs | Minimum memory |
|---|---|
| 4 | 2 GiB |
| 6 | 4 GiB |
| 8 | 4 GiB |
If you use less than 1 CPU, the following requirments are enforced:
| Setting | Requirement |
|---|---|
| Memory | A minimum of 0.5 CPU is needed to set a memory limit greater than 512MiB. A minimum of 1 CPU is needed to set a memory limit greater than 1GiB. |
| Concurrency | Maximum concurrency must be set to 1. |
| CPU allocated | CPU allocation must be set to CPU allocated only during request processing. |
| Execution environment | You must use the first generation execution environment. |
memory¶
0.1.0 string ^\d+(\.\d+)?(Mi|Gi)$ 512Mi
Maximum memory to allocate for the Cloud Run container. Must be at least 2GiB for 4 CPUs and 4GiB for 6-8 CPUs.
startupBoost¶
0.1.0 boolean False
Whether to boost the CPUs at the start of the container.
containerPort¶
0.1.0 integer 8080
Container port to expose. In CloudRun only a single port can be exposed and defaults to 8080.
http2¶
0.1.0 boolean False
Whether to use HTTP/2 for the container port. If enabled, the port name will be h2c instead of http1.
ingress¶
0.1.0 string all · internal · internal-and-cloud-load-balancing all
The ingress settings for the CloudRun service. Controls where the service can be accessed from.
startupProbe¶
0.1.0 object
The startup probe controls how the Cloud Run service is monitored for readiness. And new revisions will only replace the running container if the startup probe succeeds.
initialDelaySeconds¶
0.1.0 integer 0
Number of seconds after the container starts before the probe is initiated
periodSeconds¶
0.1.0 integer 10
How often (in seconds) to perform the probe
timeoutSeconds¶
0.1.0 integer 1
Number of seconds after which the probe times out
failureThreshold¶
0.1.0 integer 3
Number of consecutive failures required to determine the container is not alive
The startupProbe setting requires exactly one of the following configurations:
httpGet¶
0.1.0 object
HTTP health check configuration. If you are configuring your Cloud Run service for HTTP probes, you must also add an endpoint in your service code to respond to the probe. Any response between 200 and 400 is a success, everything else indicates failure.
startupProbe:
httpGet:
path: /health
port: 8080
httpHeaders:
-
name: X-Custom-Header
value: my-value
path¶
0.1.0 string
Relative path to the HTTP endpoint, for example, /heatlh.
port¶
0.1.0 integer 8080
Port to probe for HTTP health check. Should be set to the container port used for your service.
httpHeaders¶
0.1.0 array
HTTP headers can be used to supply multiple or repeated custom headers.
tcpSocket¶
0.1.0 object
Probes if the container is listening on the specified port. Use the other health check options for more control.
port¶
0.1.0 integer 8080
Port should be set to the container port used for your service.
grpc¶
0.1.0 object
If you are configuring a gRPC probe, you must also implement the gRPC Health Checking protocol in your Cloud Run service.
port¶
0.1.0 integer 8080
Port to probe for gRPC health check. Should be set to the container port used for your service.
service¶
0.1.0 string
If set, this is used in the service field of the grpc.health.v1.HealthCheckRequest when the grpc.health.v1.Health.Check rpc is called.
livenessProbe¶
0.1.0 object
The liveness probe controls how the Cloud Run service is monitored for health. If a liveness probe does not succeed within the specified time (failureThreshold * periodSeconds), the container is shut down using a SIGKILL signal. Any remaining requests that were still being served by the container are terminated with the HTTP status code 503. After the container is shut down, Cloud Run autoscaling starts up a new container instance.
initialDelaySeconds¶
0.1.0 integer 0
Number of seconds after the container starts before the probe is initiated
periodSeconds¶
0.1.0 integer 10
How often (in seconds) to perform the probe
timeoutSeconds¶
0.1.0 integer 1
Number of seconds after which the probe times out
failureThreshold¶
0.1.0 integer 3
Number of consecutive failures required to determine the container is not alive
The livenessProbe setting requires exactly one of the following configurations:
httpGet¶
0.1.0 object
HTTP health check configuration. If you are configuring your Cloud Run service for HTTP probes, you must also add an endpoint in your service code to respond to the probe. Any response between 200 and 400 is a success, everything else indicates failure.
livenessProbe:
httpGet:
path: /health
port: 8080
httpHeaders:
-
name: X-Custom-Header
value: my-value
path¶
0.1.0 string
Relative path to the HTTP endpoint, for example, /heatlh.
port¶
0.1.0 integer 8080
Port to probe for HTTP health check. Should be set to the container port used for your service.
httpHeaders¶
0.1.0 array
HTTP headers can be used to supply multiple or repeated custom headers.
grpc¶
0.1.0 object
If you are configuring a gRPC probe, you must also implement the gRPC Health Checking protocol in your Cloud Run service.
port¶
0.1.0 integer 8080
Port to probe for gRPC health check. Should be set to the container port used for your service.
service¶
0.1.0 string
If set, this is used in the service field of the grpc.health.v1.HealthCheckRequest when the grpc.health.v1.Health.Check rpc is called.
serviceAccountName¶
0.1.0 string
Service account to use to run the CloudRun container. If not provided, the default service account of the project is used.
labels¶
0.1.0 object
Labels to add to the Cloud Run container. Must conform to the Cloud Run label schema of lowercase alphanumeric characters, hyphens, and underscores and be 63 characters or less.
label¶
0.1.0 string 63 ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Label key and value must conform to the Cloud Run label schema of lowercase alphanumeric characters, hyphens, and underscores and be 63 characters or less.
volumes¶
0.1.0 object
Volume configurations for the Cloud Run container. Each key is the volume name and must be a valid k8s name (lowercase alphanumeric with dashes).
volume¶
0.1.0 object ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
mountPath¶
0.1.0 string ^/.*
Path where the volume should be mounted in the container
readOnly¶
0.1.0 boolean False
Whether the volume should be mounted read-only
The volumes.volume setting requires exactly one of the following configurations:
secret¶
0.1.0 object
Mount a Secret Manager secret as a volume
name¶
0.1.0 string
Name of the secret in Secret Manager
project¶
0.1.0 string
Project ID for cross-project secrets. If not provided, the project of the Cloud Run service is used.
items¶
0.1.0 array
List of specific secret versions to mount
emptyDir¶
0.1.0 object
Create an ephemeral in memory volume that exists for the lifetime of the container
size¶
0.1.0 string ^\d+(\.\d+)?(Mi|Gi)$
Maximum size of the volume. Must not exceed the memory limit of the container.
gcs¶
0.1.0 object
Mounts a Google Cloud Storage bucket.
bucket¶
0.1.0 string
Name of the GCS bucket to mount
mountOptions¶
0.1.0 object
Additional mount options for gcsfuse
nfs¶
0.1.0 object
Mount an NFS share. The Cloud Run container must be connected via a VPC connector or direct VPC connection to the subnet where the NFS server is located.
server¶
0.1.0 string ^([0-9]{1,3}\.){3}[0-9]{1,3}$|^[a-zA-Z0-9][-a-zA-Z0-9.]*[a-zA-Z0-9]$
IP address or hostname of the NFS server
path¶
0.1.0 string ^/.*
Path that is exported by the NFS server
network¶
0.1.0 object
VPC and networking configuration for the Cloud Run service
egress¶
0.1.0 string private-ranges-only · all-traffic private-ranges-only
The egress type to use for the Cloud Run container if connected to a VPC. In general, use private-ranges-only to reduce latency and bottlenecks when calling external services. Can only be set when connector or vpc and subnetwork are set.
The network setting requires exactly one of the following configurations:
connector¶
0.1.0 string ^(projects/[^/]+/locations/[^/]+/connectors/[^/]+|[a-z][-a-z0-9]*[a-z0-9])$
Name of the VPC connector to use for the CloudRun container. Uses a serverless VPC access connector. Cannot be used with network.
vpc¶
0.1.0 string ^(projects/[^/]+/global/networks/[^/]+|[a-z][-a-z0-9]*[a-z0-9])$
Name of the VPC network to use to create a direct VPC connection. Must be used with subnetwork. Cannot be used with connector.
subnetwork¶
0.1.0 string ^(projects/[^/]+/regions/[^/]+/subnetworks/[^/]+|[a-z][-a-z0-9]*[a-z0-9])$
Name of the VPC subnetwork to use to create a direct VPC connection. Must be used with vpc. Cannot be used with connector.
tags¶
0.1.0 array []
Tags to apply to the network interfaces created for the Cloud Run container. Use the network tags feature of VPC access connectors to control traffic to and from the service.
cloudsql¶
0.1.0 object
CloudSQL configuration for the Cloud Run service. If not provided, the service will not be connected to any CloudSQL instances.
Info
Defining this will automatically inject a CLOUD_SQL_CONNECTION environment variable with the format /cloudsql/project:region:instance. Some libraries will automatically append the required /.s.PGSQL.5432 suffix to connect to the correct unix socket, while others do not. The environment variable is provided without the socket suffix.
instance¶
0.1.0 string
CloudSQL instance name.
project¶
0.1.0 string
CloudSQL project name.
region¶
0.1.0 string .region
CloudSQL region. Defaults to the region of the Cloud Run service.
disableInvokerIamPolicy¶
0.1.0 boolean False
Whether to disable the invoker IAM policy for the Cloud Run service. This is useful when using a VPC connector or direct VPC connection to avoid conflicts with the invoker IAM policy. Must be first requested via invite and is not generally available.
executionEnvironment¶
0.1.0 string gen2 · gen1 gen2
The execution environment to use for the Cloud Run container.
launchStage¶
0.1.0 string ALPHA · BETA · GA BETA
The launch stage of the Cloud Run service. Controls feature availability.
binaryAuthorization¶
0.1.0 boolean False
Whether to enforce Binary Authorization policy for this service.
encryption¶
0.1.0 object
The KMS key to use for encrypting this service. Must be located in the same region and project as the Cloud Run service.
key¶
0.1.0 string
The KMS key to use for encrypting this service.
keyring¶
0.1.0 string
The KMS keyring where the key is stored.
customAudiences¶
0.1.0 array
Custom audiences to set in the generated ID token when using Identity Platform.