1

I'm using cloud run behind a load balancer. However, it's simply a passthrough that performs ssl termination of my own certificate and exposes the cloud run service(s).

I read this and thinking of trying it out.

https://cloud.google.com/run/docs/mapping-custom-domains#run

In the Firebase docs, it says:

"After we verify domain ownership, we provision an SSL certificate for your domain and deploy it across our global CDN within 24 hours after you point your DNS A records to Firebase Hosting.

Your domain will be listed as one of the Subject Alternative Names (SAN) in the FirebaseApp SSL certificate. "

For Cloud Run, it says something similar. It will generate and manage my SSL certificates. Does anybody have experience with this?

Will this newly generated certificate invalid my current cert? I assume so, and that's ok. I'm only using cloud run for subdomains like api-prod.example.io for my API and app-prod.example.io for my frontend nginx static webserver.

Is their any other considerations of why I should not move over? If I do move over, should I do Firebase instead? I supposed it's:

Firebase + Cloud Run

vs

Cloud Run

vs

GCP LB + Cloud Run + Own Managed Certificate (Current)

Thanks in advance!

Gary Leong
  • 199
  • 1
  • 2
  • 12
  • 2
    "GCP HTTPS LB + Cloud Run". That's all. The certificate are automatically managed by the LB. – guillaume blaquiere Apr 13 '22 at 07:26
  • That's what I'm doing now. I guess I was trying to save money on these forwarding rules :) – Gary Leong Apr 13 '22 at 09:27
  • @GaryLeong I'm pursuing the same goal. Did you ever find a solution? I'm finding that a global LB can cost ~$0.84/day while a regional (us-east-4) LB is reaching ~$1.10/day. This includes LB and cloud armor. It includes Compute Engine: Static IP Charge in the regional. It's surprising that the standard network tier regional LB can cost more then the premium tier global LB. $20-25/month is rather steep for a small personal side-project. Is there possibly a simple, more reasonable solution? – user2704504 May 13 '23 at 18:03
  • 1
    hi, i didn't. i went back to aws for some of the services and kept cloud run for background processes. cloud run in general can get expensive as well if they charge for burst traffic. ( i set my minimum to 0). i also found the billing lack transparency so it was hard to keep using these services on gcp. – Gary Leong May 14 '23 at 22:57

0 Answers0