Service
Service acts as a top-level container that manages a set of configurations and revision templates which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. To get more information about Service, see:
How-to Guides
Example Usage
Cloudrunv2 Service Basic
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.cloudrunv2.Service;
import com.pulumi.gcp.cloudrunv2.ServiceArgs;
import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Service("default", ServiceArgs.builder()
.ingress("INGRESS_TRAFFIC_ALL")
.location("us-central1")
.template(ServiceTemplateArgs.builder()
.containers(ServiceTemplateContainerArgs.builder()
.image("us-docker.pkg.dev/cloudrun/container/hello")
.build())
.build())
.build());
}
}Cloudrunv2 Service Sql
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.secretmanager.Secret;
import com.pulumi.gcp.secretmanager.SecretArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;
import com.pulumi.gcp.secretmanager.SecretVersion;
import com.pulumi.gcp.secretmanager.SecretVersionArgs;
import com.pulumi.gcp.sql.DatabaseInstance;
import com.pulumi.gcp.sql.DatabaseInstanceArgs;
import com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;
import com.pulumi.gcp.cloudrunv2.Service;
import com.pulumi.gcp.cloudrunv2.ServiceArgs;
import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;
import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateScalingArgs;
import com.pulumi.gcp.cloudrunv2.inputs.ServiceTrafficArgs;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
import com.pulumi.gcp.secretmanager.SecretIamMember;
import com.pulumi.gcp.secretmanager.SecretIamMemberArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var secret = new Secret("secret", SecretArgs.builder()
.secretId("secret-1")
.replication(SecretReplicationArgs.builder()
.automatic(true)
.build())
.build());
var secret_version_data = new SecretVersion("secret-version-data", SecretVersionArgs.builder()
.secret(secret.name())
.secretData("secret-data")
.build());
var instance = new DatabaseInstance("instance", DatabaseInstanceArgs.builder()
.region("us-central1")
.databaseVersion("MYSQL_5_7")
.settings(DatabaseInstanceSettingsArgs.builder()
.tier("db-f1-micro")
.build())
.deletionProtection("true")
.build());
var default_ = new Service("default", ServiceArgs.builder()
.location("us-central1")
.ingress("INGRESS_TRAFFIC_ALL")
.template(ServiceTemplateArgs.builder()
.scaling(ServiceTemplateScalingArgs.builder()
.maxInstanceCount(2)
.build())
.volumes(ServiceTemplateVolumeArgs.builder()
.name("cloudsql")
.cloudSqlInstance(ServiceTemplateVolumeCloudSqlInstanceArgs.builder()
.instances(instance.connectionName())
.build())
.build())
.containers(ServiceTemplateContainerArgs.builder()
.image("us-docker.pkg.dev/cloudrun/container/hello")
.envs(
ServiceTemplateContainerEnvArgs.builder()
.name("FOO")
.value("bar")
.build(),
ServiceTemplateContainerEnvArgs.builder()
.name("SECRET_ENV_VAR")
.valueSource(ServiceTemplateContainerEnvValueSourceArgs.builder()
.secretKeyRef(ServiceTemplateContainerEnvValueSourceSecretKeyRefArgs.builder()
.secret(secret.secretId())
.version("1")
.build())
.build())
.build())
.volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()
.name("cloudsql")
.mountPath("/cloudsql")
.build())
.build())
.build())
.traffics(ServiceTrafficArgs.builder()
.type("TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST")
.percent(100)
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(secret_version_data)
.build());
final var project = OrganizationsFunctions.getProject();
var secret_access = new SecretIamMember("secret-access", SecretIamMemberArgs.builder()
.secretId(secret.id())
.role("roles/secretmanager.secretAccessor")
.member(String.format("serviceAccount:%s-compute@developer.gserviceaccount.com", project.applyValue(getProjectResult -> getProjectResult.number())))
.build(), CustomResourceOptions.builder()
.dependsOn(secret)
.build());
}
}Cloudrunv2 Service Vpcaccess
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.Network;
import com.pulumi.gcp.compute.NetworkArgs;
import com.pulumi.gcp.compute.Subnetwork;
import com.pulumi.gcp.compute.SubnetworkArgs;
import com.pulumi.gcp.vpcaccess.Connector;
import com.pulumi.gcp.vpcaccess.ConnectorArgs;
import com.pulumi.gcp.vpcaccess.inputs.ConnectorSubnetArgs;
import com.pulumi.gcp.cloudrunv2.Service;
import com.pulumi.gcp.cloudrunv2.ServiceArgs;
import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;
import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateVpcAccessArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var customTestNetwork = new Network("customTestNetwork", NetworkArgs.builder()
.autoCreateSubnetworks(false)
.build());
var customTestSubnetwork = new Subnetwork("customTestSubnetwork", SubnetworkArgs.builder()
.ipCidrRange("10.2.0.0/28")
.region("us-central1")
.network(customTestNetwork.id())
.build());
var connector = new Connector("connector", ConnectorArgs.builder()
.subnet(ConnectorSubnetArgs.builder()
.name(customTestSubnetwork.name())
.build())
.machineType("e2-standard-4")
.minInstances(2)
.maxInstances(3)
.region("us-central1")
.build());
var default_ = new Service("default", ServiceArgs.builder()
.location("us-central1")
.template(ServiceTemplateArgs.builder()
.containers(ServiceTemplateContainerArgs.builder()
.image("us-docker.pkg.dev/cloudrun/container/hello")
.build())
.vpcAccess(ServiceTemplateVpcAccessArgs.builder()
.connector(connector.id())
.egress("ALL_TRAFFIC")
.build())
.build())
.build());
}
}Cloudrunv2 Service Probes
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.cloudrunv2.Service;
import com.pulumi.gcp.cloudrunv2.ServiceArgs;
import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Service("default", ServiceArgs.builder()
.location("us-central1")
.template(ServiceTemplateArgs.builder()
.containers(ServiceTemplateContainerArgs.builder()
.image("us-docker.pkg.dev/cloudrun/container/hello")
.livenessProbe(ServiceTemplateContainerLivenessProbeArgs.builder()
.httpGet(ServiceTemplateContainerLivenessProbeHttpGetArgs.builder()
.path("/")
.build())
.build())
.startupProbe(ServiceTemplateContainerStartupProbeArgs.builder()
.failureThreshold(1)
.initialDelaySeconds(0)
.periodSeconds(3)
.tcpSocket(ServiceTemplateContainerStartupProbeTcpSocketArgs.builder()
.port(8080)
.build())
.timeoutSeconds(1)
.build())
.build())
.build())
.build());
}
}Cloudrunv2 Service Secret
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.secretmanager.Secret;
import com.pulumi.gcp.secretmanager.SecretArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;
import com.pulumi.gcp.secretmanager.SecretVersion;
import com.pulumi.gcp.secretmanager.SecretVersionArgs;
import com.pulumi.gcp.cloudrunv2.Service;
import com.pulumi.gcp.cloudrunv2.ServiceArgs;
import com.pulumi.gcp.cloudrunv2.inputs.ServiceTemplateArgs;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
import com.pulumi.gcp.secretmanager.SecretIamMember;
import com.pulumi.gcp.secretmanager.SecretIamMemberArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var secret = new Secret("secret", SecretArgs.builder()
.secretId("secret-1")
.replication(SecretReplicationArgs.builder()
.automatic(true)
.build())
.build());
var secret_version_data = new SecretVersion("secret-version-data", SecretVersionArgs.builder()
.secret(secret.name())
.secretData("secret-data")
.build());
var default_ = new Service("default", ServiceArgs.builder()
.location("us-central1")
.ingress("INGRESS_TRAFFIC_ALL")
.template(ServiceTemplateArgs.builder()
.volumes(ServiceTemplateVolumeArgs.builder()
.name("a-volume")
.secret(ServiceTemplateVolumeSecretArgs.builder()
.secret(secret.secretId())
.defaultMode(292)
.items(ServiceTemplateVolumeSecretItemArgs.builder()
.version("1")
.path("my-secret")
.mode(256)
.build())
.build())
.build())
.containers(ServiceTemplateContainerArgs.builder()
.image("us-docker.pkg.dev/cloudrun/container/hello")
.volumeMounts(ServiceTemplateContainerVolumeMountArgs.builder()
.name("a-volume")
.mountPath("/secrets")
.build())
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(secret_version_data)
.build());
final var project = OrganizationsFunctions.getProject();
var secret_access = new SecretIamMember("secret-access", SecretIamMemberArgs.builder()
.secretId(secret.id())
.role("roles/secretmanager.secretAccessor")
.member(String.format("serviceAccount:%s-compute@developer.gserviceaccount.com", project.applyValue(getProjectResult -> getProjectResult.number())))
.build(), CustomResourceOptions.builder()
.dependsOn(secret)
.build());
}
}Import
Service can be imported using any of these accepted formats
$ pulumi import gcp:cloudrunv2/service:Service default projects/{{project}}/locations/{{location}}/services/{{name}}$ pulumi import gcp:cloudrunv2/service:Service default {{project}}/{{location}}/{{name}}$ pulumi import gcp:cloudrunv2/service:Service default {{location}}/{{name}}Properties
KRM-style annotations for the resource. (Optional) Unstructured key value map that may be set by external tools to store and arbitrary metadata. They are not queryable and should be preserved when modifying objects. Cloud Run will populate some annotations using 'run.googleapis.com' or 'serving.knative.dev' namespaces. This field follows Kubernetes annotations' namespacing, limits, and rules. More info: https://kubernetes.io/docs/user-guide/annotations
KRM-style labels for the resource. (Optional) Map of string keys and values that can be used to organize and categorize objects. User-provided labels are shared with Google's billing system, so they can be used to filter, or break down billing charges by team, component, environment, state, etc. For more information, visit https://cloud.google.com/resource-manager/docs/creating-managing-labels or https://cloud.google.com/run/docs/configuring/labels Cloud Run will populate some labels with 'run.googleapis.com' or 'serving.knative.dev' namespaces. Those labels are read-only, and user changes will not be preserved.
Returns true if the Service is currently being acted upon by the system to bring it into the desired state. When a new Service is created, or an existing one is updated, Cloud Run will asynchronously perform all necessary steps to bring the Service to the desired serving state. This process is called reconciliation. While reconciliation is in process, observedGeneration, latest_ready_revison, trafficStatuses, and uri will have transient values that might mismatch the intended state: Once reconciliation is over (and this field is false), there are two possible outcomes: reconciliation succeeded and the serving state matches the Service, or there was an error, and reconciliation failed. This state can be found in terminalCondition.state. If reconciliation succeeded, the following fields will match: traffic and trafficStatuses, observedGeneration and generation, latestReadyRevision and latestCreatedRevision. If reconciliation failed, trafficStatuses, observedGeneration, and latestReadyRevision will have the state of the last serving revision, or empty for newly created Services. Additional information on the failure can be found in terminalCondition and conditions.