CODEWITHSUNDEEP
google-cloud-platformterraformgoogle-cloud-runterraform-provider-gcp
Aniket
Aniket

Reputation: 545

Want to deploy a Google Cloud Run service via Terraform

I want to deploy a google cloud run service using terraform. When I try to deploy via 'port' block for defining the container port, getting error, I have to pass the container port from template tag but unable to do that. Here is my .tf file -

resource "google_cloud_run_service" "default" {
  name     = "cloudrun-srv"
  location = "us-central1"

  template {
    spec {
      containers {
        image = "us.gcr.io/xxxxxx/xxxx.app"

        port {
          container_port = 19006
        }
      }
    }
  }

  traffic {
    percent         = 100
    latest_revision = true
  }
}

data "google_iam_policy" "noauth" {
  binding {
    role = "roles/run.invoker"
    members = [
      "allUsers",
    ]
  }
}

resource "google_cloud_run_service_iam_policy" "noauth" {
  location    = google_cloud_run_service.default.location
  project     = google_cloud_run_service.default.project
  service     = google_cloud_run_service.default.name

  policy_data = data.google_iam_policy.noauth.policy_data
}

output "url" {
  value = "${google_cloud_run_service.default.status[0].url}"
}

With the port tag, here is the error -enter image description here

And if I not pass the Port block, here is the error - enter image description here

I have to pass the container port value as 19006 because of my container is running on that port only. How I pass the container port 19006 instead of default port 8080. enter image description here

Upvotes: 2

Views: 5133

Answers (3)

Xut
Xut

Reputation: 43

I needed to expose port 9000 and solved it this way:

resource "google_cloud_run_service" "service" {
  ...
  template {
    spec {
      containers {
        ...
        ports {
          container_port = 9000
        }
      }
    }
  }
}

Upvotes: 0

nicstella
nicstella

Reputation: 338

The block should be ports (i.e. plural), not port

Upvotes: 3

Kolban
Kolban

Reputation: 15276

I had a look at REST API exposed by Google for creating a Cloud Run service.

This starts with the entry here:

POST https://{endpoint}/apis/serving.knative.dev/v1/{parent}/services

where the body contains a Service.

which contains a ServiceSpec

which contains a RevisionRemplate

which contains a RevisionSpec

which contains a Container

which contains a ContainerPort

If we now map this to the source of the Terraform extension to handle creation of Cloud Run Services, we find:

https://github.com/terraform-providers/terraform-provider-google/blob/2dc3da62e3844d14fb2136e09f13ea934b038411/google/resource_cloud_run_service.go#L90

and in the comments, we find the following:

In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md

While name and volumeMounts seems ok to me at this point, I'm not sensing the reason that ports are not mapped.

From this though, I seem to see that the inability to specify a port through Terraform seems to be explicit as opposed to an omission. I also seem to see that the ability to specify a port is indeed present in the REST API at Google.

I was then going to suggest that you raise a defect through Github but then wondered if it was already present. I did some digging and there is already a request for the missing feature:

Allow specifying 'container_port' and 'request_timeout' for google_cloud_run_service

My belief is that the core answer to your question then becomes:

What you are trying to do should work with Terraform and has been raised as an issue and we must wait for the resolution in the Terraform provider.

Upvotes: 5

Related Questions