Overview
Google Cloud Run is a managed compute platform designed for deploying and scaling containerized applications. It operates as a serverless offering, meaning users provide a container image, and Cloud Run handles the underlying infrastructure, including provisioning, scaling, and load balancing. This abstraction allows developers to focus on application code rather than server management. Cloud Run is built on Knative, an open-source project that extends Kubernetes to provide serverless workloads, enabling portability and standardized deployment patterns.
The platform is suitable for a range of use cases, from stateless web applications and APIs to event-driven microservices and background jobs. It supports any programming language or runtime that can be packaged into a container. Cloud Run automatically scales the number of container instances based on incoming requests or events, scaling down to zero when there is no traffic, which contributes to its pay-per-use billing model. This auto-scaling capability helps optimize costs by only charging for resources consumed during active periods.
Cloud Run offers two primary deployment options: Cloud Run (fully managed) and Cloud Run for Anthos. The fully managed option provides a direct path from container to production without Kubernetes expertise, while Cloud Run for Anthos allows deployments to an existing Anthos cluster, offering greater control over the underlying Kubernetes environment for specific operational requirements. Both options leverage the same core container runtime and scaling logic. Developers interact with Cloud Run primarily through the Google Cloud Console, the gcloud CLI, or client libraries for various programming languages, facilitating integration into CI/CD pipelines with services like Cloud Build.
The service integrates with other Google Cloud products, such as Cloud SQL for databases, Cloud Storage for object storage, and Cloud Pub/Sub for messaging. This ecosystem integration allows Cloud Run applications to leverage managed services for common application components, further reducing operational overhead. Security features include identity and access management (IAM) integration, virtual private cloud (VPC) access controls, and automatic TLS for custom domains. The platform's compliance certifications, including SOC 1, 2, and 3, ISO 27001, and GDPR, address enterprise requirements for data governance and regulatory adherence.
Key features
- Container-based deployment: Deploy any application packaged as a Docker container image, supporting polyglot environments and custom runtimes.
- Automatic scaling: Automatically scales instances up or down based on request load, including scaling to zero idle instances to minimize costs.
- Pay-per-use billing: Charged only for the CPU, memory, and network resources consumed during active processing, rather than for allocated server time.
- Managed infrastructure: Google Cloud manages all underlying infrastructure, including servers, networking, and operating system patches, abstracting operational complexity.
- Built-in traffic management: Supports traffic splitting and revision management for blue/green deployments and A/B testing, enabling controlled rollouts.
- Event-driven architecture support: Integrates with Cloud Pub/Sub, Cloud Storage, and other event sources to trigger container instances for processing.
- Custom domain support: Map custom domain names to deployed services with automatic TLS certificate provisioning.
- VPC access: Securely connect Cloud Run services to resources within a Virtual Private Cloud network without exposing them to the public internet.
- Environment variables and secrets: Configure services with environment variables and integrate with Secret Manager for sensitive data.
- Concurrency control: Configure the maximum number of concurrent requests a single container instance can handle, optimizing resource utilization.
Pricing
Google Cloud Run operates on a pay-as-you-go model, with a free tier available. Billing is based on the resources consumed by active container instances, including requests, compute time (vCPU-seconds), memory (GB-seconds), and network egress. Idle containers, when configured to remain active, incur a small charge for allocated memory and CPU. The free tier provides a significant allocation of resources each month before charges apply.
| Resource | Free Tier (per month) | Paid Tier (after free tier, per unit) |
|---|---|---|
| Requests | 2 million | $0.40 per million requests |
| vCPU-seconds (during request processing) | 180,000 | $0.000024 per vCPU-second |
| GB-seconds (during request processing) | 360,000 | $0.0000025 per GB-second |
| GB-seconds (idle, minimum instances) | N/A | $0.00000025 per GB-second |
| Network Egress (to internet) | 1 GiB | Starts at $0.12 per GiB (tier-based) |
For detailed and up-to-date pricing information, refer to the Google Cloud Run pricing page.
Common integrations
- Google Cloud SQL: Connect Cloud Run services to managed relational databases like PostgreSQL, MySQL, and SQL Server for data persistence. Connect Cloud Run to Cloud SQL.
- Google Cloud Storage: Access object storage buckets for static assets, backups, and large file storage directly from Cloud Run applications. Cloud Storage client libraries.
- Google Cloud Pub/Sub: Build event-driven architectures where messages from Pub/Sub topics trigger Cloud Run services. Trigger Cloud Run with Pub/Sub.
- Google Cloud Build: Automate CI/CD pipelines to build container images from source code and deploy them to Cloud Run. Deploy to Cloud Run with Cloud Build.
- Google Cloud Secret Manager: Securely store and access sensitive configuration data and credentials within Cloud Run services. Access secrets from Cloud Run.
- Google Cloud Logging and Monitoring: Automatically collect logs and metrics from Cloud Run services for operational visibility and debugging. Cloud Run logging.
Alternatives
- AWS Fargate: A serverless compute engine for containers that works with Amazon ECS and Amazon EKS, abstracting infrastructure management.
- Azure Container Apps: A serverless container service for microservices and event-driven applications, built on Kubernetes and Dapr.
- Vercel: A platform for frontend frameworks and static sites, offering serverless functions and global deployments for web applications.
- Render: A unified cloud platform for building and running all your apps and websites with fully managed infrastructure, including container services.
- Fly.io: A platform for deploying full-stack apps and databases close to users, offering global application distribution with Docker containers.
Getting started
To get started with Google Cloud Run, you need a Google Cloud project and the gcloud CLI installed. The following example demonstrates deploying a simple Python Flask application containerized with Docker. This example assumes you have a main.py file and a Dockerfile in your project directory.
1. Create a main.py file:
from flask import Flask
import os
app = Flask(__name__)
@app.route('/')
def hello_world():
return 'Hello, Cloud Run from Python!'
if __name__ == '__main__':
app.run(debug=True, host='0.0.0.0', port=int(os.environ.get('PORT', 8080)))
2. Create a Dockerfile in the same directory:
# Use the official Python image as a base image
FROM python:3.9-slim-buster
# Set the working directory in the container
WORKDIR /app
# Copy the current directory contents into the container at /app
COPY . .
# Install any needed packages specified in requirements.txt
# For this example, we'll install Flask directly
RUN pip install Flask gunicorn
# Make port 8080 available to the world outside this container
EXPOSE 8080
# Run the application using Gunicorn
CMD exec gunicorn --bind :$PORT --workers 1 --threads 8 --timeout 0 main:app
3. Build and deploy to Cloud Run:
# Set your Google Cloud project ID
gcloud config set project YOUR_PROJECT_ID
# Build the container image using Cloud Build and push to Container Registry
gcloud builds submit --tag gcr.io/YOUR_PROJECT_ID/my-python-app
# Deploy the container image to Cloud Run
gcloud run deploy my-python-app \
--image gcr.io/YOUR_PROJECT_ID/my-python-app \
--platform managed \
--region us-central1 \
--allow-unauthenticated \
--port 8080
Replace YOUR_PROJECT_ID with your actual Google Cloud Project ID. The --allow-unauthenticated flag makes the service publicly accessible. After deployment, Cloud Run provides a URL where your application is accessible. For more detailed instructions and options, refer to the Google Cloud Run Python quickstart.