search

googlecodelabs / feedback

Provide feedback to our codelabs by filing an issue here
18 stars 22 forks source link

[how-to-configure-cloud-run-service-direct-vpc-egress]: Missing steps #1399

Open david-codento opened 4 months ago

david-codento commented 4 months ago

This CodeLab: https://codelabs.developers.google.com/codelabs/how-to-configure-cloud-run-service-direct-vpc-egress#0 did not work for me until I added two steps:

  1. At the start of "4. Set the Backend Service for internal ingress only", you must enable the Compute Engine API, otherwise you get this error message:
david_price@cloudshell:~/internal-codelab/frontend (eighth-surfer-377814)$ gcloud beta run services update $FRONTEND \
--network=default \
--subnet=default \
--vpc-egress=all-traffic \
--region=$REGION
X  Deploying...                                                                                                                                                                                                                                                                             
  -  Creating Revision...                                                                                                                                                                                                                                                                   
  .  Routing traffic...                                                                                                                                                                                                                                                                     
Deployment failed                                                                                                                                                                                                                                                                           
ERROR: (gcloud.beta.run.services.update) Revision 'frontend-00002-f9t' is not ready and cannot serve traffic. Access to the subnetwork default is not allowed.
  1. In "5. Configure the Frontend Service to access the VPC", enable Private Google Access on the subnet 'default'. This is consistent with the documentation linked to from the Code Lab: https://cloud.google.com/run/docs/securing/private-networking?&_ga=2.48733540.-356232667.1706200706#from-other-services

Something I didn't check: now that Direct VPC Egress is GA, do we still need to use the 'gcloud beta' command? At least it worked.