Skip to content

feat(gcp): implement Cloud Run deployment with HTTPS Load Balancer and Private Networking#6

Merged
benjamin-747 merged 2 commits intogitmono-dev:mainfrom
WiedersehenM:feat/gcp-cloudrun-lb-certmanager
Feb 9, 2026
Merged

feat(gcp): implement Cloud Run deployment with HTTPS Load Balancer and Private Networking#6
benjamin-747 merged 2 commits intogitmono-dev:mainfrom
WiedersehenM:feat/gcp-cloudrun-lb-certmanager

Conversation

@WiedersehenM
Copy link
Contributor

@WiedersehenM WiedersehenM commented Feb 6, 2026

Summary

This PR transitions the GCP deployment from GKE to a fully managed Cloud Run architecture. It introduces a modular HTTPS Load Balancer with Certificate Manager support, enabling a secure, scalable, and low-maintenance environment for Mega. Key features include host/path-based routing, private connectivity to Cloud SQL/Redis via VPC Connector, and support for Google-managed SSL certificates.

Key Changes

Compute & Routing

  • Cloud Run Integration: Deploys mega-backend (mono) and mega-ui (Next.js) as independent Cloud Run services.
  • HTTPS Load Balancer: Implemented a Global External HTTPS Load Balancer using Serverless NEGs.
  • Smart Routing:
    • Routes /api/v1/* and /info/lfs/* (Git LFS) to the backend.
    • Routes all other traffic (/*) to the UI.
    • Supports custom domain binding (default: buck2hub.com).

Networking & Security

  • Private Networking: Added Serverless VPC Access Connector to allow Cloud Run services to reach Cloud SQL and Redis over private IPs.
  • Certificate Manager: Integrated Google-managed SSL certificates with DNS Authorization support.
  • Infrastructure as Code: Fixed Terraform compatibility issues for google provider v7+ (variable blocks and dynamic "env" blocks).

Documentation & Config

  • English README: Updated the deployment guide to English and aligned it with the new Cloud Run workflow.
  • Examples: Updated terraform.tfvars.example with Cloud Run, LB, and ECR Public image configurations.

@WiedersehenM
feat(gcp): add HTTPS LB routing config for Cloud Run (NEG + URL map)
8c5ca8f 
- Introduce a load balancer module to create Serverless NEGs and backend services for Cloud Run
- Add URL map host/path routing for buck2hub.com with explicit LFS prefixes (/api/v1, /info/lfs)
- Wire LB module into gcp/prod and expose outputs for LB IP and DNS authorization records
- Update prod variables and tfvars example for domain and routing settings

Signed-off-by: Hongze Gao <15101764808@163.com>
@WiedersehenM
docs(gcp): optimize tfvars layout and add public Cloud SQL test config
3a117dd 
- Add a commented-out example for public Cloud SQL access during testing

Signed-off-by: Hongze Gao <15101764808@163.com>
@WiedersehenM
Copy link
Contributor Author

WiedersehenM commented Feb 6, 2026

  • 补充 Cloud SQL 公网测试配置
    • 增加一段注释示例,用于测试时通过公网连接 Cloud SQL:
      • cloud_sql_enable_private_service_connection = false
      • cloud_sql_enable_public_ip = true
  • 增加切换说明
    • 在注释中明确说明:若要开启公网测试,需要将上方的 enable_private_networking 设置为 false,避免与私网模式配置冲突。

@benjamin-747 benjamin-747 added this pull request to the merge queue Feb 9, 2026
Merged via the queue into gitmono-dev:main with commit 9c640be Feb 9, 2026
1 check failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@benjamin-747 benjamin-747 benjamin-747 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@WiedersehenM @benjamin-747