Direct VPC egress on Google Cloud Run is now available
Direct VPC egress
Google Cloud is introducing Direct VPC egress for Google Cloud Run to the general public (GA). With the help of this functionality, traffic from your Cloud Run resources can reach a VPC network directly, saving time and money by avoiding the need for proxying via Serverless VPC Access connectors.
Actually, with up to 1 GB per second per instance, Direct VPC egress offers around twice the throughput of both VPC connectors and the standard Google Cloud Run internet egress method. Direct VPC egress enables greater throughput and lower latency for performance-sensitive apps, whether you’re delivering traffic to destinations on the VPC, to other Google Cloud services like Cloud Storage, or to other destinations on the public internet.
Cloud Run
What has changed since the teaser
Notable enhancements and additions:
Direct VPC egress is now supported in all regions where Google Cloud Run is accessible.
Now, under quota management, every Google Cloud Run service revision with Direct VPC can scale to more than 100 instances. If you require even greater scalability, there is a defined procedure for requesting quota increases.
Direct VPC egress traffic is now included in VPC Flow Logs and Firewall Rules Logging, and Cloud NAT is supported.
The primary concerns raised by Google Cloud preview users particularly bigger clients with complex networking, scalability, and security needs are addressed in these changes.
Google cloud Run
Encrypting Data Between Cloud Run and VPC
To create communication between Cloud Run Google Cloud Run and VPC resources prior to Direct VPC Egress, developers used SVPC. SVPC was useful, but it had a number of drawbacks.
Management Overhead: For developers, setting up and overseeing connection virtual machines (VMs) inside the VPC for SVPC introduced a new level of complexity.
Scalability Restrictions: Due to the limited number of outgoing connections available on SVPC connectors, applications with large concurrent traffic demands were hampered.
Cost Incurrence: Using connection virtual machines (VMs) led to ongoing expenses, even in times when application activity was minimal.
These restrictions made it difficult for Google Cloud Run apps to seamlessly integrate with private and protected resources inside a VPC.
Direct VPC Egress
A Simplified Approach
Direct VPC Egress, a game-changing method of tying Google Cloud Run services to VPC resources, was introduced in 2023 and is currently generally accessible. It eschews the requirement for overseeing connection virtual machines and yields several significant advantages:
Simplified Configuration
Connector virtual machines are a thing of the past. Developers may concentrate on creating their apps because Direct VPC egress makes it easy to enable access to a particular VPC network with little effort.
Improved Scalability
Direct VPC egress makes use of the strong internal network fabric of Google Cloud. This feature makes Google Cloud Run instances perfect for applications with high traffic volumes since it gives them access to a large pool of outbound connections.
Direct VPC egress uses a pay-per-use paradigm for cost optimisation. There is no set cost involved in running connection virtual machines in SVPC; instead, you simply pay for the resources that your Cloud Run service uses.
Enhanced Security
Routing internet traffic is a part of traditional cloud run egress, which may be vulnerable to breaches. By keeping all communication inside Google Cloud’s secure internal network, direct VPC egress reduces potential security issues.
Granular Control
Revisions of Cloud Run may be associated with network tags. This gives developers the ability to create fine-grained network access control, specifying exactly which VPC resources particular versions are allowed to access.
Direct VPC Egress Operates
Your Cloud Run instances are assigned internal IP addresses within the specified VPC network by Google Cloud when you enable Direct VPC egress on a Cloud Run service. These instances can then immediately connect to resources in the VPC over secure networks. This promotes a more secure and effective communication channel and removes internet egress traffic.
Realising Potential
Applications of Direct VPC Egress
Direct VPC egress provides access to private resources inside a VPC for a variety of applications. The following are some strong use cases:
Database Connectivity
To facilitate data persistence and retrieval within your secure environment, Cloud Run services can establish direct connections with databases housed inside a VPC.
Interaction Between Internal Microservices
Cloud Run services are able to communicate with other microservices that are set up inside the VPC. This makes it possible for microservices to work together effectively without sacrificing security in a well-integrated and safe application architecture.
Data stored in private buckets or databases inside the VPC can be accessed and processed by Cloud Run services using secure data processing pipelines. This reduces the possibility of unauthorised access by guaranteeing that data is safely segregated throughout the processing pipeline.
Machine Learning Workflows
Models and training data are safely stored inside a VPC, and this is accessible to Cloud Run services. As a result, safe and effective machine learning workflows are promoted, with data security maintained during the training and deployment phases.
Launching Direct VPC Egress
A Smooth Transition
YAML files, the Google Cloud Console, and the Google Cloud CLI are some of the ways that direct VPC egress can be configured. Here’s a condensed rundown of the procedure:
Add the VPC network and subnet that your service needs access to in your Cloud Run service setup to enable direct VPC egress.
Ascertain Permissions
Make sure the service account linked to your Cloud Run service has the authorizations required to utilise the selected VPC resources.
Deploy Your Service
With the Direct VPC egress configuration enabled, deploy your Cloud Run service. To ensure smooth operation, test connectivity to make sure your Cloud Run service can properly communicate with the required VPC resources.
Security Aspects
It’s important to follow security best practices even though Direct VPC egress provides a secure method of connecting Cloud Run services to VPC resources:
Read more on govindhtech.com
0 notes
Thoughts on the mgsv parasites
I think for the "I'm no snail" revelation to work better there should have been some other behavior altering affects from the parasites beforehand. Something mild so the twist still works but isn't out of the blue.
SO hear me out. A VCP (vocal chord parasite) infection is reverse rabies.
Rabies spreads by migrating into the salivary glands, then triggering salivation and causing disorientation and extreme anxiety to the host. Since it's hosts are wild animals, their reaction to this anxiety is to become fearfully aggressive and erratic, making them likely to bite, spreading the infection.
But this strategy doesn't work with humans. We don't use our mouths as weapons, we use them to connect with each other, to talk.
Codetalker speculates that VCPs co-evolved alongside us and aided early humans in socialization and finding mates. It makes sense. The parasites lay dormant until they are awoken by speech, which indicates that another human is nearby, and start reproducing. Perhaps the eggs of these early parasites couldn't float in airborne particles and had to be transferred directly via kissing.
This could explain why they don't affect prepubescent humans. Reproducing in a host that won't be spreading them is a waste of the parasite's resources. Perhaps even though these modern parasites can spread through airborne droplets, they still have this evolutionary holdover.
So back to the reverse rabies thing. What if instead of anxiety, the VCPs had a mood boosting effect, relaxing the host and encouraging them to seek out socialization. People talking, laughing, just hanging out and breathing next to eachother, especially indoors, would spread those infected moisture particles. This would allow VCPs to infect new hosts more effectively than other airborne viruses.
So what if there was a boost in morale ahead of every outbreak? Everything seems to be going exceptionally well until suddenly people start dying.
This way the reveal that the parasites have even more ways to manipulate their hosts would be more plausible.
8 notes
·
View notes
hi hello 4 and 11 for the blb fic rec memes??
4. a fic that defined a mechanic for me
I'm actually having trouble thinking of something for this because I feel like the way I interpret a lot of the mechanics can't be pinpointed to any one specific fic? But what comes to mind is one that I've never properly touched on myself or even seen written basically ever outside of future artifacts: how Repeating works! There's always so much focus on the effects of Jaylen's debt when it comes to Unstable and Flickering, and since Repeating is perfectly harmless, seeing the results of her beaning players and making them repeat just isn't something that ever gets covered. But VCP does that in this fic! It's portrayed as a very unsettling experience, experiencing time non-linearly, sort of like a time loop or being displaced in time, which is really interesting to think about! It's not the main focus of the fic but I think it definitely adds a lot to it.
11. a fic that wasn’t about my team but i read it anyway and fell in love
I’ll read basically anything regardless of team, so there are a ton of things I could answer for this one, but I'll go with The Breckenridge Case Files, because there are hardly any Jands fics out there and they’re a team I know relatively little about. This is a lovely epistolary fic told in letters to and from Liquid Friend, and I really enjoyed getting a look at players and team culture that I wasn't very familiar with! There's a lot of personality in this one, it's fun and bittersweet and has great characterization and I just really enjoyed it a lot!
4 notes
·
View notes