117 lines
No EOL
3 KiB
Markdown
117 lines
No EOL
3 KiB
Markdown
# Cloud Run Deployment
|
|
|
|
This directory contains deployment configurations for running the Accessible Video Platform on Google Cloud Run.
|
|
|
|
## Files
|
|
|
|
- `cloudbuild.yaml` - Cloud Build configuration for CI/CD
|
|
- `api-service.yaml` - Cloud Run service definition for API
|
|
- `worker-service.yaml` - Cloud Run service definition for Celery workers
|
|
- `main.tf` - Terraform infrastructure as code
|
|
- `terraform.tfvars.example` - Example Terraform variables
|
|
- `deploy.sh` - Manual deployment script
|
|
- `README.md` - This file
|
|
|
|
## Prerequisites
|
|
|
|
1. **Google Cloud Project** with billing enabled
|
|
2. **Required APIs** enabled (script will enable them):
|
|
- Cloud Build API
|
|
- Cloud Run API
|
|
- Container Registry API
|
|
- Secret Manager API
|
|
- Cloud Trace API
|
|
- Cloud Monitoring API
|
|
- Translate API
|
|
- Text-to-Speech API
|
|
- Cloud Storage API
|
|
- AI Platform API
|
|
|
|
3. **Secrets** created in Secret Manager:
|
|
- `mongodb-url` - MongoDB Atlas connection string
|
|
- `redis-url` - Redis connection string (Cloud Memorystore)
|
|
- `jwt-secret` - JWT signing secret
|
|
- `jwt-refresh-secret` - JWT refresh token secret
|
|
- `gemini-api-key` - Google Gemini API key
|
|
- `sendgrid-api-key` - SendGrid API key for emails
|
|
- `elevenlabs-api-key` - ElevenLabs API key for TTS
|
|
- `sentry-dsn` - Sentry error tracking DSN
|
|
|
|
## Deployment Options
|
|
|
|
### Option 1: Terraform (Recommended)
|
|
|
|
```bash
|
|
# Initialize Terraform
|
|
cd infra/cloud-run
|
|
terraform init
|
|
|
|
# Copy and configure variables
|
|
cp terraform.tfvars.example terraform.tfvars
|
|
# Edit terraform.tfvars with your project details
|
|
|
|
# Plan deployment
|
|
terraform plan
|
|
|
|
# Deploy infrastructure
|
|
terraform apply
|
|
```
|
|
|
|
### Option 2: Manual Script
|
|
|
|
```bash
|
|
# Set environment variables
|
|
export PROJECT_ID="your-gcp-project-id"
|
|
export REGION="us-central1"
|
|
|
|
# Run deployment script
|
|
./infra/cloud-run/deploy.sh
|
|
```
|
|
|
|
### Option 3: Cloud Build Trigger
|
|
|
|
Set up a Cloud Build trigger connected to your Git repository that uses `cloudbuild.yaml` for automatic deployments on code changes.
|
|
|
|
## Local Development
|
|
|
|
Use the provided `docker-compose.yml` in the project root:
|
|
|
|
```bash
|
|
# Copy environment file
|
|
cp .env.example .env
|
|
# Edit .env with your development credentials
|
|
|
|
# Start all services
|
|
docker-compose up -d
|
|
|
|
# View logs
|
|
docker-compose logs -f api
|
|
docker-compose logs -f worker
|
|
```
|
|
|
|
## Service Architecture
|
|
|
|
- **API Service**: Handles HTTP requests, authentication, job management
|
|
- Memory: 2Gi, CPU: 2000m
|
|
- Autoscaling: 1-10 instances
|
|
- Public access via HTTPS
|
|
|
|
- **Worker Service**: Processes video files with AI models
|
|
- Memory: 4Gi, CPU: 4000m
|
|
- Autoscaling: 0-5 instances
|
|
- Internal access only
|
|
|
|
## Monitoring
|
|
|
|
Both services include:
|
|
- **OpenTelemetry tracing** exported to Cloud Trace
|
|
- **Prometheus metrics** for monitoring
|
|
- **Sentry error tracking** for error reporting
|
|
- **Health checks** for service reliability
|
|
|
|
## Security
|
|
|
|
- Services run with least-privilege service accounts
|
|
- Secrets managed via Secret Manager
|
|
- No hardcoded credentials in containers
|
|
- Network isolation for worker service |