I deployed a service on Cloud Run on Anthos GKE cluster with internal only VPC access. This service should not be exposed externally to the public.
Deployment was successful. But the domain name mapping for the service is by default providing the GKE cluster external IP. This kind of beats the purpose of deploying the service on Anthos to limit the access to internal VPC.
I did some workaround by creating a Cloud DNS with private zone and created record with Cloud Run mapping of the subdomain and assigned the GKE internal IP for the service.
In the cloud run, the service is mapped to the domain mapping but with the external IP. The domain validation fails as there are no external DNS record updated for the subdomain.
But, now I can access the service internally, but the stackdriver log for cloud run service doesn't show the calls made internally.
Best answer by iliasView original
You can view logs for your service in 2 ways:
Both of these viewing methods examine the same logs stored in Cloud Logging, but the Cloud Logging Logs Explorer provides more details and more filtering capabilities.
Viewing logs in Cloud Run
To view logs in the Cloud Run page:
Go to Cloud Run
Click the desired service in the displayed list.
Click the LOGS tab to get the request and container logs for all revisions of this service. You can filter by log severity level.
Viewing logs in Cloud Logging
To view your Cloud Run logs in the Cloud Logging Logs Explorer:
Go to the Logs Explorer page in the Cloud Console:
Go to the Logs Explorer page
Select an existing Google Cloud project at the top of the page, or create a new project.
Using the drop-down menus, select the resource Cloud Run Revision.
For more information, read Viewing logs on Google Cloud's operations suite Logging.
Have you tried them? Are they working? If not, what is the message you get? Can you share a screenshot?
Hi Elias, thanks for your suggestions. I kind of ditched Anthos for Cloud Run and just using fully managed. Unfortunately my account manager from google who is supposed to help is gone AWOL.