Google App Engine

From Luis Gallego Hurtado - Not Another IT guy
Jump to: navigation, search

Fully managed serverless application platform, with oppinionated patterns about how the applications is developed, packaged and deployed.

It allows you to build infinitely scalable and high performance apps.

It is integrated with other Google Cloud offerings


  • Logging: Stackdriver provides a logs API and features such as request logs, app logs, shutdown logs, runtime logs, and audit logs
  • Monitoring: Stackdriver Monitoring provides visibility into the performance, uptime, and overall health of cloud-powered applications.
  • Autoscaling: it makes scaling decisions based on multiple metrics, but it only works with managed instance groups.
  • Load balancing: it provides a single anycast IP as front-end for all your backend instances in regions around the world
  • SSL & Domain: it offers globally-distributed SSL endpoints and built-in load balancing to serve your app securely, reliably, and quickly to a worldwide audience.
  • Health checking: it provides health checking mechanisms that determine whether VM instances respond properly to traffic via health checks and legacy health checks

It also allows to split traffic between different versions of a service.

Standard Environment

Application instances run in a sandbox, using the runtime environment of a supported language

It is intended to run for free or at very low cost (free quota).

Instance class determine CPUs, memory, free quota and price per hour. There is also a free quota for storage and traffic.

Use case: Applications that need to deal with rapid scaling.

Second Generation

Offered Runtimes: Python 3, Java 11, Node.js, PHP 7, Ruby, and Go 1.12+.

  • Language extension and system library support: no restrictions.
  • Proprietary Google App engine APIs for cloud services, images, messaging, caching data, indexed document searchs, queues and authentication.
  • Full access to external network.
  • Read/write access to /tmp
  • Unmodified open source runtime.
  • The isolation mechanism is g-visor based container sandbox.

First generation

  • Offered Runtimes: Python 2.7,Java 8, Go 1.11 y PHP 5.5.
  • Language extension and system library support: No restrictions only for Java and Go applications. Rest of applications with whitelisted libraries and extensions.
  • Open source APIs for cloud services, and specific 3rd party provider APIs for images, messaging, caching data, indexed document searchs, queues and authentication.
  • Full access to external network only for Java and Go applications. Rest of applications with URL Fetch API.
  • Read/write access to /tmp only for Java and Go applications. Rest of applications have no access.
  • Modified runtimes
  • The isolation mechanism is proprietary.

Flexible Environment

App Engine flexible environment automatically scales your app up and down while balancing the load. Application instances run within Docker containers on Compute Engine virtual machines (VM), allowing user to customize the runtime and even the operating system of virtual machine using Dockerfiles.

  • Offered Runtimes: Go, Java 8, PHP 5/7, Python 2.7/3.6, .Net, Node.js, Ruby
  • Custom runtimes with any language also supported, through a Docker File. However, application needs to handle certain flexible environment life-cycle and health checking requests.
  • User can use custom libraries, use SSH for debugging, and deploy your own Docker containers.
  • Instances are health-checked, healed as necessary, and co-located with other services within the project.
  • Critical, backwards compatible updates are automatically applied to the underlying operating system.
  • VM instances are automatically located by geographical region according to the settings in your project. Google's management services ensure that all of a project's VM instances are co-located for optimal performance.
  • VM instances are restarted on a weekly basis for manteinance (applying operating system and security updates).
  • You always have root access to Compute Engine VM instances.
  • SSH access to VM instances in the flexible environment is disabled by default. If you choose, you can enable root access to your app's VM instances.

Performance: user can specify how much CPU and memory each instance of application needs and the flexible environment will provision the necessary infrastructure

Use case: Applications that receive consistent traffic, experience regular traffic fluctuations, or meet the parameters for scaling up and down gradually.

Web Security Scanner

Web Security Scans over URLs exposed by Google App Engine

Deployment Process

  1. Uploads source code to Google Cloud Storage
  2. Code is built, so runtime.
  3. Docker container is built.
  4. Image is pushed to Google Container Registry.
  5. A new Google Cloud Load Balancer is created.
  6. It runs the application within 3 availability zones.
  7. A multiple availability zones autoscaler is created.

GCloud CLI

gcloud app deploy <app.yml file>