Cloud Run is a service that lets you deploy container images without worrying about the underlying servers or infrastructure. It is called with cr_run(), or you can automate a deployment via cr_deploy_run().

If you would like to have your R code react in realtime to events such as HTTP or Pub/Sub events, such as a website or API endpoint, Cloud Run is a good fit.

If you want to run scripts that can be triggered one time, setup to trigger on GitHub events or pub/sub, or scheduled using Cloud Scheduler then Cloud Build is more suited to your use case.

Quickstart - plumber API

  1. Make an R API via plumber that contains entry file api.R. You can use the demo example in system.file("example", package="googleCloudRunner") if you like, which is reproduced below:
#' @get /
#' @html
function(){
  "<html><h1>It works!</h1></html>"
}


#' @get /hello
#' @html
function(){
  "<html><h1>hello world</h1></html>"
}

#' Echo the parameter that was sent in
#' @param msg The message to echo back.
#' @get /echo
function(msg=""){
  list(msg = paste0("The message is: '", msg, "'"))
}

#' Plot out data from the iris dataset
#' @param spec If provided, filter the data to only this species (e.g. 'setosa')
#' @get /plot
#' @png
function(spec){
  myData <- iris
  title <- "All Species"

  # Filter if the species was specified
  if (!missing(spec)){
    title <- paste0("Only the '", spec, "' Species")
    myData <- subset(iris, Species == spec)
  }

  plot(myData$Sepal.Length, myData$Petal.Length,
       main=title, xlab="Sepal Length", ylab="Petal Length")
}
  1. Create a Dockerfile for the API - see bottom of page for how to do this automatically with https://o2r.info/containerit/

The example folder has this Dockerfile:

FROM gcr.io/gcer-public/googlecloudrunner:master
COPY ["./", "./"]
ENTRYPOINT ["R", "-e", "pr <- plumber::plumb(commandArgs()[4]); pr$run(host='0.0.0.0', port=as.numeric(Sys.getenv('PORT')))"]
CMD ["api.R"]
  1. Deploy via the cr_deploy_plumber() function:
library(googleCloudRunner)

my_plumber_folder <- system.file("example", package="googleCloudRunner")
cr <- cr_deploy_plumber(my_plumber_folder)
#2019-11-12 10:34:29 -- File size detected as 903 bytes
#2019-11-12 10:34:31> Cloud Build started - logs: 
#https://console.cloud.google.com/gcr/builds/40343fd4-6981-41c3-98c8-f5973c3de386?project=1080525199262

#Waiting for build to finish:
# |===============||
#Build finished
#2019-11-12 10:35:43> Deployed to Cloud Run at: 
#https://cloudrunnertest2-ewjogewawq-ew.a.run.app
#==CloudRunService==
#name:  cloudrunnertest2 
#location:  europe-west1 
#lastModifier:  1080525199262@cloudbuild.gserviceaccount.com 
#containers:  gcr.io/mark-edmondson-gde/cloudrunnertest2 
#creationTimestamp:  2019-11-12T10:35:19.993128Z 
#observedGeneration:  1 
#url:  https://cloudrunnertest2-ewjogewawq-ew.a.run.app 
  1. Enjoy your API

RStudio Gadget - deploy plumber script

If you are using RStudio, installing the library will enable an RStudio Addin that can be called after you have setup the library as per the setup page.

It includes a Shiny gadget that you can call via the Addin menu in RStudio, via googleCloudRunner::cr_deploy_gadget() or assigned to a hotkey (I use CTRL+SHIFT+D).

This sets up a Shiny UI to help smooth out deployments as pictured:

What did it do?

Deployment via cr_deploy_plumber() automated these steps:

  1. Uploads the Dockerfile and your api.R file to your Google Cloud Storage bucket
  2. Creates a Cloud Build job for building the files uploaded to the GCS bucket, and pushes the Docker images to Google Container Registry
  3. Deploys that container to Cloud Run

It will launch a browser showing the build on Cloud Build, or you can wait for progress in your local R session. Upon successfully deployment it gives you a CloudRunService object with details of the deployment.

All the above stages can be customised for your own purposes, using the functions explained below.

Customising Cloud Run deployments

The Cloud Run API is not called directly when deploying - instead a Cloud Build is created for deployment. cr_run creates a cloudbuild that make a cloud build including cr_buildstep_run().

You can build the deployment yourself by using cr_buildstep_run() within your own cr_build(). This may cover things like downloading encrypted resources necessary for a build, running other code etc.

If you have an existing image you want to deploy on Cloud Run (usually one that serves up HTTP content, such as a website or via library(plumber)) then you only need to supply that image to deploy:

cr_run("gcr.io/my-project/my-image")

Cloud Run needs specific ports available in your container, so you may want to consult the documentation if you do - in particular look at the container contract which specifies what the Docker container requirements are.

If you want to do the common use case of building the container first before deployment to Cloud Run, you can do so by using the helper cr_deploy_docker():

cr_deploy_docker("my-image")

cr_run("gcr.io/my-project/my-image")

If you want this in the same Cloud Build, then this is available via the buildsteps cr_buildstep_docker() and cr_buildstep_run().

Cloud Run deployment functions

  • cr_deploy_run() wraps the steps described above to build the Dockerfile, and deploy it to Cloud Run, setting authentication as needed.

  • cr_deploy_plumber() adds checks for plumber API files. You need to make sure you have an api.R file in the deployment folder you provide, that will hold plumber code.

  • cr_deploy_html() adds steps to deploy a nginx web server ready to serve the HTML files you supply.

Pub/Sub

Pub/Sub is a messaging service used throughout GCP to transfer messages to services. For instance, Cloud Storage objects being created, logging filter conditions, BigQuery table updates. It is useful to be able to react to these messages with R code which Cloud Run + Plumber enables by providing a HTTP endpoint for push Pub/Sub subscriptions.

A helper function is included with googleCloudRunner that decodes the standard pub/sub message into an R object. To use place the below function into your plumber script and deploy:

pub <- function(x){paste("Echo:", x)}

#' Recieve pub/sub message
#' @post /pubsub
#' @param message a pub/sub message
function(message=NULL){
  googleCloudRunner::cr_plumber_pubsub(message, pub)
}

The pub() function can be any R code you like, so you can change it to trigger an analysis or other R tasks. The data within a pubsub message can also be used as a parameter to your code, such as an object name or timestamp of when the event fired. An example if also in the use case section of the website

Creating a Dockerfile with containerit

containerit is not yet on CRAN so can’t be packaged with the CRAN version of googleCloudRunner but its a useful package to work with since it auto-creates Dockerfiles from R files.

To install it use remotes::install_github("o2r-project/containerit")

See containerits website for more details on how to use it.

An example of using it to help create plumber Dockerfiles is below:

library(containerit)
cr_dockerfile_plumber <- function(deploy_folder, ...){
  docker <- dockerfile(
      deploy_folder,
      image = "trestletech/plumber",
      offline = FALSE,
      cmd = Cmd("api.R"),
      maintainer = NULL,
      copy = list("./"),
      container_workdir = NULL,
      entrypoint = Entrypoint("R",
                       params = list(
        "-e",
       "pr <- plumber::plumb(commandArgs()[4]); pr$run(host='0.0.0.0', port=as.numeric(Sys.getenv('PORT')))")
       ),
      filter_baseimage_pkgs = FALSE,
      ...))

  write_to <- file.path(deploy_folder, "Dockerfile")
  
  write(docker, file = write_to)

  assert_that(
    is.readable(write_to)
  )

  message("Written Dockerfile to ", write_to, level = 3)
  print(docker)
  docker

}

Deploying Shiny to Cloud Run

Due to Shiny’s stateful nature, Cloud Run is not a perfect fit for Shiny but it can be configured to run Shiny apps that scale to 0 (e.g. no cost) up to 80 connections at once to one instance. The one instance is necessary to avoid requests being sent to another Shiny container instance and losing the user session. Shiny also needs to have certain websocket features disabled.

This means you can’t scale to a billion like other Cloud Run apps, and need to keep an eye on the load of the Shiny app (which will depend on your code) to see if 80 connections are too much for the CPU and Memory you assign to the Cloud Run instance. However this should still be a good fit for a lot of data science applications.

A minimal working example has been created by @randy3k here: https://github.com/randy3k/shiny-cloudrun-demo which can be deployed to Cloud Run via a fork here:

library(googleCloudRunner)

# a repo with the Dockerfile template
repo <- cr_buildtrigger_repo("MarkEdmondson1234/shiny-cloudrun-demo")

# deploy a cloud build trigger so each commit build the image
cr_deploy_docker_trigger(
  repo,
  image = "shiny-cloudrun"
)

# deploy to Cloud Run
cr_run(sprintf("gcr.io/%s/shiny-cloudrun:latest",cr_project_get()),
       name = "shiny-cloudrun",
       concurrency = 80,
       max_instances = 1)

If you need to change the memory for the one instance, you can use cpu and memory arguments in the cr_buildstep_run() and subsequent functions such as cr_run(). The maximum allowed is 2 CPUs and 2 gibibytes (2Gi):

# deploy to Cloud Run with 2GBs of RAM per instance and 2 CPUs
cr_run(sprintf("gcr.io/%s/shiny-cloudrun:latest",cr_project_get()),
       name = "shiny-cloudrun",
       concurrency = 80,
       max_instances = 1,
       cpu = 2,
       memory = "2Gi")

Or if you have a local Shiny app in shiny_cloudrun/ with the appropriate Dockerfile and Shiny configuration, the full Docker build and deployment pipeline can be carried out with:

# deploy the app version from this folder
cr_deploy_run("shiny_cloudrun/",
              remote = "shiny-cloudrun2",
              tag = c("latest","$BUILD_ID"),
              max_instances = 1, # required for shiny
              concurrency = 80)

Shiny app on Cloud Run with googleAuthR authentication

If you want to have authentication options for the user as they visit the app on Cloud Run, the below is a working example that is deployed here: https://shiny-cloudrun-sc-ewjogewawq-ew.a.run.app/

Folder:

|
|- app.R
|- Dockerfile
|- client.json

app.R

library(shiny)
library(searchConsoleR)
library(googleAuthR)
options(googleAuthR.verbose = 2)
gar_set_client(web_json = "client.json",
               scopes = "https://www.googleapis.com/auth/webmasters")

ui <- fluidPage(
  googleAuth_jsUI('auth', login_text = 'Login to Google'),
  tableOutput("sc_accounts")
)

server <- function(input, output, session) {
  auth <- callModule(googleAuth_js, "auth")
  # debug
  observe(print(googleAuth_jsUI('auth', login_text = 'Login to Google')))

  sc_accounts <- reactive({
    req(auth())

    with_shiny(
      list_websites,
      shiny_access_token = auth()
    )

  })

  output$sc_accounts <- renderTable({
    sc_accounts()
  })


}

shinyApp(ui = ui, server = server)

Dockerfile

FROM rocker/shiny

# install R package dependencies
RUN apt-get update && apt-get install -y \
    libcurl4-openssl-dev libssl-dev \
    ## clean up
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/ \
    && rm -rf /tmp/downloaded_packages/ /tmp/*.rds

## Install packages from CRAN
RUN install2.r --error \
    -r 'http://cran.rstudio.com' \
    googleAuthR searchConsoleR

COPY client.json /srv/shiny-server/client.json
COPY app.R /srv/shiny-server/app.R

EXPOSE 8080

USER shiny

# avoid s6 initialization
# see https://github.com/rocker-org/shiny/issues/79
CMD ["/usr/bin/shiny-server"]

client.id and GCP setup

The client.json was a web client json from my project:

{"web":{"client_id":"10XXX","project_id":"XXXX","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://accounts.google.com/o/oauth2/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_secret":"XXXXX","redirect_uris":["http://localhost"],"javascript_origins":["https://www.example.com","http://localhost:1221"]}}

You need to add the domain of where the Cloud Run is running in the JavaScript origins within the GCP console, that you get after deploying the app. In the example case this is https://shiny-cloudrun-sc-ewjogewawq-ew.a.run.app/

Deploying

You can then deploy similar to the example above, which will build the Dockerfile and then deploy it to Cloud Run.

# deploy the app version from this folder
cr_deploy_run("shiny_cloudrun/app/",
              remote = "shiny-cloudrun-sc",
              tag = c("latest","$BUILD_ID"),
              max_instances = 1, # required for shiny
              concurrency = 80)

Deploying from another Google Cloud project

By default the build will only allow deployments from the same Google Cloud Project - if you want to deploy container images from other projects you need to give the Cloud Run Service Agent for the Cloud Run project access to the source project. See this Google help file.

This is available via the cr_setup_service() function, using the role lookup cr_setup_role_lookup("run_agent"):

cr_setup_service("service-{project-number}@serverless-robot-prod.iam.gserviceaccount.com"
                 roles = cr_setup_role_lookup("run_agent"))