Cloud Run YAML Reference

This page describes the YAML representation of the Cloud Run service and job objects.

Cloud Run service YAML

This is the YAML representation of the Service object in the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the v1 schema).

apiVersion: serving.knative.dev/v1 kind: Service metadata:  name: SERVICE_NAME  namespace: PROJECT_NUMBER  labels:  cloud.googleapis.com/location: REGION  annotations:  run.googleapis.com/launch-stage: LAUNCH_STAGE  run.googleapis.com/description: DESCRIPTION  run.googleapis.com/ingress: INGRESS  run.googleapis.com/binary-authorization: POLICY  run.googleapis.com/binary-authorization-breakglass: JUSTIFICATION  run.googleapis.com/minScale: SERVICE_MIN_INSTANCES  run.googleapis.com/maxScale: SERVICE_MAX_INSTANCES  run.googleapis.com/function-target: FUNCTION_ENTRY_POINT  run.googleapis.com/invoker-iam-disabled: INVOKER_IAM_CHECK  run.googleapis.com/iap-enabled: IAP_ENABLED  run.googleapis.com/scalingMode: SCALING_MODE  run.googleapis.com/manualInstanceCount: MANUAL_INSTANCE_COUNT spec:  template:  metadata:  name: REVISION_NAME  annotations:  autoscaling.knative.dev/minScale: MIN_INSTANCES  autoscaling.knative.dev/maxScale: MAX_INSTANCES  run.googleapis.com/cpu-throttling: CPU_ALLOCATION  run.googleapis.com/startup-cpu-boost: CPU_BOOST  run.googleapis.com/sessionAffinity: SESSION_AFFINITY  run.googleapis.com/cloudsql-instances: CLOUD_SQL_CONNECTION  run.googleapis.com/execution-environment: EXECUTION_ENVIRONMENT  run.googleapis.com/vpc-access-connector: SERVERLESS_VPC_CONNECTOR  run.googleapis.com/vpc-access-egress: EGRESS  run.googleapis.com/network-interfaces: VPC_NETWORK_SETTINGS_IN_JSON  run.googleapis.com/encryption-key: CMEK  run.googleapis.com/custom-audiences: '["AUDIENCE1","AUDIENCE2"]'  run.googleapis.com/container-dependencies: CONTAINER_START_ORDER  run.googleapis.com/base-images: '{"":"BASE_IMAGE"}'  spec:  containerConcurrency: MAX_CONCURRENCY  timeoutSeconds: REQUEST_TIMEOUT  nodeSelector:  run.googleapis.com/accelerator: GPU_TYPE  serviceAccountName: SERVICE_ACCOUNT_EMAIL  containers:  - image: IMAGE  name: CONTAINER_NAME  command:  - COMMAND1  - COMMAND2  args:  - ARGUMENT1  - ARGUMENT2  ports:  - name: HTTP1_OR_H2C  containerPort: PORT  env:  - name: KEY  value: VALUE  resources:  limits:  cpu: CPU_LIMIT  memory: MEMORY_LIMIT  nvidia.com/gpu: GPU_NUMBER  volumeMounts:  - name: VOLUME_NAME  mountPath: MOUNT_PATH  startupProbe:  httpGet:  path: CHECK_PATH  httpHeaders:  - name: HEADER_NAME  value: HEADER_VALUE  port: PORT  tcpSocket:  port: PORT  grpc:  service: GRPC_SERVICE  port: PORT  initialDelaySeconds: DELAY  timeoutSeconds: TIMEOUT  failureThreshold: THRESHOLD  periodSeconds: PERIOD  livenessProbe:  httpGet:  path: CHECK_PATH  port: PORT  httpHeaders:  - name: HEADER_NAME  value: HEADER_VALUE  grpc:  service: GRPC_SERVICE  port: PORT  initialDelaySeconds: DELAY  timeoutSeconds: TIMEOUT  failureThreshold: THRESHOLD  periodSeconds: PERIOD  - image: SIDECAR_IMAGE  name: SIDECAR_NAME  volumes:  - name: VOLUME_NAME  secret:  secretName: SECRET  items:  - key: SECRET_VERSION  path: PATH  - name: VOLUME_NAME  emptyDir:  sizeLimit: IN_MEMORY_VOLUME_SIZE  medium: Memory  - name: VOLUME_NAME  csi:  driver: gcsfuse.run.googleapis.com  readOnly: IS_READ_ONLY  volumeAttributes:  bucketName: BUCKET_NAME  mountOptions: OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE  - name: VOLUME_NAME  nfs:  server: IP_ADDRESS  path: NFS_PATH  readonly: IS_READ_ONLY  runtimeClassName: BASE_IMAGE_UPDATE  traffic:  - percent: PERCENT_TO_LATEST  latestRevision: true  - percent: PERCENT_TO_REVISION  revisionName: REVISION_NAME  - tag: TAG  revisionName: REVISION_NAME

With:

  • LAUNCH_STAGE: Set to BETA to use Preview features.
  • REVISION_NAME: Optional name for the revision to be created.
  • CONTAINER_NAME: Optional name for the container within a revision. Automatically generated if not supplied by the user.

Cloud Run job YAML

This is the YAML representation of the Job object in the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the v1 schema).

apiVersion: run.googleapis.com/v1 kind: Job metadata:  name: JOB_NAME  namespace: PROJECT_NUMBER  labels:  cloud.googleapis.com/location: REGION  annotations:  run.googleapis.com/launch-stage: LAUNCH_STAGE  run.googleapis.com/binary-authorization: POLICY  run.googleapis.com/binary-authorization-breakglass: JUSTIFICATION spec:  template:  metadata:  annotations:  run.googleapis.com/cloudsql-instances: CLOUD_SQL_CONNECTION  run.googleapis.com/vpc-access-connector: SERVERLESS_VPC_CONNECTOR  run.googleapis.com/vpc-access-egress: EGRESS  run.googleapis.com/network-interfaces: VPC_NETWORK_SETTINGS_IN_JSON  run.googleapis.com/encryption-key: CMEK  spec:  parallelism: PARALLELISM  taskCount: TASK_COUNT  template:  spec:  maxRetries: MAX_RETRIES  timeoutSeconds: TASK_TIMEOUT  serviceAccountName: SERVICE_ACCOUNT_EMAIL  nodeSelector:  run.googleapis.com/accelerator: GPU_TYPE  containers:  - image: IMAGE  command:  - COMMAND1  - COMMAND2  args:  - ARGUMENT1  - ARGUMENT2  env:  - name: KEY  value: VALUE  resources:  limits:  cpu: CPU_LIMIT  memory: MEMORY_LIMIT  nvidia.com/gpu: GPU_NUMBER  volumeMounts:  - name: VOLUME_NAME  mountPath: MOUNT_PATH  - image: SIDECAR_IMAGE  name: SIDECAR_NAME  volumes:  - name: VOLUME_NAME  secret:  secretName: SECRET  items:  - key: SECRET_VERSION  path: PATH  - name: VOLUME_NAME  emptyDir:  sizeLimit: IN_MEMORY_VOLUME_SIZE  medium: Memory  - name: VOLUME_NAME  csi:  driver: gcsfuse.run.googleapis.com  readOnly: IS_READ_ONLY  volumeAttributes:  bucketName: BUCKET_NAME  mountOptions: OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE  - name: VOLUME_NAME  nfs:  server: IP_ADDRESS  path: NFS_PATH  readonly: IS_READ_ONLY

With:

  • LAUNCH_STAGE: Set to BETA to use Preview features.

Cloud Run worker pool YAML

This is the YAML representation of the WorkerPool object in the Cloud Run Admin API V1. The YAML maps directly to the V1 API (see the v1 schema).

apiVersion: run.googleapis.com/v1 kind: WorkerPool metadata:  name: WORKERPOOL_NAME  namespace: PROJECT_NUMBER  labels:  cloud.googleapis.com/location: REGION  annotations:  run.googleapis.com/launch-stage: LAUNCH_STAGE  run.googleapis.com/description: DESCRIPTION  run.googleapis.com/binary-authorization: POLICY  run.googleapis.com/binary-authorization-breakglass: JUSTIFICATION  run.googleapis.com/manualInstanceCount: MANUAL_INSTANCE_COUNT spec:  template:  metadata:  name: REVISION_NAME  annotations:  run.googleapis.com/cloudsql-instances: CLOUD_SQL_CONNECTION  run.googleapis.com/vpc-access-egress: EGRESS  run.googleapis.com/network-interfaces: VPC_NETWORK_SETTINGS_IN_JSON  run.googleapis.com/encryption-key: CMEK  run.googleapis.com/container-dependencies: CONTAINER_START_ORDER  spec:  nodeSelector:  run.googleapis.com/accelerator: GPU_TYPE  serviceAccountName: SERVICE_ACCOUNT_EMAIL  containers:  - image: IMAGE  name: CONTAINER_NAME  command:  - COMMAND1  - COMMAND2  args:  - ARGUMENT1  - ARGUMENT2  env:  - name: KEY  value: VALUE  resources:  limits:  cpu: CPU_LIMIT  memory: MEMORY_LIMIT  nvidia.com/gpu: GPU_NUMBER  volumeMounts:  - name: VOLUME_NAME  mountPath: MOUNT_PATH  - image: SIDECAR_IMAGE  name: SIDECAR_NAME  volumes:  - name: VOLUME_NAME  secret:  secretName: SECRET  items:  - key: SECRET_VERSION  path: PATH  - name: VOLUME_NAME  emptyDir:  sizeLimit: IN_MEMORY_VOLUME_SIZE  medium: Memory  - name: VOLUME_NAME  csi:  driver: gcsfuse.run.googleapis.com  readOnly: IS_READ_ONLY  volumeAttributes:  bucketName: BUCKET_NAME  mountOptions: OPTION1-NAME=OPTION1-VALUE,OPTION2-NAME=OPTION2-VALUE  - name: VOLUME_NAME  nfs:  server: IP_ADDRESS  path: NFS_PATH  readonly: IS_READ_ONLY  instanceSplits:  - percent: PERCENT_TO_LATEST  latestRevision: true  - percent: PERCENT_TO_REVISION  revisionName: REVISION_NAME

With:

  • LAUNCH_STAGE: Set to BETA to use Preview features.
  • REVISION_NAME: Optional name for the revision to be created.
  • CONTAINER_NAME: Optional name for the container within a revision. Automatically generated if not supplied by the user.