This page shows how to mount a Cloud Storage bucket as a storage volume, using Cloud Run volume mounts.
Mounting the bucket as a volume in Cloud Run presents the bucket content as files in the container file system, which allows use of standard file system operations and libraries to access that file system.
Limitations
Cloud Run uses Cloud Storage FUSE for this volume mount. So there are a few things to keep in mind when mounting a Cloud Storage bucket as a volume:
- Cloud Storage FUSE does not provide concurrency control for multiple writes (file locking) to the same file. When multiple writes try to replace a file, the last write wins and all previous writes are lost.
- Cloud Storage FUSE is not a fully POSIX-compliant file system. For more details, refer to the Cloud Storage FUSE documentation.
Before you begin
You need a Cloud Storage bucket to mount as the volume.
IAM access controls for Cloud Storage buckets
The service identity of your Cloud Run service authenticates against an IAM protected Cloud Storage bucket.
Make sure that the configured service account has the necessary permissions for the file access.
Mount a Cloud Storage volume
You can mount multiple buckets at different mount paths. You can also mount a volume to more than one container using the same or different mount paths across containers.
If you are using multiple containers, first specify the volumes, then specify the volume mounts for each container.
Command line
To add a volume and mount it:
gcloud beta run jobs update JOB \ --add-volume name=VOLUME_NAME,type=cloud-storage,bucket=BUCKET_NAME \ --add-volume-mount volume=VOLUME_NAME,mount-path=MOUNT_PATH
Replace:
JOB
with the name of your job.- MOUNT_PATH with the relative path where you are mounting the volume, for example,
/cache
. - VOLUME_NAME with any name you want for your volume. The VOLUME_NAME value is used to map the volume to the volume mount.
- BUCKET_NAME with the name of your Cloud Storage bucket.
To mount your volume as a read-only volume:
--add-volume=name=VOLUME_NAME,type=cloud-storage,bucket=BUCKET_NAME,readonly=true
If you are using multiple containers, first specify your volume(s), then specify the volume mount(s) for each container:
gcloud beta run jobs update JOB \ --add-volume name=VOLUME_NAME,type=cloud-storage,bucket=BUCKET_NAME \ --container CONTAINER_1 \ --add-volume-mount volume=VOLUME_NAME,mount-path=MOUNT_PATH \ --container CONTAINER_2 \ --add-volume-mount volume=VOLUME_NAME,mount-path=MOUNT_PATH2
YAML
Download and view existing job configuration using the
gcloud run jobs describe --format export
command, which yields
cleaned results in YAML format. Then modify the fields described below and
upload the modified YAML using the gcloud run jobs replace
command.
Make sure you only modify fields as documented.
To view and download the configuration:
gcloud run jobs describe JOB_NAME --format export > job.yaml
Update the MOUNT_PATH, VOLUME_NAME, BUCKET_NAME and IS_READ_ONLY as needed.
apiVersion: run.googleapis.com/v1 kind: Job metadata: name: JOB_NAME spec: metadata: annotations: run.googleapis.com/launch-stage: BETA template: metadata: annotations: run.googleapis.com/execution-environment: gen2 spec: template: spec: containers: - image: IMAGE_URL volumeMounts: - mountPath: MOUNT_PATH name: VOLUME_NAME volumes: - name: VOLUME_NAME csi: driver: gcsfuse.run.googleapis.com readOnly: IS_READ_ONLY volumeAttributes: bucketName: BUCKET_NAME
Replace
- IMAGE_URL with a reference to the container image, for
example,
us-docker.pkg.dev/cloudrun/container/hello:latest
. If you use Artifact Registry, the repository REPO_NAME must already be created. The URL has the shapeLOCATION-docker.pkg.dev/PROJECT_ID/REPO_NAME/PATH:TAG
- MOUNT_PATH with the relative path where you are mounting the volume, for example,
/cache
. - VOLUME_NAME with any name you want for your volume. The VOLUME_NAME value is used to map the volume to the volume mount.
- IS_READ_ONLY with
True
to make the volume read-only, orFalse
to allow writes. - BUCKET_NAME with the name of the Cloud Storage bucket.
- IMAGE_URL with a reference to the container image, for
example,
Replace the service with its new configuration using the following command:
gcloud beta run jobs replace job.yaml
View volume mounts settings
Console
In the Google Cloud console, go to the Cloud Run jobs page:
Click the job you are interested in to open the Job details page.
Click the Volumes tab.
Locate the volume mounts setting in the volumes detail page.
Command line
Use the following command:
gcloud run jobs describe JOB_NAME
Locate the volume mounts setting in the returned configuration.