How to change the address to listen on for Cloud Run proxy?

Hi.

I’m struggling to set up Cloud Run proxy with gcloud command.

Since I’m using the Cloud Run endpoint which requires authentication, It is required to prepare proxy server with gcloud run services proxy command.

But this command listens only on 127.0.0.1, then it is accessible from same host.

To use proxy server on Docker container, I’d like to change the address listen on to 0.0.0.0.

As far as I inspected help of the command, I could not find the way to change the address listen on.

Anyone knows the way to do it?

Hi @Ruins ,

From the details that you’ve provided, try using gcloud run services proxy command, then --address flag. This is to be specific with the IP address to listen to by the proxy. Originally, it listens on 127.0.0.1, but there should be no problem changing it to 0.0.0.0 to make it accessible from outside the container. Below is the sample command:

gcloud run services proxy --address 0.0.0.0 --port 8080 <your-service-name>

For more details, you can check this documentations:

1. https://cloud.google.com/sql/docs/mysql/connect-auth-proxy
2. https://cloud.google.com/sdk/gcloud/reference/run/services/proxy

You can also check this community discussion as it is somehow related to your concern.

Hi Marvin,

Thanks you for the reply.

But gcloud run services proxy seems not to support --address option.

Do you have an another idea for the solution?

ruins@thor:~
➤ gcloud version
Google Cloud SDK 473.0.0
bq 2.1.4
bundled-python3-unix 3.11.8
cloud-run-proxy 0.5.0
core 2024.04.19
gcloud-crc32c 1.0.0
gsutil 5.27
ruins@thor:~
➤ gcloud run services proxy --address 0.0.0.0 --port 8080 blackbox-exporter
ERROR: (gcloud.run.services.proxy) unrecognized arguments:
--address
blackbox-exporter
To search the help text of gcloud commands, run:
gcloud help -- SEARCH_TERMS 

Can you share the code or at least what language it’s in, there should be a way to force your function to listen on 0.0.0.0 instead of using Cloud Proxy. Cloud proxy is inefficient as it adds an extra network hop and extra fragility to your network conn.

I’m facing this issue when using gcloud command as shown above.

Well, My wish is not to publish the port of gcloud proxy to the network.

I want to allow access from the host machine to gcloud proxy working in the container.

Same issue here. I want to test locally an app A that makes requests to an app B that’s hosted on Cloud Run. Because is B is not publicly accessible, gcloud proxy is needed to be able to access app B locally. However gcloud proxy listens to localhost only, which means it’s not directly accessible to a Docker container running the app A.

I was able to workaround it with another proxy:

# Start Cloud Run proxy on port 8001
gcloud run services proxy <name> --port=8001

# Listen to requests on 0.0.0.0:8000 and proxy them to 127.0.0.1:8001
socat TCP-LISTEN:8000,fork TCP:127.0.0.1:8001

It works, but it’s cumbersome. Ideally, the gcloud run services proxy command should have an “address” flag to allow specifying the bind address.