[bhouston]

> How does the orchestration work?

Github Actions CI. Take this and make a few more dependencies and a matrix strategy and you are good to go: https://github.com/bhouston/template-typescript-monorepo/blo... For dev environments, you can add post-fixes to the services based on branches.

> How do you share storage?

I use managed DBs and Cloud Storage for shared storage. I think that provisioning your own SSDs/HDs to the cloud is indicative of an anti-pattern in your architecture.

> How do the docker containers know how to find each other?

I try to avoid too much communication between services directly, rather try to go through pub-sub or similar. But you can set up each service with a domain name and access them that way. With https://web3dsurvey.com, I have an api on https://api.web3dsurvey.com and then a review environment (connected to the main branch) with https://preview.web3dsurvey.com / https://api.preview.web3dsurvey.com.

> How does security work?

You can configure Cloud Run services to be internal only and not to accept outside connections. Otherwise one can just use JWT or whatever is normal on your routes in your web server.

[dthg]

> But you can set up each service with a domain name and access them that way. Are you using Cloud Run domain mappings for this or something else?

I have been converging on a similar stack, but trying to avoid using a load balancer in an effort to keep fixed costs low.

[bhouston]

Yup domain mappings for now. There is some label support in Cloud Run but I haven’t explored it yet. You can also get the automatic domain name for a service via the cloud run tools.

Yeah I definitely want to also avoid a load balancer or gateway or end points as well for cost purposes.