> For the complete documentation index, see [llms.txt](https://docs.qpoint.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.qpoint.io/getting-started/qscan/installation/cloud-run.md). # Cloud Run QScan can be deployed as a Google Cloud Run Worker Pool. Worker pools are long-running instances suited for background processing workloads like QScan. ## Prerequisites * Google Cloud project with Cloud Run API enabled * `gcloud` CLI with beta components installed * Secrets stored in Google Secret Manager ## CPU Configuration Create a `worker.yaml` file: ```yaml apiVersion: run.googleapis.com/v1 kind: WorkerPool metadata: annotations: run.googleapis.com/launch-stage: BETA run.googleapis.com/scalingMode: manual run.googleapis.com/manualInstanceCount: "1" name: qscan-worker spec: template: metadata: annotations: run.googleapis.com/execution-environment: gen2 run.googleapis.com/cpu-throttling: "false" spec: containers: - name: qscan-worker image: us-docker.pkg.dev/qpoint-edge/public/qscan:latest env: - name: NUM_POLLERS value: "2" - name: NUM_SCANNERS value: "2" - name: LOG_LEVEL value: "info" - name: LOG_ENCODING value: "json" - name: METRICS_PORT value: "8080" - name: REGISTRATION_TOKEN valueFrom: secretKeyRef: key: latest name: qscan-registration-token livenessProbe: httpGet: path: / port: 8080 initialDelaySeconds: 5 periodSeconds: 10 resources: limits: cpu: 6000m memory: 24Gi startupProbe: httpGet: path: / port: 8080 initialDelaySeconds: 5 periodSeconds: 30 failureThreshold: 5 ``` Deploy with: {% code overflow="wrap" %} ```bash gcloud beta run worker-pools replace worker.yaml --region=us-central1 ``` {% endcode %} ## GPU Configuration For GPU-accelerated scanning, modify the resource limits: ```yaml resources: limits: cpu: 4000m memory: 16Gi nvidia.com/gpu: "1" ``` {% hint style="info" %} GPU support in Cloud Run requires a region that offers GPU instances. Check the [Cloud Run GPU documentation](https://cloud.google.com/run/docs/configuring/services/gpu) for available regions and GPU types. {% endhint %} ## Secret Manager Store sensitive values in Google Secret Manager and reference them in your worker configuration: ```bash echo -n "your-registration-token" | \ gcloud secrets create qscan-registration-token --data-file=- echo -n "your-s3-access-key" | \ gcloud secrets create qscan-s3-access-key --data-file=- ``` Reference secrets in the worker YAML using `secretKeyRef`: ```yaml - name: REGISTRATION_TOKEN valueFrom: secretKeyRef: key: latest name: qscan-registration-token ``` Ensure the Cloud Run service account has the `roles/secretmanager.secretAccessor` role. ## Updating the Image To update the QScan image without modifying the full configuration: {% code overflow="wrap" %} ```bash gcloud beta run worker-pools update qscan-worker \ --image=us-docker.pkg.dev/qpoint-edge/public/qscan:latest \ --region=us-central1 ``` {% endcode %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.qpoint.io/getting-started/qscan/installation/cloud-run.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.