From cd3ab82f892f807263a478af6ee413d3e9b454ed Mon Sep 17 00:00:00 2001 From: SamyOubouaziz Date: Wed, 26 Mar 2025 11:50:58 +0100 Subject: [PATCH 1/7] docs(srv): add new entries to FAQ MTA-5829 --- pages/serverless-containers/faq.mdx | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/pages/serverless-containers/faq.mdx b/pages/serverless-containers/faq.mdx index 35ecbd1e9e..2096a1bf35 100644 --- a/pages/serverless-containers/faq.mdx +++ b/pages/serverless-containers/faq.mdx @@ -173,15 +173,19 @@ For now, the `HEALTHCHECK` Docker directive has no impact on container readiness ## Network and storage +### Can I redirect all HTTP traffic to HTTPS? + +Yes, you can [redirect every inbound HTTP connections to HTTPS](/serverless-containers/how-to/manage-a-container/#manage-a-deployment-from-the-scaleway-container-registry) by enabling **HTTPS connections only** in the **Security** tab of the **Advanced options** of your container. + ### Can I whitelist the IPs of my containers? Serverless Containers does not yet support Private Networks. However, you can use the Scaleway IP ranges defined at [https://www.scaleway.com/en/peering/](https://www.scaleway.com/en/peering/) on Managed Databases and other products that allow IP filtering. ### Which protocols are supported by Serverless Containers? -Serverless Containers use the **http1** protocol by default, but some services (e.g., gRPC) only support `http2`. +Serverless Containers support **http1** and **http2**. **http1** is enabled by default, but some services (e.g., gRPC) only support **http2**. -Protocol switching is available in the Console under the `Advanced options` section in the `Deployment` tab. +You can [modify the protocol](/serverless-containers/how-to/manage-a-container/#manage-a-deployment-from-the-scaleway-container-registry) used by your container from the **Requests tab** of the **Advanced options**. ### Why does my gRPC container not respond? From 7b3c684c03d842631cdd90379452c685adc9cc9f Mon Sep 17 00:00:00 2001 From: SamyOubouaziz Date: Wed, 26 Mar 2025 17:55:47 +0100 Subject: [PATCH 2/7] docs(srv): update --- pages/serverless-containers/faq.mdx | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pages/serverless-containers/faq.mdx b/pages/serverless-containers/faq.mdx index 2096a1bf35..03d0545a86 100644 --- a/pages/serverless-containers/faq.mdx +++ b/pages/serverless-containers/faq.mdx @@ -171,6 +171,11 @@ You can copy an image from an external registry using the Docker CLI, or open so A Serverless Container is set to `ready` once the specified port is correctly bound to the container, and will start receiving traffic. If your application needs to perform some tasks before receiving traffic (e.g. connect to a database), it is important to run them before binding to the port (starting the webserver). For now, the `HEALTHCHECK` Docker directive has no impact on container readiness. In the future, the health check will be customizable for your applications. +### How can I make my application compatible with Google Cloud Run ? + +You can make your application compatible with Cloud Run using **http2¨¨** and gRPC. +## Features + ## Network and storage ### Can I redirect all HTTP traffic to HTTPS? @@ -197,6 +202,10 @@ Scaleway Serverless Containers does not currently support Scaleway VPC or Privat To add network restrictions on your resource, refer to the [list of prefixes used at Scaleway](https://www.scaleway.com/en/peering/). Serverless resources do not have dedicated or predictable IP addresses. +### Can I use my own TLS certificates? + +No. + ### Can I connect to my container using SSH? No, it is not possible to connect to Serverless Containers using SSH. Serverless Containers is a fully managed, and stateless compute environment that does not provide direct access to the underlying infrastructure due to several features, such as autoscaling. From 80a76499f8ff2d1780ad1bca59f2f3ae763a3567 Mon Sep 17 00:00:00 2001 From: SamyOubouaziz Date: Mon, 31 Mar 2025 17:28:17 +0200 Subject: [PATCH 3/7] docs(srv): update --- pages/serverless-containers/faq.mdx | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/pages/serverless-containers/faq.mdx b/pages/serverless-containers/faq.mdx index 03d0545a86..8e13845e78 100644 --- a/pages/serverless-containers/faq.mdx +++ b/pages/serverless-containers/faq.mdx @@ -139,6 +139,12 @@ Ensure that your code avoids heavy computations or long-running initialization a * **Use sandbox v2**: We recommend you use sandbox v2 (advanced settings) to reduce cold starts. +### Which Linux syscalls are supported? + +- [Sandbox](/serverless-containers/concepts/#sandbox) v1 guarantees a full compatibility with Linux syscalls. + +- [Sandbox](/serverless-containers/concepts/#sandbox) v2 relies on [gVisor](https://gvisor.dev/), which implements a selection of syscalls. Refer to the [official gVisor documentation](https://gvisor.dev/docs/user_guide/compatibility/linux/amd64/) for a comprehensive list of supported syscalls. + ### What are the limitations of Serverless Containers? Refer to our dedicated page about [Serverless Containers limitations and configuration restrictions](/serverless-containers/reference-content/containers-limitations/) for more information. @@ -171,9 +177,13 @@ You can copy an image from an external registry using the Docker CLI, or open so A Serverless Container is set to `ready` once the specified port is correctly bound to the container, and will start receiving traffic. If your application needs to perform some tasks before receiving traffic (e.g. connect to a database), it is important to run them before binding to the port (starting the webserver). For now, the `HEALTHCHECK` Docker directive has no impact on container readiness. In the future, the health check will be customizable for your applications. -### How can I make my application compatible with Google Cloud Run ? +### How can I make my application compatible with Serverless Containers ? + +You can make your application compatible with Serverless Containers by: + +- listening on port 0.0.0.0 +- responding to HTTP or gRPC requests. -You can make your application compatible with Cloud Run using **http2¨¨** and gRPC. ## Features ## Network and storage @@ -204,7 +214,7 @@ To add network restrictions on your resource, refer to the [list of prefixes use ### Can I use my own TLS certificates? -No. +No, you cannot use your own TLS certificates. ### Can I connect to my container using SSH? From 11a05656ca7e5e9ae5d3765c4274cd22367d2a4b Mon Sep 17 00:00:00 2001 From: SamyOubouaziz Date: Mon, 31 Mar 2025 17:29:40 +0200 Subject: [PATCH 4/7] docs(srv): update --- pages/serverless-containers/faq.mdx | 2 -- 1 file changed, 2 deletions(-) diff --git a/pages/serverless-containers/faq.mdx b/pages/serverless-containers/faq.mdx index 8e13845e78..014c85bb28 100644 --- a/pages/serverless-containers/faq.mdx +++ b/pages/serverless-containers/faq.mdx @@ -184,8 +184,6 @@ You can make your application compatible with Serverless Containers by: - listening on port 0.0.0.0 - responding to HTTP or gRPC requests. -## Features - ## Network and storage ### Can I redirect all HTTP traffic to HTTPS? From df2db3c6da1520b35e9cae1058dcb0ec4ed84ac1 Mon Sep 17 00:00:00 2001 From: SamyOubouaziz Date: Mon, 31 Mar 2025 18:06:36 +0200 Subject: [PATCH 5/7] docs(srv): update --- pages/serverless-containers/faq.mdx | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/pages/serverless-containers/faq.mdx b/pages/serverless-containers/faq.mdx index 014c85bb28..0fbd7640e6 100644 --- a/pages/serverless-containers/faq.mdx +++ b/pages/serverless-containers/faq.mdx @@ -177,12 +177,15 @@ You can copy an image from an external registry using the Docker CLI, or open so A Serverless Container is set to `ready` once the specified port is correctly bound to the container, and will start receiving traffic. If your application needs to perform some tasks before receiving traffic (e.g. connect to a database), it is important to run them before binding to the port (starting the webserver). For now, the `HEALTHCHECK` Docker directive has no impact on container readiness. In the future, the health check will be customizable for your applications. -### How can I make my application compatible with Serverless Containers ? +### How do I know if my application is compatible with Serverless Containers ? -You can make your application compatible with Serverless Containers by: +Your application is compatible with Serverless Containers if it meets the following criteria: -- listening on port 0.0.0.0 -- responding to HTTP or gRPC requests. +- It must handle requests delivered via HTTP, HTTP/2, WebSockets, or gRPC. +- It must not require a persistent local storage, but either a local [ephemeral storage](/serverless-containers/concepts/#ephemeral-storage), or a network file system. +- It must be able to handle multiple instances of the app running simultaneously. +- It must fit the [Serverless Containers limitations](/serverless-containers/reference-content/containers-limitations/) +- It must expose a webserver port to be accessible. ## Network and storage From c94a9ff382418e30e798e5b453c61e29aab48e24 Mon Sep 17 00:00:00 2001 From: SamyOubouaziz Date: Tue, 1 Apr 2025 14:22:45 +0200 Subject: [PATCH 6/7] Apply suggestions from code review Co-authored-by: Rowena Jones <36301604+RoRoJ@users.noreply.github.com> Co-authored-by: Thomas TACQUET --- pages/serverless-containers/faq.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pages/serverless-containers/faq.mdx b/pages/serverless-containers/faq.mdx index 0fbd7640e6..de2c06f0c3 100644 --- a/pages/serverless-containers/faq.mdx +++ b/pages/serverless-containers/faq.mdx @@ -141,7 +141,7 @@ Ensure that your code avoids heavy computations or long-running initialization a ### Which Linux syscalls are supported? -- [Sandbox](/serverless-containers/concepts/#sandbox) v1 guarantees a full compatibility with Linux syscalls. +- [Sandbox](/serverless-containers/concepts/#sandbox) v1 guarantees full compatibility with Linux syscalls. - [Sandbox](/serverless-containers/concepts/#sandbox) v2 relies on [gVisor](https://gvisor.dev/), which implements a selection of syscalls. Refer to the [official gVisor documentation](https://gvisor.dev/docs/user_guide/compatibility/linux/amd64/) for a comprehensive list of supported syscalls. @@ -182,7 +182,7 @@ For now, the `HEALTHCHECK` Docker directive has no impact on container readiness Your application is compatible with Serverless Containers if it meets the following criteria: - It must handle requests delivered via HTTP, HTTP/2, WebSockets, or gRPC. -- It must not require a persistent local storage, but either a local [ephemeral storage](/serverless-containers/concepts/#ephemeral-storage), or a network file system. +- It must not require a persistent local storage due to [ephemeral storage](/serverless-containers/concepts/#ephemeral-storage), and must use shared file storage systems like [Object Storage](https://www.scaleway.com/en/docs/object-storage/) - It must be able to handle multiple instances of the app running simultaneously. - It must fit the [Serverless Containers limitations](/serverless-containers/reference-content/containers-limitations/) - It must expose a webserver port to be accessible. From 366c37c6d6be16c318606dc4b34ebb728bbf568d Mon Sep 17 00:00:00 2001 From: SamyOubouaziz Date: Tue, 1 Apr 2025 14:23:41 +0200 Subject: [PATCH 7/7] Apply suggestions from code review Co-authored-by: Thomas TACQUET Co-authored-by: Rowena Jones <36301604+RoRoJ@users.noreply.github.com> --- pages/serverless-containers/faq.mdx | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/pages/serverless-containers/faq.mdx b/pages/serverless-containers/faq.mdx index de2c06f0c3..89b0654235 100644 --- a/pages/serverless-containers/faq.mdx +++ b/pages/serverless-containers/faq.mdx @@ -182,16 +182,15 @@ For now, the `HEALTHCHECK` Docker directive has no impact on container readiness Your application is compatible with Serverless Containers if it meets the following criteria: - It must handle requests delivered via HTTP, HTTP/2, WebSockets, or gRPC. -- It must not require a persistent local storage due to [ephemeral storage](/serverless-containers/concepts/#ephemeral-storage), and must use shared file storage systems like [Object Storage](https://www.scaleway.com/en/docs/object-storage/) -- It must be able to handle multiple instances of the app running simultaneously. +- It must not require persistent local storage due to [ephemeral storage](/serverless-containers/concepts/#ephemeral-storage), and must use shared file storage systems like [Object Storage](https://www.scaleway.com/en/docs/object-storage/) - It must fit the [Serverless Containers limitations](/serverless-containers/reference-content/containers-limitations/) -- It must expose a webserver port to be accessible. +- It must expose a webserver port and be listening on `0.0.0.0`. ## Network and storage ### Can I redirect all HTTP traffic to HTTPS? -Yes, you can [redirect every inbound HTTP connections to HTTPS](/serverless-containers/how-to/manage-a-container/#manage-a-deployment-from-the-scaleway-container-registry) by enabling **HTTPS connections only** in the **Security** tab of the **Advanced options** of your container. +Yes, you can [redirect all inbound HTTP connections to HTTPS](/serverless-containers/how-to/manage-a-container/#manage-a-deployment-from-the-scaleway-container-registry) by enabling **HTTPS connections only** in the **Security** tab of the **Advanced options** of your container. ### Can I whitelist the IPs of my containers? @@ -213,9 +212,9 @@ Scaleway Serverless Containers does not currently support Scaleway VPC or Privat To add network restrictions on your resource, refer to the [list of prefixes used at Scaleway](https://www.scaleway.com/en/peering/). Serverless resources do not have dedicated or predictable IP addresses. -### Can I use my own TLS certificates? +### Can I use my own TLS certificates for custom domains? -No, you cannot use your own TLS certificates. +No, you cannot use your own TLS certificates. Scaleway uses Let's Encrypt to generate and automatically renew certificates on your [Custom Domains](https://www.scaleway.com/en/docs/serverless-containers/concepts/#custom-domain) ### Can I connect to my container using SSH?