I would like to setup a HTTPS load balancer to serve both static content from a storage bucket and also point to a number of cloud run services.
The setup I am trying to achieve looks like the following:
// prod
api.example.com/serviceA -> cloud run: serviceA
api.example.com/serviceB -> cloud run: serviceB
cdn.example.com/cat.jpg -> storage bucket: cats
// dev
api-dev.example.com/serviceA -> cloud run: serviceA
api-dev.example.com/serviceB -> cloud run: serviceB
cdn-dev.example.com/cat.jpg -> storage bucket: cats-dev
The dev & prod environments are separated by projects in my case.
I have followed this guide as to how to setup this configuration.
However I am unable to resolved the various services. It is not 100% clear how the following elements interact:
url map
url mask
custom domain mapping in cloud run itself VS at the load balancer level
Please help!
Sure, it can be confusing!
URL Map: it's plugged on the Load Balancer to route a URL to a backend (Bucket, (un)Managed instance group (MIG), Network Endpoint Group (NEG)). For example the /static/ is routed to a bucket, the others to a serverless NEG
URL Mask: it's plugged on the serverless NEG. You can define a template on the URL Name to extract the service name (and tag) from the URL itself. It requires to have a dependency between your site structure and your Cloud Run service naming.
Summary
The URL Map is the first pass routing to the serverless NEG. The serverless NEG apply the URL mask to route the request to the correct service.
Custom domain mapping
On a single Cloud Run service you can apply a custom domain to reach it directly. In this case, you have no load balancing, you reach directly only one service deployed on Cloud Run.
I hope to be clear!!
Related
With AWS Route53 I can setup an URL that assigns 50% traffic to one URL and the other URL, which points to different versions of the service. Is there sth similar in GCP (cloud dns)?
The setup looks like the following
50%
100% traffic -> service.com -> serviceA.com (version-featureRF)
50%
-> serviceB.com (version-featureCNN)
Update:
I have a look at
https://stackoverflow.com/a/32617722/3952994, but it doesn't explain how to set it up.
From Cloud DNS is not possible to setup the configuration mentioned as is possible with AWS Route 53.
To balance the load between different services you can use Cloud Load Balancing.
I'm new to the GCP Services, and I'm trying to make an API Gateway to proxy two services, one is run on an App Engine and the other is actually a PaaS.
Can I configure Cloud Endpoints to redirect to that PaaS, and how? and if now what service in GCP suits this case?
Edit:
An example of what I'm trying to do is if my domain is test.com then i'd like app.test.com to be redirected to my App Engine and ip.test.com would be directed for example to https://httpbin.org/ip.
I wrote an article on this for securing the endpoint. Set the value that you want in the x-google-backend.
I also provide some tips about the URL rewriting if you want.
EDIT 1
If you want to perform this routing
app.test.com -> App Engine
ip.test.com -> External service
You need to use a HTTPS Load Balancer and not API Gateway.
Then,
create a serverless NEG and configure it with App Engine
create an Internet NEG and configure it to reach your internet accessible PaaS service
Create a URL MAP with the correct routing
That's all (wait 3 - 5 minutes, the delay to dispatch your configuration around the globe.)
Yes, you can run an Extensible Service Proxy in front of your non-GCP backend service so that Cloud Endpoints can proxy requests to it.
Docs: https://cloud.google.com/endpoints/docs/openapi/running-esp-localdev
In gcp load balancer. I have this rule:
HOST: *
Paths: /test/*
backend: test-server-backend-bucket
test-server-backend-bucket is bind to a cloud storage bucket test-server.
But in test-server, there is no test folder, only files.
I can't change the paths and create test folder in the test-server due to some limitation.
Hoping to get files in test-server using url like this http://[ip]/test/test1.txt
Is there someway that I can achieve this in GCP?
I'm not seeing the value of putting Google Cloud Storage (GCS) access behind a load balancer. Rather, I would imagine that if one wanted to access GCS objects as URLs one would point to those directly.
Imagine your company has the domain name example.com. Then you might associate your back-end services which are accessible through load balancers with the address record in DNS which maps:
services.example.com -> Static public IP of load balancer.
Now let us imagine you create a bucket in GCS called mydata.example.com. By adding a CNAME record in DNS (see https://cloud.google.com/storage/docs/request-endpoints) you could then access files in the bucket as:
http://mydata.example.com/test1.txt
This wouldn't go anywhere near a load balancer and can take advantage of GCS distributed data including CDN.
The loadbalancer don't allow you to perform URL rewriting.
The DNS and CNAME solution of Kolban is the right one for a minimizing the Storage operation.
You can use the Advanced host and path rule (URL redirect, URL rewrite) option:
Then add your bucket here:
I have some content in a GCS bucket:
$ gsutil ls gs://my-bucket
index.html
I'd like to serve this behind OAuth using Identity-Aware Proxy (IAP). I'm following these instructions.
I've created a load balancer and and "backend bucket" like so:
On the Identity-Aware Proxy page, however, I do not see my load balancer listed:
Is it possible to use IAP with a backend bucket?
This isn't supported at the moment. The policy is applied per backend, not for the load balancer as a whole (so for example, yoursite.com/admin can be more restricted than yoursite.com/public). However only backend services (ie GCE/GKE) are supported, but not backend buckets.
There is an open feature request for backend bucket IAP support.
I have added a couple of changes to gcs-proxy.
so basically you can put it in cloudrun behind GLB with Identity-Aware Proxy (IAP)
and serve static sites from private GCS.
here is the fork https://github.com/mike-sirs/gcsproxy.
Just today I started working on a new service that will upload your static site to Google Cloud Platform or Amazon S3 and allow you to get a free sub-domain to view it at. How can I host the files in a folder on Google Cloud Platform or Amazon S3 on a custom domain without it being like mysite.example.com/dogsite/dog.html and be like mysite.example.com/dogs.html instead? Currently, the documentation says nothing at all. I am open to other ideas too.
-- Yes, I am fine with using things like Nginx and Apache to route the CNAME --
You cannot use Google Cloud Storage directory as a domain root.
But, there is one solution :
For each subdomain, create a bucket (for example dogs-site-bucket).
Create a Google Cloud Loadbalancer
Backend Configuration : Add dogs-site-bucket as a Backend Bucket
Host and path rules : Create a new rule, example: host: mysite.example.com, path: dogs-site, backend: dogs-site-bucket
Frontend Configuration : Create a new front end with static IP and setup your DNS with this IP