I have two instances on Google Cloud Platform (GCP), one with the frontend React app, another with Spring backend. The second instance allows ingress traffic from the frontend instance. Curl from frontend to that instance works correctly, but when I open frontend in my browser requests to my backend fails due to connection timeout. How to determine the problem and fix this. Instances running on GCP.
Related
I have four services running within the same app on App Engine. I have a frontend SvelteKit application, and three backend services. If possible, I'd like to set up security in such a way that the backend services will only accept HTTP requests from the frontend application (which sends all API requests via its Node server).
Is there a way of doing this without spending a load of money on a Serverless VPC Access connector?
Ideally I want to keep these all within the same GCP project as well. So far the only solution I can come up with is to ship the services with a secret that they check against when receiving a request, but there must be a better way to do it.
Take a look at Identity Aware Proxy
Pay attention to the part of the above documentation that says
In order to make a resource publicly-accessible (while sibling resources are restricted), grant the IAP-secured Web App User role to allUsers or allAuthenticatedUsers.
Per your use case, your front-end application will be available to the public while your 3 backend services will only be available to the front-end application
Since your backend services are now secured (via IAP), you have to programmatically invoke them in your front end. See documentation on how to do that.
There is a back-end server using asp.net core web-api, and the Nginx as reverse-proxy, all hosted on docker on the ubuntu server.
Also, a client-side web application (reactjs) which makes REST API calls to the back-end using JS 'Fetch' (or Axios, etc...)
The client-side app is not centralized and it could be hosted on any number of servers.
(Let's say hosted on 5 servers.
So now we have 1 back-end server, and 5 servers hosting that reactjs app.)
objective
Every time one of the client apps makes an HTTP request to the back-end, I want to get the IP address of the server that's hosting that specific reactjs app.
But what I'm getting is the end-user IP address, not the server that's hosting the react app
Is it possible to do that? without asking the users to put their server's IP into their REST requests manually?
I've tried some Nginx configurations with no luck.
Thanks in advance.
I have a full-stack application divided into 2 apps: front-end and backend. The front-end is React app running under web dev server. The back-end is Flask app working as Restful API. I implemented JWT on back-end and wonder if I can store JWT access and refresh tokens in cookies. I found the usual implementation doesn't work (I mean JWT_TOKEN_LOCATION = 'cookies' and set_access_cookies()) - I don't see any cookies attached. Is that because 2 apps are working on different domains? Is that even possible or not?
SET SameSite=Lax and cookie_domain=".xyz.com", But remember for development you will have to change the alias for localhost, let's say your frontend is on frontend.xyz.com and backend is on backend.xyz.com then do get local.xyz.com as an alias for your localhost to get the configuration work in a development environment.
you can do so by editing the /etc/hosts for Linux and Unix based systems for windows you can google.
I'm developing a Java app in GAE, which offers an API through Google Cloud Endpoints.
Basically it receives requests in the endpoints and uses a number of web services from different providers, stores some data and returns some data through the endpoints...
I understand that my app is conceptually a backend, because it doesn't provide any web page, but only the endpoints, don't you think so?
But there's no way to create only a backend, without being associated to any frontend app, is there? At least Google Plugin for Eclipse only allow you to "Generate App Engine Backend", from an existing app, and moreover this app must be an Android project...
I'm using it as a frontend and there's no problem, but apart from the conceptual issue, I've read that backends are kind of optimized to be backends, with more memory and CPU...
I think you're just confused because the Cloud Endpoints documentation uses the word 'backend' to refer to the entire cloud-hosted server implementation. It doesn't specifically refer to the use of GAE backend instances. Endpoint requests can be served by frontend or backend instances, based on how you set them up and the url being accessed.
From the App Ending docs:
"When an application is called to serve a web request, it must issue a response within 60 seconds"
"App Engine Backends are instances of your application that are exempt from request deadlines and have access to more memory (up to 1GB) and CPU (up to 4.8GHz) than normal instances."
So unless you're requests are doing something crazy, you don't need to use a backend. In the google-plugin-for-eclipse, "generate appengine backend" is talking about creating a backend for your android app... a server for your android app to contact (in this case your android app is the frontend and you're appengine app is the backend). In the example app you can remove the web side (index.html) to the appengine application and you'll have no web frontend. Index.html is using the gapi javascript library to make endpoints calls to your appengine service.
I have a web application running on Google App Engine and need to provide near real time updates to connected web clients. One way would be to use the Google App Engine Channels API, but I'm a bit uneasy about using a proprietary solution.
Are there any reliable hosted services allowing for clients to connect using Socket.IO (with all its supported fallback protocols), and a web server solution running on Google App Engine to publish notifications to it? Any other alternatives that offers the same functionality?
You looking for something like beaconpush.com?
I have the same problem as you.
I've thought about using the Channel API as well however the free quota is quite low (100 channels created per day, each client is one channel).
Here's the solution I'm building:
All of the server logic runs in app engine python runtime
app engine serves all the html and client code
I run a node.js socket.io server on dotcloud (using their free tier)
the node.js server sets up an http server that listens to get requests on a few special url endpoints (ie: myapp-on.dotcloud.com/room/[room_id]) and when it gets called it triggers the socket.io broadcast to the appropriate clients
html clients generated on app engine connect to my myapp-on.dotcloud.com
All user input in the client is sent to app engine via a normal ajax post/get
when the app engine server code needs to push something to the client it makes a url fetch on the appropriate url (myapp-on.dotcloud.com/room/[room_id]) that triggers a message push via socket.io to the connected clients
I'm yet to implement this, but sounds like a workable plan
the idea is to keep all the logic in app engine and only use the socket.io server as a message pusher