I have rabbitMQ running as a VM inside a Google Cloud Project. In that same project I have a NodeJS app running in which I am trying to connect to rabbitMQ.
I keep getting the error:
[AMQP] connect ETIMEDOUT ip:port
I think its because in the firewall settings there is specified an allowed IP Range of 0.0.0.0/0.
How would I specify that my NodeJS App is also allowed access?
I have also allowed tcp protocoll on the relevant ports.
So the reason I wasnt able to connect was because I hadn't even deployed the GAE App, rather I tested it with a simple npm start inside of the Google Cloud Shell. As soon as I deployed and connected to the rabbitMQ instance over its internal IP it worked like a charm.
Related
I have a Flask app that is hosted in the Google App Engine. It wants to establish a TCP connection to a server on my local network to send data to the app. Unfortunately, my app can't connect to the server just like that because the IP address of the server is not public.
Unfortunately, I can't find a solution here. Can anyone give me a hint what I need to be able to connect to my network?
On the one hand it would be easier to make the IP address publicly available, but I really want to avoid that.
I would be glad about any help.
You need to create a VPN between your Google Cloud VPC and your private server. Then add a serverless VPC connector to App Engine to route private traffic through it.
I have a app running on GAE and i have a database running on google kubernetes engine. I have successfully tested the working database by forwarding port kubectl port-forward pod-name 3001:3001 and confirmed that it is working.
But my application cannot connect to it. I thought all apps within a project on Google cloud can access via localhost. Is that not true?
If not, then how do i connect my app on GAE to my database on GKE?
There are two ways:
A regular LoadBalancer which opens up the cluster to the public internet.
The other way is to use an internal LoadBalancer which only opens the traffic within google cloud.
Now, whether it opens it across the entire Gcloud network, just your projects or even just the one project is not clear to me. The docs were not clear in that regard either.
Maybe someone from Google Cloud team can help me here.
To convert a LoadBalancer service to an Internal LoadBalancer service, we add the following annotation:
annotations:
cloud.google.com/load-balancer-type: "Internal"
kubectl apply and then after a minute or so kubectl get services. You'll see an external ip address added to your service. The IP will be accessible to other apps on Gcloud, but not from the public internet.
Google Compute Engine instances can be secured behind a firewall that allows you to open the instance by ports and/or IP addresses.
Google App Engine doesn't use a single IP address.
I have a Compute Engine server running Nginx that I would like to completely lock down so the only way to access it is through an application on Google App Engine, is this possible?
If not, is there a simple way to send a POST request with a string of characters to Nginx, that if not present, the Nginx server would send people to a 404?
Use HTTP authentication as per the question Dan has linked to. There is no viable network/IP/firewall mechanism to restrict access.
The HTTP authentication works just fine!
I am trying to build a gRPC backend and trying to deploy it on an AppEngine Managed VM. Is HTTP/2 supported? If not, can I simply expose it on a separate port and disable health checks or should I deploy this on compute engine/container engine.
At this point http/2 is not supported by Managed VMs. The best current solution is to run your http/2 server on a different port and specify the port number to forward in app.yaml (doc link).
You can keep health checking active on the default (8080) port if you want as long as you have an http endpoint listening there as well.
Background
Before dotCloud decides to shut down its free sandbox service, I used it as sort of a reverse proxy to reroute all requests to a particular domain, to a local server of mine in which I'm hosting a Mono based application (.NET 3.5 web app running on a Cent-OS Linux). Essentially, the domain forwarded the requests to my dotCloud app and the app, through SSH, to my local server.
Question
I wonder if similar setup is possible with Google App Engine. Any help is appreciated.
More Information
I got the idea from here. My dotCloud app is nothing but a Nginx configuration file that forwards all http(s) requests to a SSH port that was bound to a local port (which I configured for my web server to use).
As for my motive, well, I bought a host service with PHP stack and later on decided not to use PHP. So in order to avoid another purchase I used dotCloud.