As I know the GAE does not support use the raw TCP/IP sockets, i.e. java.net.ServerSocket. Is there any other well known cloud service I can use it? E.g. Amazon EC2?
My client application needs the permanent TCP connection to the server...
Thanks a lot
STeN
Any IaaS provider will allow to do that. IaaS is Infrastracture as a Service, where Amazon EC2 is the most known one. In IaaS you can do all the same things that you could do with a dedicated server. The only difference is that it is using visualization and you can deploy and undeploy servers within minutes. You can find a number of IaaS providers at cloudorado.com .
GAE is PaaS - Platform as a Service. You don't play there with servers at all, you even don't know how many servers is your application using. You just put your app (like war) into the service and it hosts it. The platform will take care of scaling, distributing, etc. But there is an expense - you need to limit yourself, since the application needs to almost stateless (apart from session object). You cannot start your own services, db servers, start threads, etc.
EDIT: It appears now to be possible with GAE Managed VMs: https://cloud.google.com/appengine/docs/managed-vms/
sockets in GAE is a coming soon feature.
I read from here http://code.google.com/p/googleappengine/wiki/SdkForGoReleaseNotes
For now you need to sign up as a trusted tester to use this feature, but I guess this will be available to the public in the future.
Related
Problem. I'm looking for an agile way to shoot a docker container (stored on GCR.IO) to a managed service on GCP:
one docker container gcr.io/project/helloworld with private data (say, Cloud SQL backend) - can't face the real world.
a bunch of IPs I want to expose it to: say [ "1.2.3.4" , "2.3.4.0/24" ].
My ideal platform would be Cloud Run, but also GAE works.
I want to develop in agile way (say deploy with 2-3 lines of code), is it possible run my service secretly and yet super easily? We're not talking about a huge production project, we're talking about playing around and writing a POC you want to share securely over the internet to a few friends making sure the rest of the world gets a 403.
What I've tried so far.
The only think that works easily is a GCE vm with docker-friendly OS (like cos) where I can set up firewall rules. This works, but it's a lame docker app on a disposable VM. Machine runs forever and dies at reboot unless I stabilize it on cron/startup. Looks like I'm doing somebody else's job.
Everything else I've tried so far failed:
Cloud Run. Amazing but can't set up firewall rules on it, or Cloud Director, .. seems to work only with IAP which is painful to set up.
GAE. Works with multiple IPs and can't detach public IPs or firewall it. I managed to get the IP filtering within the app but seems a bit risky. I don't [want to] trust my coding skills :)
Cloud Armor. Only supports a HTTPS Load Balancer which I don't have. Nor I have MIGs to point to. I want simplicity.
Traffic Director and need a HTTP L7 balancer. But I have a docker container, on a single pod. Why do I need a LB?
GKE. Actually this seems to work: [1] but it's not fully managed (I need to create cluster, pods, ..)
Is this a product deficiency or am I looking at the wrong products? What's the simplest way to achieve what I want?
[1] how do I add a firewall rule to a gke service?
Please limit your question to one service. Not everyone is an expert on all Google Cloud services. You will have a better chance of a good answer for each service if they are separate questions.
In summary, if you want to use Google Cloud Security Groups to control IP based access you need to use a service that runs on Compute Engine as security groups are part of the VPC feature set. App Engine Standard and Cloud Run do not run within your project's VPC. This leaves you with App Engine Flex, Compute Engine, and Kubernetes.
I would change strategies and use Google Cloud Run managed by authentication. Access is controlled by Google Cloud IAM via OAuth tokens.
Cloud Run Authentication Overview
I have agreed with the John Hanley’s reply and I have up-voted his answer.
Also, I’ve learned that you are looking how to restrict access to your service through GCP.
By setting a firewall rules, You can limit access to your service by limiting the Source IP range as Allowed source, so that only this address will be allowed as source IP.
Please review another thread in Server Fault [1], stating how to “Restrict access to single IP only”.
https://serverfault.com/questions/901364/restrict-access-to-single-ip-only
You can do quite easily with a Serverless NEG for Cloud Run or GAE
If you're doing this in Terraform you can follow this article
I have deployed an application to Google App Engine which will be consumed by millions of users.
I want to test the application against high amount of traffic before go live just to make sure i have provided the correct configuration that supports auto load balancing and scale-ability.
While going through google documentations. App Engine should handle all of this headache, but i have to be sure 100%.
Is there are anything should i put in mind before go live (database connection, other resources in the cloud storage,..., etc.)?
Thanks.
You should look into making sure your are using the Cloud SQL instance effectively. For example, how many total connections do you expect to have from your app engine to MySQL?
There's ultimately a limit on the number of concurrent connections that a MySQL server can handle. You would want to make sure your application is designed such that you are reusing connections when possible.
I would recommend performing a load test to determine the limits of your application and its dependencies.
From looking at App Engine's XMPP docs at https://cloud.google.com/appengine/docs/go/xmpp/
It seems that Google only offers a client to be hosted on appengine, but not the XMPP server itself. For that, one needs to use a different host (such as GTalk)
Am I understanding this correctly?
If so- does that mean I must host my own xmpp server (ejabbered) if I want on-the-fly session-based clients?
If that is also true- then is there a mechanism in ejabbered for lightweight session-based clients? (i.e. many to be quickly created and destroyed- only needs to respond to presence requests for the duration of the session, will never be used again)
Is there a stable, scalable host out there that can do this for me so I don't need to worry about the ejabbered server going down (whether it's hosted on AWS,GCE, etc. the beauty of AppEngine so far was I never had to worry about that)
Thanks!
To address your questions:
Am I understanding this correctly?
You use to have to use Google Talk XMPP service, but I guess, yes, now you need to deploy your own server.
If so- does that mean I must host my own xmpp server (ejabbered) if I want on-the-fly session-based clients?
Not sure what "on-the-fly" session means, but yes, it seems you need your own server.
If that is also true- then is there a mechanism in ejabbered for lightweight session-based clients? (i.e. many to be quickly created and destroyed- only needs to respond to presence requests for the duration of the session, will never be used again)
Not sure what you mean by this. XMPP is a connected protocol. It means the session is linked to having a TCP connection opened. That said, ejabberd SaaS allows to maintain the session for a while if you do lose the connection (designed for mobile). You can simply reattach to it.
And by the way: In XMPP, you do not "respond to presence request". This is the reverse: Your presence is broadcasted to your contact (roster)
Is there a stable, scalable host out there that can do this for me so I don't need to worry about the ejabbered server going down (whether it's hosted on AWS,GCE, etc. the beauty of AppEngine so far was I never had to worry about that)
The easiest (and arguably cheapest) way to use ejabberd is to use ejabberd SaaS, managed by ProcessOne, developer of ejabberd (I am developer of ejabberd and founder of ProcessOne).
Is it possible to create a google app engine program that would route http requests to a server on a local network?
What would be the best way to build a program like this?
I am trying to get away from buying a server from a hosting provider and simply use a local network server instead, and use google apps as a sort of proxy. The firewall would be configured to allow access to the server from the google app engine servers only.
If this has been done before in an open source project that would be excellent, but I have not been able to find one.
If all you want is a domain name that points to your dynamic IP address, you could give Dynamic DNS a try. It's designed for your use case, and you won't need to write any code; you just need either a router that supports it or a server with cron. There are lots of providers, but I've had good experiences with Dyn DNS, specifically their Remote Access plan.
This question is cross-posted on bitcoin.stackexchange, stackoverflow and bitcointalks.
I'm planning to build an application on Google App Engine that will heavily make use of Bitcoin trading. I've been Googling along a little but I couldn't find whether it is possible to run Bitcoin itself on App Engine (with Java). I have some experience with App Engine, but limited to a pure web-app centered usage.
I've read about a few people that have made applications using Bitcoin with App Engine as well that are hosting Bitcoin separately on an Amazon EC2 instance.
So, does anyone here either has experience with running Bitcoin in App Engine for Java or would anyone have an idea how this could possibly be done?
I know there are a lot of Bitcoin applications out there, I'd like to know how these manage their Bitcoin traffic.
I'm trying to avoid needing a separate Amazon service running all the time next to App Engine.
In fact, receiving Bitcoin can easily be done by using passive APIs like blockexplorer or blockchain, so I'm considering to find a reliable API to handle my outgoing payments. But this approach causes extreme dependency on this API service, which I actually want to avoid as much as possible.
I think you summed up the possiblities already.
depend on an external service providing notifications for
transactions and sending them i would advise against this.
have a second server running permanently and connect to it using json-rpc
running any type of p2p node on app engine will fail, because of the threading limitations on GAE.
a third possibility would be to use a stratum/electrum supernode, that way you are dependant on a 3rd party service, but at least it is well documented and you can set up one yourself easily. AFAIK, stratum is based on http.
source: i programmed a GAE app dealing with bitcoins about 6 monts ago. (using the second server approach)