连接Google App Engine和Google Compute Engine
[英]connect Google App Engine and Google Compute Engine
问题描述
I created a VM instance in Googl Compute Engine and app in Google App Engine standard environment. 
我在Googl Compute Engine和Google App Engine标准环境中的应用程序中创建了VM实例。 I was planning to have my app in App Engine and my database server in Compute Engine. 我打算将我的应用程序放在App Engine中,并将数据库服务器放在Compute Engine中。 But, I can't connect between the both by internal IP. 但是,我无法通过内部IP在两者之间建立连接。 Is this possible? 这可能吗? the app and db are in the same zone ( us-east1 ) but the connection by IP don't work, only work with external IP. 该应用程序和数据库位于同一区域( us-east1 ),但通过IP的连接不起作用,仅适用于外部IP。 Apparently, the rules of firewall are correct. 显然,防火墙规则是正确的。
3 个解决方案
解决方案1
3 2017-11-16 07:34:53
For connecting through a private IP you need that the app and DB will be in the same network. 为了通过私有IP连接,您需要将应用程序和数据库放在同一网络中。 You can't achieve that with app engine standard, you need app engine flex for this (see here how to set the network of your app engine flex instances) 使用App Engine标准无法实现这一点,您需要为此使用App Engine Flex(请参阅此处,如何设置App Engine Flex实例的网络)
解决方案2
1 2017-11-18 04:25:39
You will have to connect using the external IP address of the service running on your Compute Engine instance. 您将必须使用在Compute Engine实例上运行的服务的外部IP地址进行连接。 App Engine standard environment is on a different network than the Compute Engine instances and don't have private IP access to each other currently. App Engine标准环境与Compute Engine实例位于不同的网络上,并且目前彼此之间没有私有IP访问。 Switching to an application (or service of an application) on the flexible environment might work for you if the costs associated make sense. 如果相关费用合理,则在灵活环境上切换到应用程序(或应用程序的服务)可能对您有用。
解决方案3
1 2019-08-20 10:46:39
As of April 9, 2019 , you can use the serverless VPC connector .
This will allow your App Engine application to connect to other internal resources in your VPC network on the Google Cloud Platform, such as Compute Engine VM instances, Cloud Memorystore instances, and any other resources with an internal IP address . 这将使您的App Engine应用程序可以连接到Google Cloud Platform上VPC网络中的其他内部资源,例如Compute Engine VM实例,Cloud Memorystore实例以及具有内部IP地址的任何其他资源。
To create a connector: 要创建连接器:
$ gcloud services enable vpcaccess.googleapis.com
$ gcloud beta compute networks vpc-access connectors create CONNECTOR_NAME \
--network VPC_NETWORK --region REGION --range IP_RANGE
$ gcloud beta compute networks vpc-access connectors describe CONNECTOR_NAME --region REGION
Note: You can see which IP ranges are currently reserved in the Google Cloud Platform Console . 注意:您可以在Google Cloud Platform Console中查看当前保留了哪些IP范围。 You can choose any unused CIDR /28 IP range to use for your connector, for example, 10.8.0.0/28. 您可以选择任何未使用的CIDR / 28 IP范围用于连接器,例如10.8.0.0/28。
$ gcloud beta compute networks vpc-access connectors create my-vpc-connector \
--region=us-central1 --range=10.8.0.0/28
Create request issued for: [my-vpc-connector]
Waiting for operation [xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx] to complete...done.
Created connector [my-vpc-connector]
To connect your connector to a service add this to your service's app.yaml file: 要将连接器连接到服务,请将其添加到服务的app.yaml文件中:
vpc_access_connector:
name: "projects/PROJECT_ID/locations/REGION/connectors/CONNECTOR_NAME"
Deploy the service: 部署服务:
$ gcloud beta app deploy
Note: To use Serverless VPC Access, make sure you use gcloud beta to deploy your service. 注意:要使用无服务器VPC访问,请确保使用gcloud beta部署服务。 You can get access to beta commands by running gcloud components install beta . 您可以通过运行gcloud组件install beta来访问beta命令。
After you deploy your service, it is able to send requests to Internal IP addresses or DNS Names in order to access resources in your VPC Networks . 部署服务后,它可以将请求发送到内部IP地址或DNS名称 ,以访问VPC网络中的资源。 In case any trouble please allow about one hour or more to let the connectors are propagated completely in the GCP Global Networks. 万一遇到任何麻烦,请等待大约一小时或更长时间,以使连接器在GCP全球网络中完全传播。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.