简体   繁体   English

从App Engine Standard连接到kubernetes引擎

[英]Connect to kubernetes engine from app engine standard

We want to access some services on Google Kubernetes Engine from a Google App Engine standard via http(s). 我们想通过http(s)从Google App Engine标准访问Google Kubernetes Engine上的某些服务。 We don't want to expose the services to external networks because of security. 由于安全性,我们不想将服务公开给外部网络。

  • app engine flexible can use private network with an internal loadbalancer or vpc ( post ). App Engine flexible可以将私有网络与内部负载均衡器vpc结合使用post )。 How about app engine standard? App Engine标准如何?

  • 2 years ago, we could not do it. 2年前,我们做不到。 ( post ) 发布

  • We can set rules about IP addresses, but an IP address for an app engine standard is not static. 我们可以设置有关IP地址的规则,但是应用引擎标准的IP地址不是静态的。

What is the best solution? 最好的解决方案是什么?

Thanks for your help. 谢谢你的帮助。

app engine flexible can use private network with an internal loadbalancer or vpc(post). App Engine flexible可以将专用网络与内部负载均衡器或vpc(post)结合使用。 How about app engine standard? App Engine标准如何?

Not really as per this : 不是真的这样

"A VPC network, sometimes just called a “network,” is a virtual version of a physical network, like a data center network. It provides connectivity for your Compute Engine virtual machine (VM) instances, Kubernetes Engine clusters, App Engine Flex instances, and other resources in your project." “ VPC网络,有时也称为“网络”,是物理网络的虚拟版本,例如数据中心网络。它为Compute Engine虚拟机(VM)实例,Kubernetes Engine群集,App Engine Flex实例提供连接,以及您项目中的其他资源。”

We can set rules about IP addresses, but an IP address for an app engine standard is not static. 我们可以设置有关IP地址的规则,但是应用引擎标准的IP地址不是静态的。

Yes. 是。 They are always changing. 他们总是在变化。 The recommendation here is to their Static IP range combined with: 建议将其静态IP范围结合使用:

Instead, we suggest that you take a defense in depth approach using OAuth and Certs . 相反,我们建议您使用OAuthCerts 进行深度防御

You could also look at things like Cloud Armor (in alpha as of this writing), or a Virtual WAF . 您还可以查看Cloud Armor (在撰写本文时为Alpha)或Virtual WAF之类的东西 Longer term it would make more sense to move your workloads from Google App engine into GKE. 从长远来看,将您的工作负载从Google App引擎转移到GKE更有意义。

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从app引擎连接到kubernetes引擎 - Connect to kubernetes engine from app engine 如何从App Engine连接到Google Compute或Kubernetes Engine? - How to connect to Google Compute or Kubernetes Engine from App Engine? 在App Engine标准和Kubernetes(容器引擎)之间选择 - Deciding between App Engine Standard and Kubernetes(Container Engine) Google Cloud Memorystore通过“ App Engine Java标准环境”进行连接 - Google Cloud Memorystore connect from “App Engine Java Standard Environment” 允许App Engine标准环境连接到Compute Engine Mysql - Allow App Engine Standard Environment to connect to Compute Engine Mysql 从App Engine(标准环境)网址获取Google Compute Engine的网址 - URL Fetch Google Compute Engine from App Engine (Standard Env) 从 App Engine Flex 切换到标准 - Switching from App Engine Flex to Standard 无法使用 laravel 应用程序和 unix 套接字从应用程序引擎 php 标准环境连接到云 mysql - Can't connect to cloud mysql from app engine php standard environment with laravel app and unix socket Google App Engine标准到App Engine Flex - Google App Engine Standard to App Engine Flex 从标准环境迁移到Flex App Engine环境后,现在Cloud SQL将无法连接 - Migrated from standard to flex App Engine environment, now Cloud SQL won't connect
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM