GCE managed group (autoscaling) - Proxy/Load Balancer for both HTTP(S) and TCP requests
I have an autoscaling istance group, i need to setup a Proxy/Load balancer that take request and send it to the istance group.
I thinked to use a Load balancer, but I need to grab both HTTP(S) and TCP requests.
There is some way (or some workaround) to solve this?
EDIT: The problem is that from TCP LB settings i can set the backend service (the managed group that i need to set) only for one port.
google-compute-engine load-balancing static-ip-address
add a comment |
I have an autoscaling istance group, i need to setup a Proxy/Load balancer that take request and send it to the istance group.
I thinked to use a Load balancer, but I need to grab both HTTP(S) and TCP requests.
There is some way (or some workaround) to solve this?
EDIT: The problem is that from TCP LB settings i can set the backend service (the managed group that i need to set) only for one port.
google-compute-engine load-balancing static-ip-address
add a comment |
I have an autoscaling istance group, i need to setup a Proxy/Load balancer that take request and send it to the istance group.
I thinked to use a Load balancer, but I need to grab both HTTP(S) and TCP requests.
There is some way (or some workaround) to solve this?
EDIT: The problem is that from TCP LB settings i can set the backend service (the managed group that i need to set) only for one port.
google-compute-engine load-balancing static-ip-address
I have an autoscaling istance group, i need to setup a Proxy/Load balancer that take request and send it to the istance group.
I thinked to use a Load balancer, but I need to grab both HTTP(S) and TCP requests.
There is some way (or some workaround) to solve this?
EDIT: The problem is that from TCP LB settings i can set the backend service (the managed group that i need to set) only for one port.
google-compute-engine load-balancing static-ip-address
google-compute-engine load-balancing static-ip-address
edited Jan 8 at 10:13
tidpe
asked Nov 14 '18 at 9:31
tidpetidpe
477
477
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
For your use case, a single load balancing configuration available on Google Cloud Platform will not be able to serve the purpose. On the other hand, since you are using managed instance groups (Autoscaling), it can not be used as backend for 2 different load balancers.
As per my understanding, the closest you can go is by using Network load balancing (TCP) and install SSL certificate to handle HTTPS requests
on the instance level.
What do you mean for "setting up SSL on the instance level"?
– tidpe
Nov 22 '18 at 17:10
I have updated my post on the SSL part. I hope this clarifies.
– Tariq
Nov 23 '18 at 20:14
But load balancer doesn't block the request to HTTPS? And in that case, i have the same problem. I can't point my HTTPS requests to a static ip, if that istance "die", ip change :/
– tidpe
Nov 24 '18 at 10:14
1
Network load balancer (NLB) will not block the HTTPS requests. NLB is a pass-through/non-proxied load balancer which will put your resources behind a single anycast IP address (static external) and preserves client IP addresses. NLB picks an instance based on a hash of the source IP and port, destination IP and port, and protocol . (cont.)
– Tariq
Dec 6 '18 at 19:23
(cont). This means that incoming TCP connections are spread across instances and each new connection may go to a different instance. All packets for a connection are directed to the same instance until the connection is closed. If an instance in the group stops, crashes, or is deleted by an action other than the instance groups commands, the managed instance group automatically recreates the instance so it can resume its processing tasks.
– Tariq
Dec 6 '18 at 19:24
|
show 1 more comment
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53296908%2fgce-managed-group-autoscaling-proxy-load-balancer-for-both-https-and-tcp-r%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
For your use case, a single load balancing configuration available on Google Cloud Platform will not be able to serve the purpose. On the other hand, since you are using managed instance groups (Autoscaling), it can not be used as backend for 2 different load balancers.
As per my understanding, the closest you can go is by using Network load balancing (TCP) and install SSL certificate to handle HTTPS requests
on the instance level.
What do you mean for "setting up SSL on the instance level"?
– tidpe
Nov 22 '18 at 17:10
I have updated my post on the SSL part. I hope this clarifies.
– Tariq
Nov 23 '18 at 20:14
But load balancer doesn't block the request to HTTPS? And in that case, i have the same problem. I can't point my HTTPS requests to a static ip, if that istance "die", ip change :/
– tidpe
Nov 24 '18 at 10:14
1
Network load balancer (NLB) will not block the HTTPS requests. NLB is a pass-through/non-proxied load balancer which will put your resources behind a single anycast IP address (static external) and preserves client IP addresses. NLB picks an instance based on a hash of the source IP and port, destination IP and port, and protocol . (cont.)
– Tariq
Dec 6 '18 at 19:23
(cont). This means that incoming TCP connections are spread across instances and each new connection may go to a different instance. All packets for a connection are directed to the same instance until the connection is closed. If an instance in the group stops, crashes, or is deleted by an action other than the instance groups commands, the managed instance group automatically recreates the instance so it can resume its processing tasks.
– Tariq
Dec 6 '18 at 19:24
|
show 1 more comment
For your use case, a single load balancing configuration available on Google Cloud Platform will not be able to serve the purpose. On the other hand, since you are using managed instance groups (Autoscaling), it can not be used as backend for 2 different load balancers.
As per my understanding, the closest you can go is by using Network load balancing (TCP) and install SSL certificate to handle HTTPS requests
on the instance level.
What do you mean for "setting up SSL on the instance level"?
– tidpe
Nov 22 '18 at 17:10
I have updated my post on the SSL part. I hope this clarifies.
– Tariq
Nov 23 '18 at 20:14
But load balancer doesn't block the request to HTTPS? And in that case, i have the same problem. I can't point my HTTPS requests to a static ip, if that istance "die", ip change :/
– tidpe
Nov 24 '18 at 10:14
1
Network load balancer (NLB) will not block the HTTPS requests. NLB is a pass-through/non-proxied load balancer which will put your resources behind a single anycast IP address (static external) and preserves client IP addresses. NLB picks an instance based on a hash of the source IP and port, destination IP and port, and protocol . (cont.)
– Tariq
Dec 6 '18 at 19:23
(cont). This means that incoming TCP connections are spread across instances and each new connection may go to a different instance. All packets for a connection are directed to the same instance until the connection is closed. If an instance in the group stops, crashes, or is deleted by an action other than the instance groups commands, the managed instance group automatically recreates the instance so it can resume its processing tasks.
– Tariq
Dec 6 '18 at 19:24
|
show 1 more comment
For your use case, a single load balancing configuration available on Google Cloud Platform will not be able to serve the purpose. On the other hand, since you are using managed instance groups (Autoscaling), it can not be used as backend for 2 different load balancers.
As per my understanding, the closest you can go is by using Network load balancing (TCP) and install SSL certificate to handle HTTPS requests
on the instance level.
For your use case, a single load balancing configuration available on Google Cloud Platform will not be able to serve the purpose. On the other hand, since you are using managed instance groups (Autoscaling), it can not be used as backend for 2 different load balancers.
As per my understanding, the closest you can go is by using Network load balancing (TCP) and install SSL certificate to handle HTTPS requests
on the instance level.
edited Nov 23 '18 at 20:09
answered Nov 21 '18 at 18:50
TariqTariq
325
325
What do you mean for "setting up SSL on the instance level"?
– tidpe
Nov 22 '18 at 17:10
I have updated my post on the SSL part. I hope this clarifies.
– Tariq
Nov 23 '18 at 20:14
But load balancer doesn't block the request to HTTPS? And in that case, i have the same problem. I can't point my HTTPS requests to a static ip, if that istance "die", ip change :/
– tidpe
Nov 24 '18 at 10:14
1
Network load balancer (NLB) will not block the HTTPS requests. NLB is a pass-through/non-proxied load balancer which will put your resources behind a single anycast IP address (static external) and preserves client IP addresses. NLB picks an instance based on a hash of the source IP and port, destination IP and port, and protocol . (cont.)
– Tariq
Dec 6 '18 at 19:23
(cont). This means that incoming TCP connections are spread across instances and each new connection may go to a different instance. All packets for a connection are directed to the same instance until the connection is closed. If an instance in the group stops, crashes, or is deleted by an action other than the instance groups commands, the managed instance group automatically recreates the instance so it can resume its processing tasks.
– Tariq
Dec 6 '18 at 19:24
|
show 1 more comment
What do you mean for "setting up SSL on the instance level"?
– tidpe
Nov 22 '18 at 17:10
I have updated my post on the SSL part. I hope this clarifies.
– Tariq
Nov 23 '18 at 20:14
But load balancer doesn't block the request to HTTPS? And in that case, i have the same problem. I can't point my HTTPS requests to a static ip, if that istance "die", ip change :/
– tidpe
Nov 24 '18 at 10:14
1
Network load balancer (NLB) will not block the HTTPS requests. NLB is a pass-through/non-proxied load balancer which will put your resources behind a single anycast IP address (static external) and preserves client IP addresses. NLB picks an instance based on a hash of the source IP and port, destination IP and port, and protocol . (cont.)
– Tariq
Dec 6 '18 at 19:23
(cont). This means that incoming TCP connections are spread across instances and each new connection may go to a different instance. All packets for a connection are directed to the same instance until the connection is closed. If an instance in the group stops, crashes, or is deleted by an action other than the instance groups commands, the managed instance group automatically recreates the instance so it can resume its processing tasks.
– Tariq
Dec 6 '18 at 19:24
What do you mean for "setting up SSL on the instance level"?
– tidpe
Nov 22 '18 at 17:10
What do you mean for "setting up SSL on the instance level"?
– tidpe
Nov 22 '18 at 17:10
I have updated my post on the SSL part. I hope this clarifies.
– Tariq
Nov 23 '18 at 20:14
I have updated my post on the SSL part. I hope this clarifies.
– Tariq
Nov 23 '18 at 20:14
But load balancer doesn't block the request to HTTPS? And in that case, i have the same problem. I can't point my HTTPS requests to a static ip, if that istance "die", ip change :/
– tidpe
Nov 24 '18 at 10:14
But load balancer doesn't block the request to HTTPS? And in that case, i have the same problem. I can't point my HTTPS requests to a static ip, if that istance "die", ip change :/
– tidpe
Nov 24 '18 at 10:14
1
1
Network load balancer (NLB) will not block the HTTPS requests. NLB is a pass-through/non-proxied load balancer which will put your resources behind a single anycast IP address (static external) and preserves client IP addresses. NLB picks an instance based on a hash of the source IP and port, destination IP and port, and protocol . (cont.)
– Tariq
Dec 6 '18 at 19:23
Network load balancer (NLB) will not block the HTTPS requests. NLB is a pass-through/non-proxied load balancer which will put your resources behind a single anycast IP address (static external) and preserves client IP addresses. NLB picks an instance based on a hash of the source IP and port, destination IP and port, and protocol . (cont.)
– Tariq
Dec 6 '18 at 19:23
(cont). This means that incoming TCP connections are spread across instances and each new connection may go to a different instance. All packets for a connection are directed to the same instance until the connection is closed. If an instance in the group stops, crashes, or is deleted by an action other than the instance groups commands, the managed instance group automatically recreates the instance so it can resume its processing tasks.
– Tariq
Dec 6 '18 at 19:24
(cont). This means that incoming TCP connections are spread across instances and each new connection may go to a different instance. All packets for a connection are directed to the same instance until the connection is closed. If an instance in the group stops, crashes, or is deleted by an action other than the instance groups commands, the managed instance group automatically recreates the instance so it can resume its processing tasks.
– Tariq
Dec 6 '18 at 19:24
|
show 1 more comment
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53296908%2fgce-managed-group-autoscaling-proxy-load-balancer-for-both-https-and-tcp-r%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown