All geek questions in one place

Adding ip with forwarding rules in the Google Cloud

Can someone provide a tutorial on how to add an additional ip to my instance using forwarding in the Google Cloud?

The documentation is currently too complicated and not useful. It does not indicate where the command should be executed, and the instruction is too vague.

I am trying to configure a new instance, but I could not figure out how to configure the redirection of all traffic from this instance to another instance. I would really appreciate it if someone could cover this topic.

thanks.

+5
source share
2 answers

I understood your question differently (compared to the other answer). I understand that you need a second public IP address pointing to an instance that already has its own public IP address. If so, follow these steps:

  • Let's start with the SDK, as you mentioned:

    It does not indicate where the command should be executed and the instruction is too vague

Commands are executed in your terminal after you have downloaded and installed the Google Cloud SDK . On Linux / OS X, this will be:

curl https://sdk.cloud.google.com | bash

This link has a 3-step manual with additional information.

  1. Run the command:

     gcloud compute instances list

to get a list of your instances and the zone in which they belong. Note the NAME and ZONE of the instance you need to work with. Note that the REGION required in the commands below is the first part of the ZONE field. (For example: ZONE: us-central1-f, then REGION is us-central1)

  1. Create a static public IP to receive the traffic you want to forward:

     gcloud compute addresses create NAME gcloud compute addresses create targ-ip-1

where is NAME again, of your choice. It will tell you for the region (select the same region where your instance is located). This command will return the IP, say: WXYZ

  1. Then you need to create the target instance :

     gcloud compute target-instances create NAME --instance INSTANCE gcloud compute target-instances create targ-ins-1 --instance instance-1

where NAME is the name of your choice for the target instance. INSTANCE is the name of the instance that will process traffic from one or more forwarding rules. It will request a zone (select the same zone where your instance is located).

You can also create target-pools to point to multiple instances at once, and not just to the target instance.

  1. Create a forwarding rule using the target instance and the static public IP that you just created:

     gcloud compute forwarding-rules create NAME --address ADDRESS --target-instance TARGET_INSTANCE --target-instance-zone TARGET_INSTANCE_ZONE --ip-protocol IP_PROTOCOL --port-range [PORT | PORT-PORT] gcloud compute forwarding-rules create fwd-rule-1 --address WXYZ --target-instance targ-ins-1 --target-instance-zone us-central1-f --ip-protocol TCP --port-range 5678-5680

Where:

  • NAME: name of your choice for forwarding rule
  • ADDRESS: IP address that you reserved in step 3
  • TARGET_INSTANCE: name of the target instance created in step 4
  • TARGET_INSTANCE_ZONE: The zone in which your target instance belongs.
  • IP_PROTOCOL (optional): The IP protocol that this rule will use. If left empty, TCP is used. Supported protocols: AH, ESP, SCTP, TCP, UDP.
  • PORT (optional): if specified, only packets addressed to ports in the specified range will be redirected. If not specified, all ports match

You will be asked to select the region in which this rule will belong.

To verify your rule, you can list the configured forwarding rules as follows:

 gcloud compute forwarding-rules list

You should begin to receive traffic pointing to the new public IP in the instance of your choice.

+4
source

As for your question, I see that you want to configure a routing rule so that all traffic from an instance is redirected through another instance .

It should not be too complicated to configure, the best example I can imagine at the moment is the configuration used in "Configuring NAT gateway" from Google Help Center documents.

Note the following more specifically (from step 5 in the manual):

 $ gcloud compute routes create no-ip-internet-route --network gce-network \ --destination-range 0.0.0.0/0 \ --next-hop-instance nat-gateway \ --next-hop-instance-zone us-central1-a \ --tags no-ip --priority 800

We can break it down to better understand exactly what this rule does:

  • We create a route in the "gce-network", and we call it "no-ip-internet-route".
  • --destination-range 0.0.0.0/0 should indicate that traffic destined for any destination should be affected by this rule. We mean the traffic that will leave our instance.
  • The --next-hop-instance nat-gateway should indicate that after the rule starts, traffic should be sent to the nat-gateway instance as the next transition.
  • --next-hop-instance-zone us-central1-a is just to specify the zone of our gateway machine.
  • --tags no-ip --priority 800 used to say that only those that have a no-ip tag should act on it. (while they are on the network in which this rule is created), and we also set a β€œhigher” priority for the rule to ensure that it takes precedence over other rules.

Based on the foregoing, any instance that has the no-ip tag will always forward its outgoing traffic to the nat-gateway instance. Thus, the nat-gateway instance automatically becomes the next-hop for all outgoing traffic from the marked instance.

You can use a similar setting to figure out your routing rules and create them based on this, however, note that the "nat-gateway" used in this example has certain features, such as forwarding IP addresses and, in effect, acts as router and becomes the default gateway for instances marked with the rule.

You also asked : how to add an additional ip to my instance using forwarding in the Google Cloud?

Technically, you can simply add your instance to the 'target pool' and then create a forwarding rule to redirect the required traffic to that instance. The forwarding rule will give you an additional IP address. You can also use this for SSH for the instance through the IP address of the forwarding rule as long as you redirect traffic to port 22 or any port that the instance is configured to listen on.

+2
source

Source: https://habr.com/ru/post/1209218/

More articles:


All Articles