GCE: How do you create a forwarding rule from port 80 external to port 5555

Question

GCE: How do you create a forwarding rule from port 80 external to port 5555

This is the first time I have used Google's calculation engine. I would like to configure a network loadbalancer (with static ip) that listens on port 80, but is forwarded to the backend server listening on port 5555. All the examples I found show forwarding from 80 to 80, which does not help in my case.

ref: https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules

thanks

+6

google-compute-engine

eSniff Feb 13 '15 at 8:23

source share

2 answers

Port forwarding is currently not a GCE (LB) load balancer function: LBs forward new incoming requests to target pools (TPs) that are distributed among their instances. IP or port mapping is not performed because only the incoming request is redirected. LBs expose ports as they are. Thus, for multiple ports, you can define a range of ports or one LB for each of them.

To achieve something like this, you can use the port forwarding setting with HAProxy, NAT at the instance level using IPTables or redirect clients from port 80 to port 5555 at the software level.

With Kubernetes, you can easily forward a port using services. Services define a proxy server that automatically performs all the necessary iptables masks for port forwarding. Hope this helps.

+2

Antxon Feb 13 '15 at 11:55

source share

eSniff · Accepted Answer · 2015-02-16T02:14:46+0000

after a lot of reading and testing, I found a solution that allows GCE to proxy a request for an internal port on another port. In order to forward another port, I had to install Proxies, ServerPools, UrlMaps, etc., Therefore, the configuration is much more complicated than just a basic network.

############################## # Setting up API port forwarding from external 80 to internal 5555 export INTERNAL_PORT=5555 #The port number that api is running on. export EXTERNAL_PORT=80 #The port number that will be exposed externally by the proxy export ZONE=us-central1-b export NETWORK=mynetwork export INSTANCE_GRP="api-us" export HEALTH_CHECK="api-basic-check" export HEALTH_CHECK_CHECKPATH="/isok" export BK_SRV_SERVICE="api-srv" export PROXY_NAME="api-proxy" export URLMAP_NAME="api-urlmap" export HTTP_FW_NAME="api-http-fw-rule" export ADDRESS_NAME="api-external-ip" export BACKEND_SRV01="apiserver01" gcloud preview instance-groups --zone $ZONE create $INSTANCE_GRP --network $NETWORK gcloud preview instance-groups --zone $ZONE instances \ --group $INSTANCE_GRP add $BACKEND_SRV01 #The load balancing service by default looks for a service with a key of http. gcloud preview instance-groups --zone $ZONE add-service $INSTANCE_GRP \ --port $INTERNAL_PORT --service http gcloud compute http-health-checks create $HEALTH_CHECK \ --check-interval 5s --healthy-threshold 2 \ --port $INTERNAL_PORT --timeout 3s --unhealthy-threshold 4 \ --request-path $HEALTH_CHECK_CHECKPATH gcloud compute backend-services create $BK_SRV_SERVICE \ --http-health-check $HEALTH_CHECK gcloud compute backend-services add-backend $BK_SRV_SERVICE \ --group $INSTANCE_GRP --zone $ZONE gcloud compute url-maps create $URLMAP_NAME --default-service $BK_SRV_SERVICE gcloud compute target-http-proxies create $PROXY_NAME --url-map $URLMAP_NAME #create a static address to expose externally so that we can keep it if we remove the proxy. gcloud compute addresses create $ADDRESS_NAME --global export IP=`gcloud compute addresses describe $ADDRESS_NAME --global --format json | jq --raw-output '.address'` gcloud compute forwarding-rules create $HTTP_FW_NAME --global \ --target-http-proxy $PROXY_NAME --port-range $EXTERNAL_PORT --address $IP echo $IP # This is the IP to use for DNS etc...

GCE: How do you create a forwarding rule from port 80 external to port 5555

More articles: