如何移植Google Compute Engine实例? [英] How to port forward Google Compute Engine Instance?
问题描述
我已经使用Google Compute Engine平台设置了VPS.在该实例中,我建立了一个MongoDB数据库,该数据库在默认端口21017本地托管.我还建立了一个基于REST API的NodeJS服务器,该服务器在8080端口进行了快速侦听.
I've set up a VPS using the Google Compute Engine platform. In the instance, I've established a MongoDB database that's being locally hosted at the default port 21017. I've also set up a REST API based NodeJS server with express listening in on connections at port 8080.
现在,我只能在内部访问NodeJS站点.如何将VPS端口8080暴露给外部IP地址,以便可以在任何地方访问API?
Right now, I can only access the NodeJS site internally. How do I expose the VPS port 8080 to the external ip address so that I can access the API anywhere?
我尝试了对这篇文章的回答:启用通过HTTP端口访问Google Compute Engine实例.
I tried following along an answer to this post: Enable Access Google Compute Engine Instance Via HTTP Port.
但这并不能解决我的问题
But that did not solve my issue
推荐答案
默认防火墙规则
默认情况下,Google Compute Engine防火墙会阻止所有进入虚拟机的入口流量(即传入的网络流量).如果您的VM是在默认网络上创建的,则允许使用很少的端口,例如22(ssh),3389(RDP).
Default Firewall rules
Google Compute Engine firewall by default blocks all ingress traffic (i.e. incoming network traffic) to your Virtual Machines. If your VM is created on the default network, few ports like 22 (ssh), 3389 (RDP) are allowed.
此处描述了入口防火墙规则.
推荐的方法是创建一个防火墙规则,该规则允许端口8080到包含您选择的特定标记的VM.然后将此标签与您要允许进入8080的VM关联.
The recommended approach is to create a firewall rule which allows port 8080 to VMs containing a specific tag you choose. Then associate this tag on the VMs you would like to allow ingress 8080.
如果使用gcloud,则可以执行以下步骤:
If you use gcloud, you can do that using the following steps:
# Create a new firewall rule that allows INGRESS tcp:8080 with VMs containing tag 'allow-tcp-8080'
gcloud compute firewall-rules create rule-allow-tcp-8080 --source-ranges 0.0.0.0/0 --target-tags allow-tcp-8080 --allow tcp:8080
# Add the 'allow-tcp-8080' tag to a VM named VM_NAME
gcloud compute instances add-tags VM_NAME --tags allow-tcp-8080
# If you want to list all the GCE firewall rules
gcloud compute firewall-rules list
这是另一个堆栈溢出答案,它将引导您逐步了解如何使用Cloud允许特定端口上的流量进入虚拟机控制台Web UI(除了gcloud之外).
Here is another stack overflow answer which walks you through how to allow ingress traffic on specific ports to your VM using Cloud Console Web UI (in addition to gcloud).
您链接的答案仅描述如何分配静态IP地址并将其分配给您的VM.此步骤与防火墙规则无关,因此,如果您要使用静态IP地址,则可以结合使用.
The answer you linked only describes how to allocate a Static IP address and assign it to your VM. This step is independent of the firewall rules and hence can be used in combination if you would like to use static IP addresses.
这篇关于如何移植Google Compute Engine实例?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
