连接Google App Engine和Google Compute Engine [英] connect Google App Engine and Google Compute Engine

问题描述

我在Googl Compute Engine和Google App Engine标准环境中的应用程序中创建了一个VM实例.我计划将我的应用程序放在App Engine中，并将数据库服务器放在Compute Engine中.但是，我无法通过内部IP在两者之间建立连接.这可能吗?该应用程序和数据库位于同一区域(us-east1)中，但通过IP的连接不起作用，仅适用于外部IP.显然，防火墙规则是正确的.

I created a VM instance in Googl Compute Engine and app in Google App Engine standard environment. I was planning to have my app in App Engine and my database server in Compute Engine. But, I can't connect between the both by internal IP. Is this possible? the app and db are in the same zone (us-east1) but the connection by IP don't work, only work with external IP. Apparently, the rules of firewall are correct.

推荐答案

截至 2019年4月9日，您可以使用无服务器 VPC 连接器 .

As of April 9, 2019, you can use the serverless VPC connector.

这将使您的App Engine应用程序可以连接到Google Cloud Platform上VPC网络中的其他内部资源，例如Compute Engine VM实例，Cloud Memorystore实例以及具有内部IP地址的任何其他资源.

This will allow your App Engine application to connect to other internal resources in your VPC network on the Google Cloud Platform, such as Compute Engine VM instances, Cloud Memorystore instances, and any other resources with an internal IP address.

要创建连接器，请执行以下操作:

To create a connector:

$ gcloud services enable vpcaccess.googleapis.com
$ gcloud beta compute networks vpc-access connectors create CONNECTOR_NAME \
--network VPC_NETWORK --region REGION --range IP_RANGE
$ gcloud beta compute networks vpc-access connectors describe CONNECTOR_NAME --region REGION

注意:您可以在 Google Cloud Platform Console .您可以选择用于连接器的任何未使用的CIDR/28 IP范围，例如10.8.0.0/28.

Note: You can see which IP ranges are currently reserved in the Google Cloud Platform Console. You can choose any unused CIDR /28 IP range to use for your connector, for example, 10.8.0.0/28.

$ gcloud beta compute networks vpc-access connectors create my-vpc-connector \
--region=us-central1 --range=10.8.0.0/28
Create request issued for: [my-vpc-connector]
Waiting for operation [xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx] to complete...done.  
Created connector [my-vpc-connector]

要将连接器连接到服务，请将其添加到服务的 app.yaml 文件中:

To connect your connector to a service add this to your service's app.yaml file:

vpc_access_connector:
  name: "projects/PROJECT_ID/locations/REGION/connectors/CONNECTOR_NAME"

部署服务:

$ gcloud beta app deploy

注意:要使用无服务器VPC访问，请确保使用gcloud beta部署服务.您可以通过运行 gcloud组件安装beta 来访问Beta命令.

Note: To use Serverless VPC Access, make sure you use gcloud beta to deploy your service. You can get access to beta commands by running gcloud components install beta.

部署服务后，它可以将请求发送到内部IP地址或 DNS名称以便访问您的资源 VPC网络.万一遇到任何麻烦，请等待大约一小时或更长时间，以使连接器在GCP全球网络中完全传播.

After you deploy your service, it is able to send requests to Internal IP addresses or DNS Names in order to access resources in your VPC Networks. In case any trouble please allow about one hour or more to let the connectors are propagated completely in the GCP Global Networks.

这篇关于连接Google App Engine和Google Compute Engine的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！