通过VPC连接器连接Google Cloud Platform的计算引擎和应用程序引擎 [英] Connecting Google Cloud Platform's compute engine and app engine via VPC connector
问题描述
我想详细了解如何连接Google计算引擎虚拟机实例和应用程序引擎.
I'd like to know in detail how to connect google compute engine virtual machine instance and app engine.
我已经按照以下教程在Google计算引擎上设置了虚拟机实例,并且我的Postgres服务器正在此处运行:
I've set up a virtual machine instance on Google compute engine, and my Postgres server is running there, following this tutorial: https://cloud.google.com/community/tutorials/setting-up-postgres
我已经在我的Google Cloud Platform上的同一项目下部署了flask应用,并创建了一个应用引擎实例.
I've deployed my flask app under the same project on Google Cloud Platform, creating an app engine instance.
我搜索了如何将计算引擎和应用程序引擎连接在一起,似乎可以通过VPC连接器实现:
I searched on how to connect compute engine and app engine together, and it seems it should be possible through a VPC connector: connect Google App Engine and Google Compute Engine
这是我的VPC连接器的外观:
This is what my VPC connector looks like:
无服务器VPC访问
Name Network Region IP address range Min. throughput Max. throughput
connector-name default europe-west2 10.8.0.0/28 200 300
在我的计算引擎上,我的虚拟机实例如下:
On my compute engine, I have my VM instance like so:
Name Zone Internal IP External IP
some-name europe-west2-c 10.154.0.2 (nic0) 34.89.113.193
在我的flask应用上,我试图像这样连接到远程数据库:
On my flask app, I'm trying to connect to my remote DB like so:
db = PostgresqlExtDatabase(
"some-name", # databse name
user="postgres",
password="some-password",
host="10.154.0.2", # remote host internal ip
port=5432,
)
db.connect()
这是我的vpc访问部分的app.yaml,我遵循以下参考文献:
This is my app.yaml for the vpc access part, I've followed this reference: https://cloud.google.com/appengine/docs/standard/python/connecting-vpc#configuring
vpc_access_connector:
name: projects/some-name/locations/europe-west2/connectors/connector-name
如果我理解正确,如果存在VPC连接器,我是否应该能够使用我的VM实例的内部IP地址(本例中为10.154.0.2)进行连接?
If I understood correctly, if the VPC connector is present, I should just be able to connect using the internal IP address of my VM instance(this case, 10.154.0.2)?
问题是,当将应用程序部署用于生产时,它仍然抱怨它无法连接:
The problem is, when the app is deployed for production, It is still complaining that it cannot connect:
2020-09-26 12:54:51 default[20200926t134815] Is the server running on host "10.154.0.2" and accepting
2020-09-26 12:54:51 default[20200926t134815] TCP/IP connections on port 5432?
如果它是内部连接的,虽然我也尝试过,但是我假设我不必将该内部IP添加到防火墙规则中.至于防火墙规则,我已经允许了本地计算机的IP地址,以便可以通过PgAdmin连接到远程Postgres服务器.
If it's connected internally I assume I don't have to add that internal IP to firewall rules, although I did try that as well. As for firewall rules, I have allowed my local machine's IP address so I can connect to the remote Postgres server via PgAdmin.
我实际上也尝试了外部IP(34.89.113.193),尽管这对我来说没有意义.
I've actually tried External IP(34.89.113.193) as well although that doesn't make sense to me.
一般来说,我在网络和后端方面都比较菜鸟,任何帮助将不胜感激.
I'm a bit of a noob on networks and backend stuff in general, any help would be much appreciated.
已更新1 这是我的防火墙规则:
UPDATED 1 This is my firewall rules:
Direction
Ingress, Egress
Action on match
Allow
Source filters
IP ranges
92.40.176.9/32
78.146.103.141/32
10.154.0.2
Protocols and ports
tcp:5432
供参考的图像:截屏以获取防火墙规则列表
推荐答案
事实证明,防火墙/postgres配置都可以,但是由于此VPC连接器方法处于beta状态,因此我需要运行:
It turns out the firewall / postgres configurations were all ok, but because this VPC connector method was on beta, I needed to run:
gcloud beta应用部署
代替通常的
gcloud应用程序部署.
此命令随后更新了gcloud Beta命令,并提示我启用API:
This command then updated gcloud Beta Commands and prompted me to enable API:
API [appengine.googleapis.com].您要启用并重试吗(这将需要几分钟)?(是/否)?
启用此功能后,一切正常.
After enabling this everything worked fine.
这篇关于通过VPC连接器连接Google Cloud Platform的计算引擎和应用程序引擎的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
