API Gateway and load balancer
1,300 views
Skip to first unread message
Espen Zachrisen
Feb 19, 2021, 11:00:27 AM2/19/21
to api-gateway-users
In the doc (https://cloud.google.com/api-gateway/docs/deployment-model) there's a reference to putting the API Gateway behind an external load balancer:
Are the API Gateways in regions 1-3 set up as Internet NEGs in the load balancer?
Does anyone have an example ?
-- Espen
Denis Loginov
Mar 4, 2021, 7:46:28 PM3/4/21
to api-gateway-users
Hi Espen,
This is not an official answer, but I'm looking to do the same and I think Chris confirmed that previously:
> That’s true, you can use an internet NEG to configure load balancer integration, but with the downside that the direct gateway URL is still available.
(he also confirmed this is how we could set up a custom domain for API GW currently).
There are some limitations with this approach, however, e.g. (my wording):
> However, the reason Cloud Armor is not effective for it yet is because internal-and-gclb ingress setting is not supported by API Gateway. So any Cloud Armor restrictions could be bypassed by making calls directly to the API Gateway endpoint.
That being said, the direct API Gateway is not inherently discoverable (even through DNS queries), so this may not be as much of a concern.
I haven't tried this yet, but very much looking to do it. If you try first, please let me know also if that works for you (I'll post back my findings also).
There's also https://groups.google.com/g/api-gateway-trusted-testers, where you can find more information about this question ;-)
Best,
Denis
Denis Loginov
Mar 6, 2021, 1:03:37 AM3/6/21
to api-gateway-users
I now recall my previous question about this :-)
> for an HTTPS LB, it only seems possible to use an Internet NEG to interface with an API Gateway. But Internet NEG docs [2] say that only a single INTERNET_FQDN_PORT is supported per backend. This seems to make it impossible to use a URL scheme where a single host/path combination is balanced between multiple regions, depending only on the client IP. Could you clarify what scheme is meant in the diagram for API 3 from [1]
So perhaps I'm just as stuck as you with this, at this point. The cross-regional diagram doesn't seem to be possible atm, given these limitations..
Rania Mohamed
Mar 7, 2021, 8:18:08 AM3/7/21
to Denis Loginov, api-gateway-users
Hi Espen,
I did the setup of the GLB for API Gateway for a client using NEG and it works fine except for the geo-region based routing, I was able to do it using a work around but not direct or out of the box as all the API Gateway public IPs are all setup in US-central based IPs and it is tied to the region hosting the API-Gateway.
That's why for the geo based routing now the API Gateway team is working with the GLB team to extend the serveless NEG to add API Gateway as an endpoint:
My Understanding that the feature should be ready this quarter so sometimes this month.
Please let me know in case you have any questions or concerns, I would always be happy to help out with anything :).
thanks,
-rania
--
You received this message because you are subscribed to the Google Groups "api-gateway-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to api-gateway-us...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/api-gateway-users/4ea46704-2087-4a92-a9c5-5b97cc2175f9n%40googlegroups.com.
Espen Zachrisen
Mar 9, 2021, 3:10:30 PM3/9/21
to api-gateway-users
Thank you, Rania. That makes sense. We'll check it out and see if it'll work for us for now. Looking forward to the official support for the API Gateway as an endpoint group!
-- Espen
Pasha Seliverstov
Apr 9, 2021, 5:37:43 PM4/9/21
to api-gateway-users
Hi Rania,
Thank you for the detailed response.
Today is 9th of April. Are any updates on geo-region based routing?
Best regards,
Pasha
Rania Mohamed
Apr 12, 2021, 3:26:26 AM4/12/21
to Pasha Seliverstov, api-gateway-users
Hi Pasha,
I tried it again this weekend and still the serverless NEG only supports CF, Cloud Run and App Engine so unfortunately the geo-region based routing is still not available thru our LBs out of the box.
Please let me know in case you have any concerns or questions I would always be glad to help out with anything :)
thanks,
-rania
To view this discussion on the web visit https://groups.google.com/d/msgid/api-gateway-users/e8397910-9b61-405a-92a8-4c1f79c8d8aan%40googlegroups.com.
Stephen Gaffney
May 25, 2021, 11:51:50 AM5/25/21
to api-gateway-users
Hi All,
Any update on the timeline for this new feature?
Thanks
Thanks
Stephen
Rania Mohamed
May 25, 2021, 11:59:51 AM5/25/21
to Stephen Gaffney, api-gateway-users
Hi Stephen,
If you are referencing the Serverless NEG supporting API gateway in order to have our LBs supporting the implementation of geo location based routing, yes we have it now in a preview mode :).
Unfortunately, it is still not supported yet from the console, today the preview is only enabling the feature in an alpha mode thru gcloud cli, though I would expect it to be available thru the console as soon we released it in a beta mode.
Sorry if I misinterpreting your question and please let me know in case you have any question or concern, would always be happy to help out with anything at all :).
thanks,
-rania
To view this discussion on the web visit https://groups.google.com/d/msgid/api-gateway-users/a30f0162-44f3-44c4-afac-089fb7fad2f8n%40googlegroups.com.
Stephen Gaffney
May 25, 2021, 12:25:02 PM5/25/21
to api-gateway-users
Hi Rania,
Stephen
Thank you for your quick reply! Sorry I should have specified but yes that's what I was enquiring about. That's great, thanks for the update, looking forward to using it.
The link you provided returns a 404 for me, is there another way to access it?
The link you provided returns a 404 for me, is there another way to access it?
Stephen
Reply all
Reply to author
Forward
0 new messages