Google Load Balancer creating frontend IP that differs from Compute Engine IP

[Harry Stuart]

0down votefavorite

I have a single compute engine that I am trying to make accessible by HTTPS. I assigned it to a instance Group and added a port name that mapped to 443. Then I created an HTTP(S) load balancer who's backend service connected to the instance and the port that I had set in the instance group. However, the IP address that the load balancer creates for the front end service is different to the external IP address of the instance.

So my question is, when I contact the frontend service IP address, will that route to the port 443 of the instance's IP address or is it expecting the external IP address of the instance to be the same as the fronend IP address of the load balancer.

Currently, my backend service is unhealthy, and I am suspecting this to be the probable reason. If not, are there any other steps I have to take to make my instance's IP address accessible via HTTPS other than setting a mapped port creating a load balancer with a backend service connected to that isntance and port?

btw I have also posted this on Stackoverflow however, I need to try and solve this ASAP. Thanks!

[Nur]

When you use an HTTPS load balancer it creates global forwarding rules which route traffic by IP address, port, and protocol to a load balancing target proxy, which in turn forwards the traffic to an instance group containing your virtual machine instances.

The external IP address and port that is configured will be exposed to external connectivity. When a request hits the Load balancer it will use internal IP of the VM to communicate with VM. So, to answer your question it is not expecting the external IP address of the instance to be the same as the fronend IP address of the load balancer.

I would recommend reviewing HTTP(S) Load Balancing Concepts[1] for more details on how HTTP(S) load balancer works. additionally, I would suggest reviewing Setting Up HTTP(S) Load Balancing documentation for configuration steps[2] of HTTP(S) Load Balancer.

For health check to work you would require to create a health check [3] and depending on which type of health check you are using a firewall rule[4] to allow health check probes. Confirm that you have these two in place and the backend VM listening to the configured port.

I would also like to mention that Google Groups is for general discussion and you're likely to find information like service status updates and release notes and ranging from book recommendations to creative shortcuts.

For technical questions, based on the question Stack Exchange, Stack Overflow, and Server Fault would be more appropriate platform [5]. 

[1] HTTP(S) Load Balancing Concepts: https://cloud.google.com/load-balancing/docs/https/#gc-wrapper

[2]Setting Up HTTP(S) Load Balancing: https://cloud.google.com/load-balancing/docs/https/setting-up-https#gc-wrapper

[3] Creating Health Checks: https://cloud.google.com/load-balancing/docs/health-checks#create_a_health_check

[4] Firewall rules: https://cloud.google.com/load-balancing/docs/health-checks#firewall_rules

[5] Technical Questions: Stack Exchange, Stack Overflow, and Server Fault: https://cloud.google.com/support/docs/community#technical_questions_stack_exchange_stack_overflow_and_server_fault