Regarding Standard Environment For Node Js

[Brian Oh]

I am coming from NodeJs App Engine Flexible Environment and we do know that the burning issue with this configuration is the price.

As most of us do not really require the amount of minimum size of resources and instances CPU power in flexible environment, I believe that it does not really suit us.

As a result, I did the switch over to standard environment as I understand that it is still in beta version.

The following are the two concerns and question I have,

1. Networking ports aren really able to be set by us? 
2. We cannot connect to our other instances for example in compute engine via our private Ip-address used within Google Cloud Platform. (For example connection with other databases servers)

A little more information to point 2, the concern is that I have been trying to connect to my MongoDB database that is being hosted in Compute Engine. All the while, it have been communicating via the internal private ip-address across GCP. That is a very good feature and we do know that.

It have been working well with Flexible Environment.

However, the moment that I launch it over to standard environment, it stopped working. As a result, I tried to connect via public ip-address and it stills fails to work.

Please note that the application and same configurations to the same mongodb server on compute engine connection have been successfully establish using my own development machine with the same nodejs8 version and similar environment based on the standard environment.

1. Development Machine on my Mac (public ipaddress) 

2. App Engine Flexible Environment (public and internal IP address)

All have been successful.

However both ways failed in standard environment.

Does anyone have or faces the same issue?

Please advise

Thank you in advance.

[George (Cloud Platform Support)]

In reply to your questions: 

1) You can specify network settings in your app.yaml configuration file, for example:

network:

  instance_tag: TAG_NAME

  name: NETWORK_NAME

  subnetwork_name: SUBNETWORK_NAME

  forwarded_ports:

    - PORT

    - HOST_PORT:CONTAINER_PORT

    - PORT/tcp

    - HOST_PORT:CONTAINER_PORT/udp

Related details may be read on the "Configuring your App with app.yaml" page, "Network settings" sub-chapter. 

2) In fact, there are many vendors offering managed database services such as mLab for MongoDB. These vendors handle hosting, configuration, and maintenance of databases. App Engine can connect to these external services over the Internet, in the same way as other public clouds by using that service's public IP address, in particular the IP address of your MongoDB instance. More detail may be gathered from the "Using Third-Party Databases" online document. How did you fail to connect from the standard environment, exactly? What were the errors returned? How did you follow the MongoDB connection instructions in your app? 

[Jason Collins]

Hi Brian - if your question is about Node.js on App Engine Standard: currently you cannot connect to private Compute Engine IP addresses, though this is something we're working on (sorry, no timeline, I just want to let you know it's on our radar). You should be able to connect to a public IP address just fine. I've not done this with Mongo specifically, but I have with Redis running on Compute Engine.

Perhaps your Compute Engine firewall is preventing the connection?

[Brian Oh]

Thank you for the clarification. However its kind of weird because if it is a firewall issue, then the rest of the methods will fail as well instead only the standard environment fails.

[Brian Oh]

Thank you George for the clarification.

I have a couple of questions in terms of your reply:

1. The snippet you posted I believe this is only applicable for flexible environment right?

2. In regards of other vendors offering such database service I am aware as this is already a production program, I am just looking or indeed awaiting this standard environment arrival as it have been long. As for Mongo side, IP address connection binding are pretty set to any ipaddress being available to connect to all IP address at the moment for testing purposes. Flexible environment have been working fine for me and I have already been on node js flexible environment for more than half a year. 

As a result, no changes have been made as it have been working.

[Brian Oh]

Hello Jason,

I have just manage to resolve the issue as indeed the firewall rules are binded to the mongo port ip addresses are restricted. However that brings us another set of concern is that how can we protect our databases connections as we know now everything is exposed to the public now. On the other hand, is that a possibility that we can find out our standard environment ip addresses and bind it accordingly to the firewall rules just like before?

On Sunday, 1 July 2018 01:58:55 UTC+8, Jason Collins wrote:

[George (Cloud Platform Support)]

Hello Brian, 

You were right about my previous reply, point 1) refers indeed to the Flexible Environment. Currently you cannot connect to private Compute Engine IP addresses in App Engine Standard Environment. Your related posting in the Public Tracker will undoubtedly get the attention it deserves, and a solution might be in sight. 

[Brian Oh]

Thank you for the clarification. In that case, is there any way to possible allow the firewall rules or binding configuration to tag to the domain name for app engine since in standard environment the IP addresses aren static.

[Jason Collins]

Hi Brian - I definitely understand the challenge you're faced with. Unfortunately, there is no published range of IP addresses for App Engine Standard outbound networking that you can use to configure your firewall. This is something we are working to remedy (i.e., allowing access to private IP addresses from App Engine Standard).

[Brian Oh]

Noted. It will be great that if we have such features available.