Sorry for my bad english, i translate from russian.

I can't figure out how to set up Cloud CDN. To use it I should set up the Load Balancer. I have an external server with web pages. I set up strictly according to the instructions "Setting up a Cloud CDN with external origin" https://cloud.google.com/cdn/docs/setting-up-cdn-with-external-origin

  1. Created a group of endpoints https://yadi.sk/i/IdtQ4rXNlS1Mwg 2.Created the Load Balancer, selected the previously created endpoint group. In the front-end VM configuration, created a Google-managed certificate. Load Balancer page https://yadi.sk/i/8J5vGBD2eL_L-A

The instruction ends here. And then I don't understand what to do with it.

As far as I understand the logic of the balancer, it should work like this:

  1. Google has attached IP to the Load Balancer. If to use this IP, Load Balancer will redirect to the specified endpoint (in my case, the domain asdfgtyu10.xyz).
  2. It is necessary to somehow associate the issued ip with the asdfgtyu10.xyz domain. I did not find the instruction. There is no mention of this in the main instructions. Prompted the idea of a domain by a question found on the Internet https://switch-case.ru/71632449

IP with HTTP protocol 34.107.213.145 gives error 502 http://34.107.213.145/ IP with HTTPS protocol gives a 404 error when opened in the format http://34.120.190.159/ In the format https:// 34.120.190.159 or http:// 34.120.190.159:443 does not open at all.

I also tried to point A-records with IP addresses to subdomains. For HTTP http://gcloud.asdfgtyu10.xyz/ For HTTPS https://www.asdfgtyu10.xyz/ The result is the same as when opening via an IP address.

How to bind the issued IP to the domain specified in the endpoint group (asdfgtyu10.xyz) - I don't understand. Logically, as I understand it, the Load Balancer should work on the same domain. But if I specify an A-record for the domain, how does the Load Balancer know which server to send traffic to if the endpoint specifies the domain and not the server's IP? That is, the Load Balancer will point to itself. If I specify the IP server as the endpoint, and I write the Load Balancer's IP in the A-record, then on the Google side there will be no connection with a specific domain. And I have several domains connected to a server with 1 IP address. Where will the Load Balancer ultimately direct traffic?

I tried all the options. Now in the A-record of the domain, the IP of the balancer with the HTTPS protocol (34.120.190.159). In the endpoint group, the IP of my external server 165.22.64.183 with port 443 is indicated as the endpoint of the network. I have no any ideas.

Can you please tell me how to properly configure Cloud CDN using a Load Balancer and an external server?


Solution 1:

First you have to point your domain to the Load Balancer's IP (that means setting up an A record).

Here's more about DNS records and what they do.

You can also move your domain to GCP Cloud DNS and set up everything there; add a domain (create a managed zone) and add proper DNS records.

You also asked how the LB will know which server to send traffic to - it doesn't have to "know" in your case since your backend is a Network Endpoint Group:

However, because only one internet endpoint is allowed in each internet NEG, load balancing isn't actually performed. This means that you can't use any of the load balancing modes, such as rate or utilization. The load balancer serves as the frontend only, and it proxies traffic to the specified internet endpoint.

Similar topic was also discussed here.

Important thing to remember is that this configuration (LB with NEG) doesn't support health checks and in case of server failure you may find yourself with site down.