Global Load Balancer, but not exposed to Internet

Goal:

  • several VM's acting as a db cluster in multiple regions
  • single internal IP on LB
  • no public exposure
  • traffic forwarded to the closest available backend

Closest solution was TCP Proxy Load Balancing, but it has external IP, which I want to avoid. On the other hand, there is Internal TCP Load Balancer, but it works only within single region. Is it possible to gather multiple backend services (from different regions) under one internal load balancer (without being exposed to the Internet)?


Solution 1:

I think it could be helpful the following public information that share the differences between Load Balancing and choose what is the best option for your implementation, you can see a table with the comparatives that you are sharing.

For internal purposes we only have 2 choices Internal HTTP(S) and Internal TCP/UDP. None of these can be used as a multiregional, but you can use PC Network Peering or Cloud VPN and Cloud Interconnect with Internal TCP/UDP Load Balancing, you can see it on Internal TCP/UDP Load Balancing and connected networks.

Solution 2:

No, Google Cloud internal load balancers are limited to backends in a single region.

External load balancer with one IP and resources in multiple regions is available, in the premium network tier.

GCP assumes regions are internally redundant, regions are isolated from each other, and global load balancer means external. They are not interested in private networking load balancers with backends across regions. That is left to applications. Possibly replication with a manual failover process initiated by a person.

Consider not using GCP's load balancer for the database tier. Configure the databases with the other remote nodes as required for replication or cluster configuration. Static internal IP addresses in DNS. Point clients at an appropriate database node that can service their requests, possibly local in region but maybe not.