I am a newbee to Google Cloud, however, I setup the project based on Standard App Engine based for my Node.JS application. I downloaded the code from GIT and able to deploy. In my code, it tries to make a Mongo connection to my Replication Server that is hosted at Atlas MongoDB (I guess it's on AWS EC2 instance). I have access control enabled so only server to server with known IPs can connect to my MongoDB.
Obviously I was expecting the connection from my freshly deployed app to fail. So to remediate I want to add the external IP of the instance from Google Cloud (whatever is the Public IP that is seen) to Mongo Network Access. I tried a few IP address I thought are the right ones but it's not working. I see the connection is trying to make to Atlas but it's failing because I am not sure what Public IP address is seen from AppEngine (Docker Instance?)where my app is running.
I tried 0.0.0.0/0 - open to all clients and my app works just fine, however I definitely don't want to open MongoDB access to entire world. If anybody knows more about Google Cloud please help.
Thanks in advance for replying if you have important info to share.
Google App Engine doesn't have an External/Static IP that you can refer. This can be achieved by using a VM on Google Compute Engine that has an External IP with proxy to your App Engine.
Besides that, there is a Feature Request open for this to be checked by Google that you can access here:
Provide static IP for outbound urlfetch requests
Besides that, you can access the documentation Static IP Addresses and App Engine apps, to find out more information on options already available on App Engine.
Please, let me know if the information helped you.
Related
I'm currently building a website that I would like to privately host so it can only be used internally. My goal is to store file uploads into a google cloud bucket then document certain things into a cloud sql db for filtering later on.
I've been able to store and pull my files from a bucket and I was also able to set up my database in cloud sql however I'm not totally sure how to send SQL query's to my database from my website. I've tried going through the documentation but I'm a bit lost as to what I need. So if anyone knows what I should be looking at that would be a lot of help. Anything like a guide on the google documentation, because I'm not sure which I need to follow or anything.
Additional information
Currently my website is hosted locally because I haven't decided on a
website hosting service yet any recommendations would be helpful.
I was using a postgres database as practice for creating endpoints and developing my database
structure.
I am using a PERN stack so postgres, express, react and node.js
If there's anything else you would like specified I'm more then happy to provide any additional information.
Update:
I was able to connect my postgres db to cloudsql. I would explain how but this video does a great job of it.
How to connect psql db to cloud sql
However I'm running into an issue when I try to connect using an SSL connection. I have the files my only issue is I don't know where to store these files.
The general recommendation is to use the Cloud SQL Auth Proxy to connect to your Cloud SQL instance.
Basically you'd run the proxy wherever you're running your webapp and then have your webapp connect to the proxy as if it were a local database.
You'll start the proxy like this:
./cloudsql_auth_proxy -instances=<INSTANCE_CONNCECTION_NAME>=tcp:5432
That will start a listener on 5432 on localhost that you can connect your webapp to.
Alternatively, you could use Authorized Networks to allow-list the IP address of the machine where your app runs.
Check out the docs here: https://cloud.google.com/sql/docs/postgres/connect-overview.
So people, I'm planning to build a website with MERN Stack and host it from my local machine. How to do that without using aws or fire base.
How to use my machine as Backend and database(express, node and mongodb hosted in local host) for the react frontend (hosted in www.someurl.com).
PS: I have already created a site using firebase and firestore as backend.
https://t-heros.web.app/
Thanks in advance.
One thing is you need to keep your local machine 24*7 for your app to work throughout the day. And for your answer you can expose your localhost to public domain by using static IP address and routing applicable from your router with appropriate firewall rules, all this also requires effort and maybe static IP address requires purchase. With both these together your React app can access the localhost on your machine for operations.
I have hosted a website using google cloud app engine. However, I am not able to access the website when I am connected through a VPN.
Are there any security settings on cloud to enable this?
I appreciate the leads here.
Thanks!
Currently, if you are using App Engine standard, you are not able to access it through VPN directly. There are two option to achieve it:
The first one is to use a feature called App Engine Flexible. This solution is base on define the network settings when you perform the deployment on your app.yaml configuration file. For more information about it please review this.
The second option is to use Serverless VPC Access, but there is a little bit more complex, let me explain why. When you use it this feature, You are establishing connection between your App Engine app directly to Compute Engine VM instances.
So you will need to establish first a VPN in order to reach your VM instance, for more details please check here. And then establish connection VM->App Engine. And then configure VPC Serverless Access.
I hope all this information could help you to achieve your goal.
I'm running a NodeJS app on GAE and I want to connect to a mongodb cluster on Atlas.
I have white-listed my IP on atlas and established a connection. All work fine on my local machine.
When deployed my app on GAE it could not connect to Atlas since the IP is not white-listed. When I white-listed all IPs on Atlas I could make a connection and everything worked fine as on my local machine
I cannot assign a static-IP to a standard GAE app, therefore I must allow access from anywhere to my cluster on Atlas, which is probably a bad idea.
What would be best solution to work with mongoDB from a GAE standard app?
Any configuration I can make to Atlas? maybe switching to mLab? or any other ideas?
App Engine applications do not have fixed IP addresses. I'm not very familiar with MongoDB Atlas, but it does look like it offers an option to run on GCP and if that runs on a Compute Engine instance what you might be able to do is use the VPC Connector to enable access between your app and your MongoDB setup.
I am looking a way to browse my Cloud Foundry Mongodb services. Look like there are two options:
Tunneling to a Cloud Foundry Service with Caldecott http://docs.cloudfoundry.com/tools/vmc/caldecott.html. I never tried this but I guess it may work.
My question is this: Is it possible to connect directly into Cloud Foundry from Mongodb Admin GUI such as mViewer or Mongovue? But if so, how do I know the username/password in process.env.VCAP_SERVICES['mongodb-1.8'][0]['credentials']?
https://github.com/Imaginea/mViewer
http://www.mongovue.com/2011/08/04/mongovue-connection-to-remote-server-over-ssh/
By using the GUI client you have to get a tunnel to the service. Once you open it in a CLI console the connection info will be generated and displayed, including the host address, usually 127.0.0.1, port number, username and password. You cannot connect using the values from VCAP_SERVICES if you try to do that from outside environment because these will be local values behind the CF router.
You need to create a tunnel using Caldecott.
See http://docs.cloudfoundry.com/tools/vmc/caldecott.html.
When you open the tunnel, it should provide you with either a command line client, or the credentials to use.
In case it does not, create a piece of code that returns a dump of process.env.VCAP_SERVICES when visit a certain url on your server.