1. NetFoundry
  2. Docs & Guides
  3. Design Guides

GCP Cloud - Ingress High Availability

Overview

The network load balancer that can be deployed in the GCP Cloud fits the architecture and features we are looking for. More details can be found at this link for those interested. Internal TCP/UDP Load Balancing overview  |  Google Cloud

Important Notes: 

In GCP, to process both tcp and udp flows, one needs to configure 2 sperate load balancer types. One would be to process TCP type flows and the other would be processing the UDP type flows. Even though they would have two separate front end IPs, users would be able to set up the exact same forwarding rule for the same prefix to 2 different LB types, i.e.

FW1: 192.168.0.0/16 via TCP LB’s IP
FW2: 192.168.0.0/16 via UDP LB’s IP.

The order of configuring the components of the load balancing service is as follows:

  1. NF ERs, at least one per AZ
  2. Firewall Rules to allow traffic and health checks to Backend ERs
  3. Unmanaged Instance Groups, one per AZ
  4. Health Checks
  5. TCP Load Balancer
  6. UDP Load Balancer

The source IP address for Load Balancer Health Check Probes is sourced from the following subnets:

35.191.0.0/16
130.211.0.0/22

Configuration Steps:

  1. Log into the GCP Console.

  2. Navigate to Compute Engine → Instance Groups and click on “Create Instance Group”

    5344c739-a8a4-4030-a44b-0b20e13f0262.png

  3. Select “New unmanaged instance group“ and fill in the details

    bb79512f-a700-4b6e-bfa1-118d5fad006d.png

  4. Repeat the step above for every AZ that is required.

  5. Navigate to Compute Engine → Health Checks and click on “Create a health check”

    151343f9-bb28-4a3e-adad-34e72bba0f46.png

  6. Fill in the health check details and click on “Create”

    b02b0188-1024-40b3-87c1-4dc13754609a.png

  7. Navigate to Network services → Load balancing

    4954728f-4e14-47c7-907c-a13c2ee89b38.png

  8. Click on “Create Load Balancer”

    f1381e60-112b-4851-8ede-748f6f6cca11.png

  9. Click on “Start Configuration” under TCP Load Balancing”

    75ff1e5e-2923-45f4-9640-265e0dd4d802.png

  10. Check “Only between my VMs” and “Single region only”. Then, click on “Continue”

    3ea8e50a-399e-46c3-90a2-eebada45685d.png

  11. Fill in the LB details along with the Backend Service configuration

    8f6ab1bc-feba-4001-8612-4f49672f056f.png

  12. Switch to the Frontend configuration, fill in all the details, and then click on “Create”

    704eadd7-a1ae-4292-a261-2f0149e4b099.png

  13. Repeat the load balancing steps for the UDP Load Balancer

  14. Or assuming that you are still in the Load Balancing menu, then click on “Create Load Balancer”

    552c69d1-910c-407b-8888-fe1b4c8dc4f4.png

  15. Click on “Start Configuration” under UDP Load Balancing”

    96d9a497-3624-4db5-b4c4-6fde645bd849.png

  16. Check “Only between my VMs”, and then click on “Continue”

    edcf1f0c-f07f-4e37-84b1-122ce75be02a.png

  17. Fill in the LB details along with the Backend Service configuration

    8ba36f61-076b-4aa7-909f-56fb07616d2b.png

  18. Switch to the Frontend configuration, fill in all the details, and then click on “Create”

    f01336ba-022a-4165-a1d6-4be7cfdddee5.png

  19. Status after both are configured successfully

    8838a32a-142d-4bd2-8369-16da8184de61.png
    ec8b4a71-114d-4e6d-a54b-a75b2d455db5.png
    cd34f8f7-8cc9-48e9-b93e-be9c052cecad.png

  20. Configure forwarding rules to route the traffic to Load Balancers

  21. Navigate to VPC network → Routes

    e985352f-8faa-4483-97bf-ce29f15957ca.png

  22. Click on “Create Route” and fill in all the details.

    9b0bb1d1-356a-4c85-be43-30bf4e28c347.png

  23. Select TCP Type as "Forwarding rule name" and click on “Create”

    3d0469c9-233e-4ebc-a607-428eb69656dc.png

  24. Repeat the above step for the same route but select the UDP Type as "Forwarding rule name"

    a95d71ee-157f-4691-8f12-9930796d85e7.png

  25. Repeat the above steps for all desired routes

  26. Done!

 

Articles in this section

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.