This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Connection time out issue while accessing external api() from gcp cloud function

Posted on 09-22-2024 09:27 AM
prasit_m
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

The problem statement deals with following scenario. I am trying to run a cloud run function from gcp platform that eventually accesses an external api. The cloud run function has a python code that accesses this external REST api (). The purpose of the function is to help fetching the response data (if request and response worked fine) & getting this "content" in a .csv file thus to finally move to a cloud storage that is created. However, the issue encountered here is, the cloud run function is ended up with throwing following error, for example 

requests.exceptions.ConnectionError: HTTPConnectionPool(host='10.109.21.177', port=8097): Max retries exceeded with url: /auth/realms/ocs-tenant-1/protocol/openid-connect/token (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x3e04029addf0>: Failed to establish a new connection: [Errno 110] Connection timed out'))

As the message indicates, the time out error may be originated from a network issue (though very generic indeed) which could have several reasons. When same REST api () was accessed from local virtual machines, it worked fine and the required response (200) and response body both were obtained

Few other details

  • The Rest api url, "http://10.109.21.177:8097/auth/realms/ocs-tenant-1/protocol/openid-connect/token
    • The required headers, data along with this url was passed to get the response.
  • The required packages for the python script were all listed under requirements.txt
  • The required bucket that was aimed to hold the csv file (after api request gets success and was able to fetch the response data) was created over cloud storage earlier. 

From general configurations perspective (of having maximized time out settings | or having secured permissions etc.) all aspects were ensured. However, from network setting perspective, is there any measure to be taken care in lieu with VPC connector and/or NAT gateway to help resolving this? Any pointer and /or links on this is highly appreciated. 

2 1 915
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
mcbsalceda
Staff
Reply posted on --/--/---- --:-- AM

Hi @prasit_m,

Welcome to Google Cloud Community!

The error you’re seeing happens when your application tries to set up a new TCP connection to a remote host, but it’s taking too long to connect.

  • If you're sending all your outbound traffic through a VPC network—whether that's with VPC connectors or Direct VPC egress—be sure that:
    • You’ve set up all the right firewall rules to let traffic flow into the VPC connectors.
    • Your VPC firewall rules are set up to let traffic in from the VPC connectors or the Direct VPC egress subnet, so it can reach the destination host or subnet without any issues.
    • You’ve got all the necessary routes in place to make sure traffic gets to its destination and back. This is key for routing egress traffic through VPC Network Peering or hybrid cloud setups since packets need to hop across different networks to reach the remote host.

  • If you're using an HTTP proxy to handle all egress traffic from your Cloud Run services or jobs, just double-check that the remote hosts are accessible through the proxy. Keep in mind that traffic going through an HTTP proxy might experience delays based on how busy the proxy is. If routing your HTTP egress traffic this way is part of your plan, be sure to account for it by adding retries,

For a complete troubleshooting guide on Cloud run issues, you may refer to this documentation.

I hope the above information is helpful.