Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.

Cloud Workstation fails to call itself by going through PSC

Hello,

We're using Cloud Workstation to host development environments and I've just hit a blocker in a workstation that is running a kind-based kubernetes cluster with port 80 exposed (so that when I go to https://80-<workstation-name>.domain/ it uses the port 80 exposed from within the cluster and displays the application frontend).

We're making use of a service which seems to be using the host header passed from ingress-nginx within the cluster to the app so that if I use e.g. https://80-my-workstation.example.com, the service uses that URL (+ protocol) to function internally. The problem is that from both the workstation itself and from the container, this doesn't work.

What I mean is:

- If I go to https://80-my-workstation.example.com from my browser, it connects to the PSC endpoint on port 443 which has been made reachable via firewall rules.

- If I go to https://80-my-workstation.example.com from the container or the workstation itself, the request times out. I've checked firewall rules, routing but they don't seem to be the issue (I can access other machines in the same subnet as that PSC endpoint just fine).

I've found this

https://cloud.google.com/vpc/docs/about-accessing-vpc-hosted-services-endpoints#limitations and I assume this is maybe related to the issues I'm facing but I'm not sure.
 
Also, even if the access to port 443 of the PSC worked I have doubts that the rest would work since the auth part would probably be missing. But let's for now focus on the access to the PSC endpoint from within the workstation. Any ideas please?
 
I'm also aware I could overwrite the container's hosts file so that when it tries to access 80-my-workstation.example.com it uses localhost instead but there would still be the https protocol in use which would break it since I'm not exposing 443 in the cluster and do not intend to do so.
0 0 162
0 REPLIES 0