This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

GKE Gateway and compute instance

Posted on 03-16-2024 09:00 AM
Nik-uniq
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello there,

I'm investigating GKE Gateway solution and stuck with one thing: is it possible to somehow point a GCE instance when using Gateway? According to K8s reference, ExternalName services should not be supported by implementations. 

Maybe, there are some other practices how to route to compute instance and k8s resources with a single Application Load Balancer? Because an LB that is created by GKE Gateway can point to NEGs and Instance groups. And I guess, it's not safe to introduce manual changes to this load balancer, because these changes add complexity, they are not managed by Gateway and can be easily destroyed.

For more clarification, the same I would like to achieve but via nginx Ingress:

apiVersion: v1
kind: Service
metadata:
  name: external-instance
spec:
  type: ExternalName
  externalName: instance.com
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: proxy-to-https-vm
  annotations:
    nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
    nginx.ingress.kubernetes.io/use-regex: "true"
spec:
  tls:
  - hosts:
    - load-balancer.com
  secretName: balancer-tls
  rules:
  - host: load-balancer.com
    http:
      paths:
      - path: /.+
        pathType: Exact
        backend:
          service:
            name: external-instance
            port:
              number: 443
0 2 423
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
Willbin
Staff
Reply posted on --/--/---- --:-- AM

Hello @Nik-uniq,

Welcome to Google Cloud Community!

Directly pointing a GKE Gateway load balancer to a single GCE instance isn't possible using the built-in ExternalName service functionality. It's not currently supported by GKE gateway implementations. 

As an alternative approach, Ingress with NEG is your best option. It involves creating a NEG that includes your GCE instance. Then, a Kubernetes Service of type LoadBalancer points to the NEG. Finally, an Ingress resource with path rules directs traffic to the Service, ultimately reaching your GCE instance.

See these resources for additional info
GKE Ingress for Application Load Balancers
Configuring Ingress for internal Application Load Balancers

0 Likes

Posted on --/--/---- --:-- AM
Nik-uniq
Bronze 1
Bronze 1
In response to Willbin
Reply posted on --/--/---- --:-- AM

Hello @Willbin ,

Thank you for your answer! Finally I resolved the issue in a bit another approach, which keeps balancer auto-managed by GKE Gateway.

I spin-up a Nginx controller in CluserIP mode. I connected Nginx k8s Service to LoadBalancer via common HTTPRoute k8s resource. And then I added an Ingress resource which proxies everything coming to Nginx to ExternalName Service with DNS of my compute instance.

So the communication like: Client -> GCP LB -> Nginx controller in k8s -> Compute instance. 

Maybe it's overhead, but it gives me an ability to keep manage GKE LB via k8s as I wanted.

Again, thank you for your idea!

Top Labels in this Space