Solved: Creation of successful GCP Instance template and g... - Page 2

v14 · 11-02-2021 11:16 AM

Hello,
So I used the Bitnami Google Cloud Launchpad to create a VM in a project. The VM is launched successfully and I can ssh into it and everything. So I followed the procedure the create an instance template from an existing VM and the template was created successfully. Now when I try to create an instance group from this template, the group gets created but its never successful(the green check button never comes, and in the "errors section" there is an 'INVALID USAGE errortype and an 'Instance 'myproject-group-1-4w9l' creation failed: External IP address: 34.66.139.222 is already in-use' error message).

I need help resolving this issue.

How I created the template from an existing VM:
gcloud compute instance-templates create myproject-template --source-instance=bitnami-lampstack-6658 --source-instance-zone=us-central1-f

The goal is to autoscaled and loadbalance the app running on this VM

glen_yu

Ok, so the Bitnami server that you create following the instructions that you did is suitable for a lone server setup/test environment. A public IP is provided to the server and that's how you and others would access the server (whether it's SSH or HTTP). You could have also created it without a public IP and created an LB that points to it. This would be the more secure option, but if you're just serving content from a single server or using it as a test, one might argue that you don't need an LB (I mean, why pay for an LB if load just goes to a single server anyway, right?)

In practice -- and it's what you're experiencing now, your backend will need to be able to scale and in order to do that more autonomously, you will need to use instance templates, but as you have seen, you can't create instance templates off of VMs that already have a public IP and it wouldn't make sense anyway as each VM's content would only be accessible by its public IP. Hence the LB, so you have 1 public IP that will forward traffic to your backend whether you have 1 or 100. As a result, you won't need (and shouldn't have) public IPs for each individual VM because now you just have extra avenues for attackers enter your environment with. And of course removing the public IPs to the individual VMs poses other problems from a management/update point of view. Security shouldn't be convenient but you should really still side with security. The 2 options I previously mentioned are common methods of getting access to your env or updating its content without exposing yourself too much.

There's actually a 3rd option that I neglected to mention, but that is to update your Bitnami server with your webpage content BEFORE creating an instance template -- this way, the instance will already come with the content preloaded. If you ever need to update the content, you can either use the 2 options I mentioned above -- or better yet, update your instance template and do a rolling update on the backend VMs, replacing each VM created from an old template with one creating from a new template.

If you're new to GCP or cloud computing in general, I recommend doing some Qwiklabs hands-on courses to build up your foundational knowledge. For your current use case, I recommend Qwiklabs Network & HTTP LBs lab. If you don't have an account, you can sign up for one for free and I think they give you some credits to start. It's been a while since I created my account but if you don't get any free credits to start, feel free to DM me the e-mail you registered Qwiklabs with and I'll send you some of mine.

As for your comment about Bitnami not giving you options to select IPs, etc. I think that's just part of the template that they provide you and so options are limited. These type of templates are good in some cases to get started, but in most cases it's almost always better to roll your own from scratch off of a blank VM.

View solution in original post

Creation of successful GCP Instance template and groups (from existing bitnami Google Launchpad VM)