This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Google - Global External Application Load Balancer - Is using both HTTP and HTTPS possible?

Posted on 10-24-2024 06:19 AM
tacoma50
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

Hi,
I tried to set up a single Global External Application Load Balancer that handles both HTTP and HTTPS. It seems that you can only have HTTP or HTTPS but not both?

I set up these two frontends:
 1. Protocol:  HTTP,    IP: 35.244.xxx.xxx, Port: 80
 2. Protocol: HTTPS, IP: 35.244.xxx.xxx, Port: 443

I set up these two Backends:
   Name                       BackendType   Scope    Proto   IPv     LB           
1. app-be-service-80  BackendServ     Global   HTTP   IPv4   app-test-lb
     Backend: InstanceGroup=test-ig-uscentral1-a   SelectedPorts=80    IPstackType=IPv4

2. app-be-service-443 BackendServ    Global    HTTP  IPv4 app-test-lb
     Backend: InstanceGroup=test-ig-uscentral1-a   SelectedPorts=443   IPstackType=IPv4

My Unmanaged Instance group:
    Name: test-ig-uscentral1-a
    Has two GCE VM instances in it.
    Port Name Mappings: port-80: 80, port-443: 443

I don't need to steer any client traffic.
I just want any HTTP:80 traffic to round-robin to either backend VM.
I just want any HTTPS:443 traffic to round-robin to either backend VM.

But I am not sure how to set up the routing rules to handle this.
Is this possible?

0 1 406
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
diannemcm
Staff
Reply posted on --/--/---- --:-- AM

Hi @tacoma50,

Welcome to Google Cloud Community!

Here's a step-by-step guide to set up both the frontend and backend for a Global External Application Load Balancer on Google Cloud, handling both HTTP and HTTPS traffic with round-robin distribution across your VMs, both frontends pointing to their respective backend services:

Step 1: Unmanaged Instance group(your 2 VMs)

Step 2: Create the Health Check, set the protocol to HTTP, specify port 80

Step 3: Create 2 Backend Services [for HTTP (port 80) and HTTPs(port 443)]

Step 4: Create Frontend Configuration [for HTTP (port 80) and HTTPs(port 443)]

Step 5: Associate Backends with Frontends

Backend Configuration:

Under the frontend configuration, select the backend service for HTTP (port 80) for the HTTP frontend and select the backend service for HTTPS (port 443) for the HTTPS frontend.

For Firewall Rules, ensure that your VM instances allow traffic on ports 80 and 443 and your SSL certificate is valid and correctly associated.

You may also check this documentation, where given sample shows how to use URL map redirects to redirect all requests from HTTP to HTTPS and how you set up redirects by using the well-known ports 80 (for HTTP) and 443 (for HTTPS). 

Other reference: Deliver HTTP and HTTPS content over the same published domain

Since your desired set up involves custom routing rules and HTTP/HTTPS enforcement, it is recommended to leverage Google Cloud Support for assistance.

I hope the above information is helpful.

Top Labels in this Space
Top Solution Authors
View all