Upload file to GCP storage in order to route the t...

Tania · 08-30-2023 10:12 AM

when we are connecting from our on premise server to our google cloud storage bucket and we use GSUTIL and the GSUTIL has the google API, if that’s get called the domain server give us the public IP and that public IP is not same our interconnect IP, so the traffic will not route through the interconnect. In that case how we can get the static IP from cloud DNS in order to route the traffic through interconnect Service info in Brief: we use Microservice for uploading file via GSUTIL tool to GCS storage.

DNS: storage.googleapis.com
GSUTIL doing DNS lookup before connecting to google the API.
Connection: HTTPs

Now if we connect our on premise sever to cloud storage through f5 to upload a file we need same IP to route the traffic through interconnect. But when I ping storage.googleapis.com I am getting public IP which is not same our interconnect IP.

Mauricio_N

Hi Tania,

You need to configure a PGA(Private Google Access) to provide an internal route and custom Internal DNS Zone.

https://cloud.google.com/vpc/docs/configure-private-google-access-hybrid
to briefly describe what you need to achieve:

Create a Cloud DNS private zone for googleapis.com
Configure DNS resolution to use Google's DNS services (https://cloud.google.com/dns/docs/policies#create-in)
Configure a route to resolve DNS queries through Interconnect(Cloud DNS uses an external IP range but only accessible from Google's VPC service)(https://cloud.google.com/dns/docs/zones/forwarding-zones#firewall-rules)
after those steps you will be able to see the route going through the interconnect(use a traceroute or any other routing tool)

Upload file to GCP storage in order to route the traffic through GCP interconnect