This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Cloud Run Service to Service with Internal Load Balancer

Posted on 01-13-2023 02:00 AM
leond
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi,

I have a use case that I requires me to have a Cloud Run service cr-cs-1 (composite service). This service will have ingress set to to "Public" and security set to "Require Authentication". This service will be public facing behind an HTTPS external load balancer.

The cr-cs-1 service must be able to access multiple services (cr-ms-1 .. cr-ms-n) (microservices). These microservices services will have ingress set to "Internal" and security set to "Allow unauthenticated invocations". I have followed the following article Cloud Run Internal Load Balancing and can successfully use the cr-ms-1 service that is configured with the external load balancer.

I have created cr-cs-1 (Python) and have tried various URL configurations to be able to use any of the services configured to the external load balancer. Unfortunately I have not been able to successfully get a response from the cr-ms-1 service. I am getting the following response from the external load balancer, 

404 Client Error: Not Found for url:

I would appreciate any guidance with how to setup the URLs in cr-cs-1 that will allow me to access the cr-ms-* microservices. Also, if this pattern is not correct, suggestions on how to implement this in another way will be welcomed.

Thanks,

Leon.

0 3 891
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

 

Hi @leond,

For us to isolate the issue properly, check if the services are deployed on the same region. This must be observed as with the serverless NEG and load balancer.

Having the same error based from your description, can you test if the if the cloud runs were configured properly, you can follow this step, try testing if the services are running locally.

You might also consider checking these workaround to make your goal/preferred setup work.

a. Serving traffic from Multiple Regions

b. Attaching a VPC connector (works if your Cloud Runs are deployed on a the same VPC network)

0 Likes

Posted on --/--/---- --:-- AM
leond
Bronze 1
Bronze 1
In response to Marvin_Lucero
Reply posted on --/--/---- --:-- AM

Hi Marvin,

Thanks for your feedback.

Reading my initial post I see I incorrectly used "external" instead of "internal" load balancer.

The services are all deployed with a single region. I have in the mean time achieved the service to service communication using a Serverless VPC Connector. My only concern is the cost implication of having compute instances in the background for this solution. I was hoping to find a more effecient and cost effective solution using the load balancer option. I recall reading in one of the Google Cloud documents that egress between serverless instances via and an external load balancer is deemed as internal traffic and does not add to cost. Can you confirm if this is correct?

Regards

Leon.

0 Likes

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
In response to leond
Reply posted on --/--/---- --:-- AM

Hi @leond ,

Egress between serverless instance and external load balancer is still charged. You can check here the explanation here.

0 Likes