Category Archives: Google Cloud

Google Cloud SQL and Public IP Address Security

When you create a SQL cloud instance and you use a public IP address (external IP) on the SQL instance, make sure that your Compute Engine instances that will connect to the public IP of the SQL instance will have a static IP address and not temporary, else if the IP address is temporary it […]

Nginx HTTP to HTTPS and non-www to www behind Google Load Balancer

First create two forwarding rules on Google Load Balancer (frontend): – One for HTTPS (port 443) traffic – One for HTTP (port 80) traffic Then make sure both rules use the same static IP address. Now on the Compute Engine backend, edit the Nginx config file: server { listen 80; server_name localhost; access_log /var/www/nginx/logs/access.log main; […]

Quota ‘IN_USE_ADDRESSES’ exceeded. Limit: 8.0 in region

If you get this error message when you try to create a new Compute Engine instance: Quota ‘IN_USE_ADDRESSES’ exceeded. Limit: 8.0 in region…Quota ‘IN_USE_ADDRESSES’ exceeded. Limit: 8.0 in region… Then it looks like you reached the quota of IP addresses in use. To solve this, you need to ask to modify the quota of: This […]

Only allow Google Load Balancer traffic (Firewall Rules)

For security reasons you should only allow incoming traffic from Google Load Balancer on your backend instances. To do so, when making a GCE firewall rule, just set the Source IP ranges to these GCE IPv4 ranges: 130.211.0.0/22 35.191.0.0/16130.211.0.0/22 35.191.0.0/16 Read more here: Google Cloud Load Balancer Firewall Rules Tuning NGINX behind Google Cloud Platform […]

Google Cloud Load Balancer Firewall Rules

If you need to create firewall rules related to Google Load Balancer: You must create a firewall rule that allows traffic from 130.211.0.0/22 and 35.191.0.0/16 to reach your instances. This rule allows traffic from both the load balancer and the health checker. The rule must allow traffic on the port your global forwarding rule has […]

Create Instance Template out of Disk Snapshot on Google Cloud

You can create an Instance Template out of disk snapshot like this: 1) Created an instance 2) Install the required services on that instance 3) Create the image from the disk using the steps mentioned on this link. 4) With that Image create a new template. Other simpler steps recommended by an user: 1) Create […]

Get User IP Address From Google Cloud Load Balancer

Google Cloud Load Balancer saves the user’s IP in the X-Forwarded-For field: X-Forwarded-For: -client IP(s)-, -global forwarding rule external IP-X-Forwarded-For: -client IP(s)-, -global forwarding rule external IP- More information can be found here: https://cloud.google.com/load-balancing/docs/https/ Here is a sample PHP snippet to get the user’s IP address: $user_ip = explode(",", $_SERVER[‘HTTP_X_FORWARDED_FOR’])[0]; print_r($user_ip);$user_ip = explode(",", $_SERVER[‘HTTP_X_FORWARDED_FOR’])[0]; print_r($user_ip);

Connect as Root using WinSCP on Google Cloud Compute Engine

To connect as root with your Compute Engine VM using WinSCP do this: Option 1: Using Session -> File Protocol -> SCP sudo su -sudo su – Option 2: Using Session -> File Protocol -> SFTP sudo -s /usr/lib/sftp-serversudo -s /usr/lib/sftp-server

Connect to Google Cloud Compute Engine VM via PuTTY SSH

First you need to create an SSH key (use PuTTyGen.exe). Then on Google Cloud click on Compute Engine -> Metadata -> SSH Keys. Add there your generate SSH key and click on “Save” button. Then open PuTTy and in “Host Name” field enter: [username]@[external_IP][username]@[external_IP] Where username will be the same as the one used to […]