Category Archives: Google Cloud

Debug 502 Errors in Google Cloud Load Balancer

If your Google Load Balancer shows 502 errors read below: First go to Logs Viewer: https://console.cloud.google.com/logs/viewer Then in the search filter editbox enter: httpRequest.status:502httpRequest.status:502 This will search all 502 errors in the selected Load Balancer. Click on the specific line with the 502 error and expand “jsonPayload”: jsonPayload: { @type: "type.googleapis.com/google.cloud.loadbalancing.type.LoadBalancerLogEntry" statusDetails: "backend_timeout" }jsonPayload: { […]

Google Cloud SQL and Public IP Address Security

When you create a SQL cloud instance and you use a public IP address (external IP) on the SQL instance, make sure that your Compute Engine instances that will connect to the public IP of the SQL instance will have a static IP address and not temporary, else if the IP address is temporary it […]

Nginx HTTP to HTTPS and non-www to www behind Google Load Balancer

First create two forwarding rules on Google Load Balancer (frontend): – One for HTTPS (port 443) traffic – One for HTTP (port 80) traffic Then make sure both rules use the same static IP address. Now on the Compute Engine backend, edit the Nginx config file: server { listen 80; server_name localhost; access_log /var/www/nginx/logs/access.log main; […]

Quota ‘IN_USE_ADDRESSES’ exceeded. Limit: 8.0 in region

If you get this error message when you try to create a new Compute Engine instance: Quota ‘IN_USE_ADDRESSES’ exceeded. Limit: 8.0 in region…Quota ‘IN_USE_ADDRESSES’ exceeded. Limit: 8.0 in region… Then it looks like you reached the quota of IP addresses in use. To solve this, you need to ask to modify the quota of: This […]

Only allow Google Load Balancer traffic (Firewall Rules)

For security reasons you should only allow incoming traffic from Google Load Balancer on your backend instances. To do so, when making a GCE firewall rule, just set the Source IP ranges to these GCE IPv4 ranges: 130.211.0.0/22 35.191.0.0/16130.211.0.0/22 35.191.0.0/16 Read more here: Google Cloud Load Balancer Firewall Rules Tuning NGINX behind Google Cloud Platform […]

Google Cloud Load Balancer Firewall Rules

If you need to create firewall rules related to Google Load Balancer: You must create a firewall rule that allows traffic from 130.211.0.0/22 and 35.191.0.0/16 to reach your instances. This rule allows traffic from both the load balancer and the health checker. The rule must allow traffic on the port your global forwarding rule has […]

Create Instance Template out of Disk Snapshot on Google Cloud

You can create an Instance Template out of disk snapshot like this: 1) Created an instance 2) Install the required services on that instance 3) Create the image from the disk using the steps mentioned on this link. 4) With that Image create a new template. Other simpler steps recommended by an user: 1) Create […]

Get User IP Address From Google Cloud Load Balancer

Google Cloud Load Balancer saves the user’s IP in the X-Forwarded-For field: X-Forwarded-For: -client IP(s)-, -global forwarding rule external IP-X-Forwarded-For: -client IP(s)-, -global forwarding rule external IP- More information can be found here: https://cloud.google.com/load-balancing/docs/https/ Here is a sample PHP snippet to get the user’s IP address: $user_ip = explode(",", $_SERVER[‘HTTP_X_FORWARDED_FOR’])[0]; print_r($user_ip);$user_ip = explode(",", $_SERVER[‘HTTP_X_FORWARDED_FOR’])[0]; print_r($user_ip);

Connect as Root using WinSCP on Google Cloud Compute Engine

To connect as root with your Compute Engine VM using WinSCP do this: Option 1: Using Session -> File Protocol -> SCP sudo su -sudo su – Option 2: Using Session -> File Protocol -> SFTP sudo -s /usr/lib/sftp-serversudo -s /usr/lib/sftp-server