Category Archives: Google Cloud

Advanced Logs Queries with Google Cloud Logs Viewer

With Google Cloud Logs Viewer you can perform advanced logs queries to search, for example, all Load Balancer requests that returned a status code different from 200 (useful to spot connection errors) or you can search all requests where the URL contains a specific string. The official documentation is here: https://cloud.google.com/logging/docs/view/advanced-queries Available search operators: = […]

Debug 502 Errors in Google Cloud Load Balancer

If your Google Load Balancer shows 502 errors read below: First go to Logs Viewer: https://console.cloud.google.com/logs/viewer Then in the search filter editbox enter: httpRequest.status:502httpRequest.status:502 This will search all 502 errors in the selected Load Balancer. Click on the specific line with the 502 error and expand “jsonPayload”: jsonPayload: { @type: "type.googleapis.com/google.cloud.loadbalancing.type.LoadBalancerLogEntry" statusDetails: "backend_timeout" }jsonPayload: { […]

Google Cloud SQL and Public IP Address Security

When you create a SQL cloud instance and you use a public IP address (external IP) on the SQL instance, make sure that your Compute Engine instances that will connect to the public IP of the SQL instance will have a static IP address and not temporary, else if the IP address is temporary it […]

Nginx HTTP to HTTPS and non-www to www behind Google Load Balancer

First create two forwarding rules on Google Load Balancer (frontend): – One for HTTPS (port 443) traffic – One for HTTP (port 80) traffic Then make sure both rules use the same static IP address. Now on the Compute Engine backend, edit the Nginx config file: server { listen 80; server_name localhost; access_log /var/www/nginx/logs/access.log main; […]

Quota ‘IN_USE_ADDRESSES’ exceeded. Limit: 8.0 in region

If you get this error message when you try to create a new Compute Engine instance: Quota ‘IN_USE_ADDRESSES’ exceeded. Limit: 8.0 in region…Quota ‘IN_USE_ADDRESSES’ exceeded. Limit: 8.0 in region… Then it looks like you reached the quota of IP addresses in use. To solve this, you need to ask to modify the quota of: This […]

Only allow Google Load Balancer traffic (Firewall Rules)

For security reasons you should only allow incoming traffic from Google Load Balancer on your backend instances. To do so, when making a GCE firewall rule, just set the Source IP ranges to these GCE IPv4 ranges: 130.211.0.0/22 35.191.0.0/16130.211.0.0/22 35.191.0.0/16 Read more here: Google Cloud Load Balancer Firewall Rules Tuning NGINX behind Google Cloud Platform […]

Google Cloud Load Balancer Firewall Rules

If you need to create firewall rules related to Google Load Balancer: You must create a firewall rule that allows traffic from 130.211.0.0/22 and 35.191.0.0/16 to reach your instances. This rule allows traffic from both the load balancer and the health checker. The rule must allow traffic on the port your global forwarding rule has […]

Create Instance Template out of Disk Snapshot on Google Cloud

You can create an Instance Template out of disk snapshot like this: 1) Created an instance 2) Install the required services on that instance 3) Create the image from the disk using the steps mentioned on this link. 4) With that Image create a new template. Other simpler steps recommended by an user: 1) Create […]

Get User IP Address From Google Cloud Load Balancer

Google Cloud Load Balancer saves the user’s IP in the X-Forwarded-For field: X-Forwarded-For: -client IP(s)-, -global forwarding rule external IP-X-Forwarded-For: -client IP(s)-, -global forwarding rule external IP- More information can be found here: https://cloud.google.com/load-balancing/docs/https/ Here is a sample PHP snippet to get the user’s IP address: $user_ip = explode(",", $_SERVER[‘HTTP_X_FORWARDED_FOR’])[0]; print_r($user_ip);$user_ip = explode(",", $_SERVER[‘HTTP_X_FORWARDED_FOR’])[0]; print_r($user_ip);

Connect as Root using WinSCP on Google Cloud Compute Engine

To connect as root with your Compute Engine VM using WinSCP do this: Option 1: Using Session -> File Protocol -> SCP sudo su -sudo su – Option 2: Using Session -> File Protocol -> SFTP sudo -s /usr/lib/sftp-serversudo -s /usr/lib/sftp-server