Sometimes you need to assign more than a single external IP address to an instance running on Google Compute Engine. For me it was I was deploying a load balancer service and I had to configure multiple IP addresses for different services, so I'll have a better control over where and how your traffic goes within the farm.

In general, I have been asked to build a configuration according to the diagram for one of my Google Cloud Platform customers. 

Configuration Overview

Configuration Overview

The part of configuration was to allow HAproxy1 and HAproxy 2 to receive traffic on multiple IP addresses so they would be able to route traffic being received on IP1 to App1 and from IP2 to App2 and so on.

At the time of writing this blog post, GCE doesn't allow an instance to have more than one external interface so there is no intuitive way for assigning multiple addresses to a single instance.

What GCE does have is protocol-forwarding. Protocol forwarding allows to create a "target instance" which is a kind of a virtual router, routing traffic to the  instance that should serve multiple IP addresses.

The configuration of protocol forwarding is is a two-step process:

1. Create a 'target instance' pointing to the instance that should serve multiple IP addresses. This can be done with the `gcutil addtargetinstance` command.

2. Create a 'forwarding rule' defining how to forward traffic from an external IP address to the target instance. You can specify a reserved address for this or a ephemeral external address will be created. This can be done with the `gcutil addforwardingrule` command.

When using protocol forwarding your instance sees inbound traffic arriving with destination address equal to the external IP address (as opposed to a NATed internal address). This allows you to distinguish which IP address the traffic was sent to.

In my example, I needed to serve multiple IP's on HAproxy1/2, so I went with that syntax:

gcutil addtargetinstance --instance=haproxy1 app1
gcutil addtargetinstance --instance=haproxy1 app2
gcutil addtargetinstance --instance=haproxy1 app3
gcutil addtargetinstance --instance=haproxy1 app4
gcutil addtargetinstance --instance=haproxy1 app5

gcutil addforwardingrule --ip=app1_external_ip --target_instance=app1 --region=us-central1 app1_fw_rule
gcutil addforwardingrule --ip=app1_external_ip --target_instance=app2 --region=us-central1 app2_fw_rule
gcutil addforwardingrule --ip=app1_external_ip --target_instance=app3 --region=us-central1 app3_fw_rule
gcutil addforwardingrule --ip=app1_external_ip --target_instance=app4 --region=us-central1 app4_fw_rule
gcutil addforwardingrule --ip=app1_external_ip --target_instance=app5 --region=us-central1 app5_fw_rule

Note: you'll need a CloudSDK to execute gcutil commands.  

Posted
AuthorVadim Solovey
Categorieshomepage