本文介绍了在Compute Engine内部IP上连接到Redis时,Google Cloud功能超时的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我使用 https://console创建了Redis实例.cloud.google.com/launcher/details/bitnami-launchpad/redis-ha

,网络接口为:

我正在尝试从Firebase触发器连接到此Redis实例.

I'm trying to connect to this Redis instance from a Firebase trigger.

问题是:从云功能连接到计算实例需要什么防火墙规则?

请提供尽可能多的详细信息,例如IP范围,入口/出口等,以及是否必须将Redis客户端连接到内部IP或外部IP上的实例.

Please provide as many details as possible, e.g. IP ranges, ingress/egress, etc, and whether I have to connect the Redis client to the instance on the internal IP, or the external IP.

这是代码:

const redis = require('redis');

let redisInstance = redis.createClient({
    /* surely external IP needn't be used
       here as it's all GCP infra? */
    host: '10.1.2.3',
    port: 6379
})

redisInstance.on('connect', () => {
    console.log(`connected`);
});

redisInstance.on('error', (err) => {
    console.log(`Connection error ${err}`);
});

日志中的错误是

我查看了 Google Cloud Function无法连接到Redis ,但是在设置规则时,有关选项的不够具体.

I've looked at Google Cloud Function cannot connect to Redis but it's not specific enough about the options when setting up a rule.

我尝试使用以下设置来设置防火墙规则:

I tried to set up a firewall rule with these settings:

  • ingress
  • 网络:默认
  • 源过滤器:我的Firebase服务帐户
  • 协议/端口:全部
  • 目标:全部

关于服务帐户的说明:

  • 由Firebase创建
  • 在IAM中具有 Editor 角色
  • 从我的Firebase触发器中可以与BigQuery和其他Firebase服务一起使用
  • created by Firebase
  • has the Editor role in IAM
  • is known to work with BigQuery and other Firebase services from my Firebase triggers

这条相同的防火墙规则已经生效了几个小时,我还重新部署了用于测试Redis的触发器,但仍然得到ETIMEDOUT

This same firewall rule has been in effect for a few hours now, and I've also redeployed the trigger which tests Redis, but still getting ETIMEDOUT

我打电话给GCP Gold支持人员,问题对于操作员来说并不明显,因此他们将打开案例,进行调查并留下一些笔记.

I phoned GCP Gold support and the problem isn't obvious to the operator, so they'll open a case, investigate, and leave some notes.

使用许可的防火墙规则(源0.0.0.0/0,目标所有目标")并连接到Redis实例的外部IP地址(当然!).但是,我现在在电话中提到很多次,我不希望Redis实例可以向Internet开放,并且如果存在某种涉及网桥/VPN的解决方案,那么我可以从以下地址连接到10.x.x.x地址:云功能.

Using a permissive firewall rule (source 0.0.0.0/0, destination "all targets") and connecting to the Redis instance's external IP address works (of course!). However, I mentioned many times now on the phone call I don't want the Redis instance to be open to the Internet, and if there's some sort of solution involving a networking bridge/VPN so I can connect to the 10.x.x.x address from the Cloud Function.

接线员说,他们会在2天之内回覆我.

The operator said they'll get back to me in 2 days.

我已经自我解答似乎无法连接从云功能转换到Compute Engine内部IP.

I've self-answered that it doesn't seem to be possible to connect to a Compute Engine internal IP from a cloud function.

推荐答案

当前似乎可以从Google Cloud Funtions连接到Google Compute Engine内部IP,金牌支持运营商的努力徒劳无功.

It looks like it's NOT currently possible to connect to Google Compute Engine internal IP from Google Cloud Funtions so all my (and my helpful Gold support operator's) efforts have been in vain.

以下是(未解决的)问题: https://issuetracker.google.com/issues/36859738

Here's the (open) issue: https://issuetracker.google.com/issues/36859738

这篇关于在Compute Engine内部IP上连接到Redis时,Google Cloud功能超时的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-18 22:00
查看更多