Using an HTTP Load Balancer with a container cluster on Google Cloud

Question

I want to put an HTTP load balancer in front of a cluster running a docker image on Google Container Engine, so that I can use HTTPS without the application needing to support it.

I've created a container cluster with the following command:

gcloud container clusters create test --zone europe-west1-b --machine-type f1-micro --num-nodes 3

I then created a replication controller to run an image on the cluster which is basically nginx with static files copied onto it.

If I create a network load balancer for this, everything works fine. I can go to my load balancer IP address and see the website. However, if I create an HTTP load balancer to use the instance group created when I created the cluster, I get an HTTP 502. I also noticed that if I try browsing to the external IP address of any of the individual instances in the cluster, it refuses the connection.

There is a firewall rule already for 0.0.0.0/0 on tcp:80, for the tag used by the cluster instances, which if I'm not mistaken should allow anything anywhere to connect to port 80 on those instances. It doesn't seem to be working though.

Answer 1

For your services to be exposed publicly on the individual instances' public IPs, they need to be specified as NodePort services. Otherwise, the service IPs are only reachable from within the cluster, which probably explains your 502. Being reachable on the instance's public IP is required for your HTTP load balancer to work.

There's a walkthrough on using the Ingress object for HTTP load balancing on GKE that might be useful.