Reputation: 388
Cloud Scheduler won't trigger Cloud Function
I'm trying to trigger a Cloud Function on a schedule using Cloud Scheduler. I have set up a service account with the Cloud Function Invoker role, set it as the service account on the scheduler, and set the auth header to "Add OIDC token". The URL is the same as the trigger URL for the cloud function.
When I run the scheduled job manually, the result comes back as "Success", so there doesn't appear to be any authentication issue. However, the result I'd expect (new data being appended to a BigQuery table) does not happen.
You might assume at this point that there is a problem with the Cloud Function, however when I run the function manually (without the scheduler), it works exactly as expected.
When I check the Cloud Function logs after running the scheduler manually, clearly the function has not been called, so it seems somehow the interaction between the Scheduler and the Function is not working. The strange thing is that I have set this up in exactly the same way as I've done with other scheduled functions in the past, which worked just fine, so I can't find a reason why this wouldn't be working.
Any ideas where I could be going wrong?
Upvotes: 2
Views: 2687
Answers (1)
Reputation: 1346
Here there seems to be an issue with the calls not reaching cloud function when scheduler tries to use the function-invoker service account to trigger the cloud function running as function-runner.The problem with Cloud Scheduler is that it cannot be used to trigger the function if it is set to “allow internal traffic”.
Internal-only HTTP functions can only be invoked by HTTP requests that are created within a VPC network, such as those from Kubernetes Engine, Compute Engine, or the App Engine Flexible Environment. This means that events created by or routed through Pub/Sub, Eventarc, Cloud Scheduler, and Cloud Tasks cannot trigger these functions[1].
Please check the Load Balancer configurations to manage the traffic in Cloud Functions. So even though you choose the option of “Allow internal traffic and traffic from Cloud Load Balancing”, it is only using the part of “allow internal traffic” because there is no option to manage the load balancing. A workaround would be to create the load balancer[2] to manage the traffic in Cloud Functions[3], or you could select the option of “Allow all traffic” if it is acceptable to you.
[1] https://cloud.google.com/functions/docs/networking/network-settings#ingress_settings
[2] https://cloud.google.com/iap/docs/load-balancer-howto
[3] https://cloud.google.com/load-balancing/docs/https/setting-up-https-serverless
Upvotes: 1
Related Questions
- Cannot invoke Google Cloud Function from GCP Scheduler
- Getting permission denied error when calling Google cloud function from Cloud scheduler
- Eventarc google.cloud.scheduler.v1beta1.CloudScheduler.RunJob not being triggered
- Cloud Function not deploying correctly
- HTTP Triggering Cloud Function with Cloud Scheduler
- Unknown error has occurred in Cloud Functions
- Cloud Task not executing Cloud Function
- Cloud Scheduler fails in HTTP Cloud Function
- Failing to invoke Google Cloud Function with Google Cloud Scheduler
- Google-Cloud-Scheduler fail with http trigger Cloud Function