Mac
To whom it may concern
menu
Mac's Wiki|Docs / tech-reference / googlecloud / question-1 / answer-by-gemini
print lock_open

Answer By Gemini

The best answer to minimize effort for connecting the Compute Engine instance to the GKE application across VPCs is:

C. 1. In GKE, create a Service of type LoadBalancer that uses the application's Pods as backend. 2. Add an annotation to this service: cloud.google.com/load-balancer-type [invalid URL removed]: Internal 3. Peer the two VPCs together. 4. Configure the Compute Engine instance to use the address of the load balancer that has been created.

Here's why:

  • Option A: This option uses an external LoadBalancer which wouldn't be accessible from the Compute Engine instance in another VPC. It's designed for public traffic.
  • Option B: This option is complex and requires additional configuration with iptables on a proxy instance. It also introduces a single point of failure with the proxy instance.
  • Option D: Cloud Armor Security Policy is for security and doesn't address the issue of VPC separation.
  • Option C: This option leverages an internal LoadBalancer. By peering the VPCs, resources in one can communicate with resources in the other. The internal LoadBalancer remains accessible within the peered VPC network, allowing the Compute Engine instance to connect to the GKE application efficiently.

This approach minimizes effort by leveraging existing features and avoids complex configurations.

This page was last edited on 2024-12-31 13:03

Powered by Wiki|Docs

This page was last edited on 2024-12-31 13:03

Mac
To whom it may concern

Powered by Wiki|Docs