3

I've got a managed autoscaling group set up behind a load balancer in Google Compute. It's working well, and adds / removes instances as it should.

Is is possible to specify (in any way) the external IP address which is allocated to the instances in the group?

I was hoping that if I reserved static IP addresses, then the new machines would use them but instead they just seem to still use a random one from the ephemeral pool.

The issue is that the payment gateway we're using (Sagepay) needs to know the IP address of the servers that are sending payment requests. It can handle a class C subnet but obviously I need to be able to ensure that machines are getting IPs in the right range.

The only other possibility I could come up with was to try and proxy the outgoing traffic to Sagepay via a single machine on a known IP, but that seems like a poor solution!

Any hints appreciated.

stambata
  • 1,598
  • 3
  • 13
  • 18
DorsetTim
  • 31
  • 3
  • Hi @DorsetTim, any news about this issue ? I am facing the same one 3 years after and i can't find any solution so far. – dzof31 Jun 17 '19 at 10:21

1 Answers1

1

If you are using Network loadbalancer you can unassign your reserved static IP from instance and assign it to loadbalancer's forwarding rule in the same zone. For more information you can refer to this link [1].

In case you are using HTTP(S) loadbalancer, you need to reserve global static IP for forwarding rule which doesn't require zone. For more information you can refer to this link [2].

As such, for HTTP(S) loadbalancer the easiest option would be to reserve global static IP address and whitelist it with your payment gateway (Sagepay).

[1] https://cloud.google.com/compute/docs/load-balancing/network/forwarding-rules [2] https://cloud.google.com/compute/docs/load-balancing/http/global-forwarding-rules

Faizan
  • 1,408
  • 10
  • 17
  • Thanks for the ideas, but I think that's the wrong direction. I have the load balancer configured and the incoming traffic is being routed to the instance group correctly. My issue is that the external service (Sagepay) needs to be provided with a range of IP addresses from which requests will originate, so I either need to be able to dynamically allocate reserved IP addresses from a known pool, or I need to proxy all the requests from the instances through a single IP. – DorsetTim Jul 26 '16 at 15:46
  • 1
    I am sorry for misunderstanding your question. First of all: it is not possible to set a range of external IPs for the autoscaling instances. One workaround to achieve your setup would to configure NAT gateway. In this way, the autoscaled instances will have only one public IP when traffic is sent to your payment gateway. Steps to configure NAT gateway are documented on [this link](https://cloud.google.com/compute/docs/networking#natgateway) – Faizan Jul 26 '16 at 21:10