gcloud compute:配置外部流量的防火墙

huangapple go评论85阅读模式
英文:

gcloud compute: configure firewall for external traffic

问题

我正在尝试配置我的Google Cloud实例以允许外部流量,以便我可以设置一个Web套接字;然而,尽管我添加了一个用于所有外部TCP/IP流量的规则,但我无法访问它。我的规则如下:

gcloud compute firewall-rules list
NAME NETWORK SRC_RANGES RULES SRC_TAGS TARGET_TAGS
default-allow-ssh default 0.0.0.0/0 tcp:22
external-traffic default 0.0.0.0/0 tcp,udp

gcloud compute instances list
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
pi-server us-central1-a n1-standard-1 ...* ...* RUNNING

我已将其配置为静态IP(在我的云仪表板中显示):

Name External Address Region Type In use by
crypto-iris-****** ...* us-central1 Static VM instance my_instance_name (Zone a)

我还有一些Go客户端/服务器Web套接字代码,在我的计算机上使用localhost:8080作为地址完美运行。所以,我的问题是:在这些规则下,我是否可以简单地用我的实例的外部静态IP替换localhost?

我的客户端使用"github.com/gorilla/websocket"在端口8080上。本地客户端的输出是:

connecting to ws://23.251.148.133:8080/echo
dial:dial tcp 23.251.148.133:8080: getsockopt: operation timed out
exit status 1

如果有人想看代码,可以提出要求。

英文:

I am attempting to configure my google cloud instance to allow external traffic so I can set up a web socket; however despite adding a rule for all external TCP/IP traffic, I can't access it. My rules are:

gcloud compute firewall-rules list
NAME              NETWORK SRC_RANGES RULES   SRC_TAGS TARGET_TAGS
default-allow-ssh default 0.0.0.0/0  tcp:22
external-traffic  default 0.0.0.0/0  tcp,udp


gcloud compute instances list
NAME      ZONE          MACHINE_TYPE  PREEMPTIBLE INTERNAL_IP EXTERNAL_IP    STATUS
pi-server us-central1-a n1-standard-1             **.***.*.*  **.***.***.*** RUNNING

I have configured this as a static IP (this is displayed in my cloud dashboard):

Name	           External Address	Region	    Type	In use by
crypto-iris-******	**.***.***.***	us-central1	Static	VM instance my_instance_name (Zone a)	

I also have some Go client/server web socket code that works perfectly on my computer using localhost:8080 as address. So, my question is: can I simply replace localhost with the external static IP of my instance under these rules?

My client makes use of "github.com/gorilla/websocket" on port 8080. Output of client locally is:

connecting to ws://23.251.148.133:8080/echo
dial:dial tcp 23.251.148.133:8080: getsockopt: operation timed out
exit status 1

Code upon request, if anyone wants to see it.

答案1

得分: 2

问题:我的golang/gorilla服务器一开始是托管在localhost:8080上的。我将其更改为0.0.0.0:8080后,一切顺利。

请参考以下帖子,但基本上服务器正在监听本地回环地址(仅对本地机器可用),而不是外部世界。

https://serverfault.com/questions/78048/whats-the-difference-between-ip-address-0-0-0-0-and-127-0-0-1

英文:

Problem: my golang/gorilla server was hosting on localhost:8080. I changed it to 0.0.0.0:8080. Smooth sailing after that.

See following post about this, but basically the server was listening to the local loopback address (available only to local machine) instead of the outside world.

https://serverfault.com/questions/78048/whats-the-difference-between-ip-address-0-0-0-0-and-127-0-0-1

huangapple
  • 本文由 发表于 2016年1月28日 14:48:02
  • 转载请务必保留本文链接:https://go.coder-hub.com/35054547.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定