问题
I have a question regarding IP Address in Google App Engine. I know there is no way to have a static IP-address, but my client have setup a Custom Domain with some IP-address showing up. My problem is:
There is an endpoint(API) that they are connected on, the problem is that the destination requires IP-address and PORT to open in their firewall-policy. Since there is no "Static IP" on Google App Engine, can i use those IP-address showing under "data" in Google App Engine in Custom Domains?
Because when i enter the domain in my web-browser i see the same IP listed in Custom Domain. Can i send over those IP-addresses than the Pool of IP by running: nslookup -q=TXT _cloud-netblocks.googleusercontent.com 8.8.8.8Because those domain listed in nslookup is not shown in the network (remote address)
Thanks!
回答1:
The result of running nslookup -q=TXT _cloud-netblocks.googleusercontent.com 8.8.8.8 is not static. Google may introduce new _cloud-netblocks entries at any time.
In the Google Cloud documentation section Static IP Addresses and App Engine apps is the recommended approach to retrieve the IPs. You will have to run:
nslookup -q=TXT _cloud-netblocks.googleusercontent.com 8.8.8.8
And then, from the response , you'll have to query each of the _cloud-netblocksN listed. Let take this query response as an example:
Non-authoritative answer:
_cloud-netblocks.googleusercontent.com text = "v=spf1 include:_cloud-netblocks1.googleusercontent.com include:_cloud-netblocks2.googleusercontent.com include:_cloud-netblocks3.googleusercontent.com ?all
There's 3 _cloud-netblocksN listed, so you'll have to query them:
nslookup -q=TXT _cloud-netblocks1.googleusercontent.com 8.8.8.8
nslookup -q=TXT _cloud-netblocks2.googleusercontent.com 8.8.8.8
nslookup -q=TXT _cloud-netblocks3.googleusercontent.com 8.8.8.8
The SPF records returned from the query of each of those above entries will be IP ranges that you can use for App Engine.
回答2:
The static IP address for AppEngine is now* possible using serverless NEG with Load Balancer.
- Serverless NEG is in Alpha from Google, which isn't available for public access yet. See https://stackoverflow.com/a/62660953/4185100
Using this method, it is also possible to configure multiple domains/sub-domains with HTTPS load balancer which points to internal serverless resources (different AppEngine services, Cloud functions, etc)
来源:https://stackoverflow.com/questions/54987500/google-app-engine-static-ip-address-custom-domain