extensions
extensions copied to clipboard
firebase
[firestore-send-email] Add possibility to route outgoing connections through VPC network to workaround blocked Cloud Function outgoing IP ranges causing `ECONNRESET` errors
Extension name
This feature request is for extension: firestore-send-email
What feature would you like to see?
The following issue describes an issue where the extension fails to connect to the SMTP to send an email because some of the outbound IP ranges used by Firebase Cloud Functions are blocked by the bulk sending provider.
This results in Unsuccessful: null read ECONNRESET errors for the affected emails if such a blocked IP is dynamically chosen by the Cloud Function to send the request to the bulk sender API: https://github.com/mailjet/mailjet-apiv3-nodejs/issues/176
This also goes in line with the fact that affected emails can indeed be sent correctly after retrying to send the emails for several rounds (by setting the delivery.state field to RETRY in the Firestore collection which makes the extension try to retry sending this email) when a non-blocked IP range is used by the Cloud Function executed by the extension.
Based on the following comment in the issue, it seems this issue can be worked around by providing a static outgoing external IP for the email-sending cloud function: https://github.com/mailjet/mailjet-apiv3-nodejs/issues/176#issuecomment-1030660332 This comment points to https://medium.com/@scorpion.nimit/how-to-create-a-firebase-cloud-function-with-static-outbound-ip-8086bbbdbbfe which describes how to set up a static outbound IP address for a Cloud Function.
As the described procedure needs to be configured for the Cloud Function itself, it would be great if this extension would optionally allow to specify the VPC Connector name and if one is specified, route all traffic through this vpc.
This would result in all mail sending requests to be done via the static outbound IP of the VPC connector/router.
How would you use it?
- Follow the instructions described here https://medium.com/@scorpion.nimit/how-to-create-a-firebase-cloud-function-with-static-outbound-ip-8086bbbdbbfe to ** find the name of the VPC network ** create a Cloud Router ** reserve static IP address ** create cloud NAT gateway ** create the VPC connector
- Add the VPC connector name to the extension settings
- Enjoy that mail sending works reliably now
@dackers86 I just saw this actually relates to #881 / almost duplicates it.
The usecases mentioned in #881 and this issue are different but the common solution would cover both.
@sceee this is actually possible already.
Firebase extensions allow you to configure advanced parameters, including VPC Connector settings. Just set one up as in the article you did provide or as described in the docs here: https://cloud.google.com/run/docs/configuring/static-outbound-ip.
Afterwards, configure the connector in the extension's config menu (in the expansion panel). I have no clue why, but for me, the expansion panel only gets visible after switching through the tab-menu on the left side...
Alternatively, use the extension manifest to set the connector in the source code: https://firebase.google.com/docs/extensions/manifest (this becomes active after the next firebase deploy --only extensions).
You can find the available parameters here: https://firebase.google.com/docs/extensions/publishers/parameters#system_parameters
Should look somehow like this:
firebaseextensions.v1beta.function/vpcConnector=${VPC_CONNECTOR_NAME_GOES_HERE}
firebaseextensions.v1beta.function/vpcConnectorEgressSettings=ALL_TRAFFIC
[email protected]
LOCATION=LOCATION-XYZ
...
@FBuervenich great, thank you very much! Seems I missed this one or it was not available back when I created this feature request.
I'll close this one, thanks!