terraforming-gcp icon indicating copy to clipboard operation
terraforming-gcp copied to clipboard

Published 20 hours ago verified publisher icon vmware-archive

Regional TCP LBs should use Instance Groups rather than Target Pools

Open ljfranklin opened this issue 6 years ago • 4 comments

The RelInt team discovered issues with failed HTTP requests during a deploy when Target Pools were used. The current theory by Google engineers is that switching to Instance Groups instead will fix this issue. Looks like y'all have a story to make this change in bbl as well.

The Terraform docs only mention Target Pools as the valid target for forwarding rules. However the API docs seem to indicate that an Instance Group ID is a valid value for target.

ljfranklin avatar Oct 16 '18 17:10 ljfranklin

We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story.

The labels on this github issue will be updated when the story is started.

cf-gitbot avatar Oct 16 '18 17:10 cf-gitbot

I think it is still an open question how we will achieve this suggested change in terraform/GCP, so once we solve it in either product (terraforming-gcp or bbl), we will be sure to follow through to the other product quickly.

nwmahoney avatar Oct 19 '18 18:10 nwmahoney

Hello @ljfranklin, I've gathered a bit of context on this issue over the last few days while working on solving it for bbl. It looks like this will be a feature in the future but Google cloud does not support this.

  • In order to use instance groups, they must be linked to a backend_service.
  • Only internal regional backend services "can" do network load balancing.
    • Backend services can be global or regional.
    • Backend services "can" have internal or external load balancing schema.
  • After updating terraform-provider-google to support modification of the LoadBalancerScheme, I found that google returns the following error: 
    * google_compute_region_backend_service.router-lb-backend-service: 1 error(s) occurred:

* google_compute_region_backend_service.router-lb-backend-service: Error creating backend service: googleapi: Error 400: Invalid value for field 'resource.loadBalancingScheme': 'EXTERNAL'. Backend Service based Network Load Balancing is not yet supported., invalid

Using instance groups rather than target pools is blocked on Google releasing the external backend services feature. Since the error message suggests that Google Cloud recognizes what we want to do but claims "it is not yet supported", we may be able to reach out to our friends at Google to see if the feature is implemented but not generally available and if so request access in some alpha form.

*Links to supporting Google/Terraform docs are in the (private) PivotalTracker story. #161389908

crhntr avatar Oct 24 '18 00:10 crhntr

I was under the impression that RelInt had seen this working. cc @staylor14

ljfranklin avatar Oct 24 '18 16:10 ljfranklin