Access a Google Compute Engine instance exclusively from Google App Engine?

0
votes

The current setup,

  1. Google Compute Engine running Windows Server 2012 (GCE Server 2012)

  2. Google Compute Engine running Debian Wheezy (GCE Server Wheezy)

  3. GCE Server 2012 has one open port, tcp 3389 to GCE Server Wheezy

  4. GCE Server Wheezy is running Guacamole with NLA enabled and Tomcat 7 and is working off x.x.x.x:8080/guacamole/

So I have, what I hope, is a secure connection between GCE Server 2012 and GCE Server Wheezy. Now I want to be able to access x.x.x.x:8080/guacamole/ securely, but the setup with SSL has been difficult.

What I want to know is if it's possible to access GCE Server Wheezy through Google App Engine, which already has great SSL protection. Essentially, I would like to be able to open one port and IP address (range) and/or some sort of internal connection between a GCE website and GAE, and then access everything through GAE. My assumption is that since traffic from GCE and GAE never leave Google's internal infrastructure and they are tied only to each other, this would be an easy and affordable way to add powerful SSL encryption to my Guacamole/Tomcat setup.

Alternative ideas to easily add SSL to my setup would also be greatly appreciated.

1
google-app-enginetomcatgoogle-compute-engine
I'd modify the title of the question to 'how to easily add SSL to my instance running a service on port 8080'.koma

1 Answers

1
votes

Setup the HTTP Load balancer and you're set in a few mouse clicks...

HTTP/HTTPS load balancing provides global load balancing for incoming HTTP or HTTPS requests, allowing these requests to be sent to different sets of backends based on patterns in the URL. HTTP requests can be load balanced based on port 80 or port 8080. HTTPS requests can be load balanced on port 443. HTTPS load balancing also supports SPDY and HTTP/2. HTTP/HTTPS load balancing does not support WebSocket.

See https://cloud.google.com/compute/docs/load-balancing/http/