Google Cloud Engine: How to route traffic on port 80 when using HTTPS load balancer

0
votes

I'm using HTTPS load balancer for my website and it's working well if I visit: https://www.vietnamspotlight.com.

However, if I visit the URL with http, i.e http://vietnamspotlight.com, then I always get error from Google that says the request was not found.

Then I tried to update load balancer by adding a new IP, port and protocol to use with HTTP in Frontend configuration session. See the image below for reference (the IPs for HTTP and HTTPS have been removed from the image):

Load balancer settings

After that, I switch to DNS configuration of the domain provider and tried to add another A records that point to new IP to deal with requests with HTTP protocol. It means I'm using two A records at same host @, each points to a different value, one for the HTTP and one for the HTTPS. See the image below for reference (the values have been changed to fake IP addresses):

DNS settings

Still it doesn't work.

1
dnsgoogle-cloud-platformload-balancing

1 Answers

5
votes

You are configuring your load balancer incorrectly. You must use the same TCP/IP address for both HTTP and HTTPS.

By configuring two different IP addresses for your website in DNS, you are in effect providing two IP addresses to clients to select from. Depending on the client and the DNS server, your clients will go to one IP address or the other in a round-robin style. This of course is not what you want.

DNS servers do not know the difference between HTTP and HTTPS when making DNS resolution decisions. DNS servers translate domain names to IP addresses. The protocol (HTTP / HTTPS) is not part of the translation decision.

This means that you need to configure your Google Load Balancer (HTTP(S) Load Balancing - Layer 7) with two frontends. The first frontend is HTTP, the second frontend is HTTPS. Both use the same IP address.

IMPORTANT:

An important step is to create the static IP address as global before creating the load balancer. If you create the IP address during the step to create the first frontend, you won't be able to select the same IP address when you create the second frontend.

Delete the incorrect entry in your DNS server. You may have to wait a while for the TTL (Time-To-Live) to timeout for your DNS entries. While waiting go to the next step.

Go back to the Google Cloud Console. Select your load balancer. Delete your HTTP frontend. Save the load balancer. Now go back and configure a new frontend for HTTP selecting the same IP address that you used for the HTTPS frontend.