4

我创建了一个Cloud Run带有Serverless VPC access connectorto a的 Google 修订版VPC Network。可以通过,VPC Network访问 Internet Cloud NAT,以允许Cloud Run实例具有static outbound ip address,如本教程中所述:https ://cloud.google.com/run/docs/configuring/static-outbound-ip 。我按照教程进行了操作,一切都很好,我得到了来自Cloud Run实例的出口流量的静态 IP 地址。

我曾经terraform部署所有资源,您可以在下面找到其代码。问题是这样destroy的: 获取资源后,出现以下错误:

ERROR: (gcloud.compute.networks.delete) Could not fetch resource:
 - The network resource 'projects/myproject/global/networks/webhook-network' is already being used by 'projects/myproject/global/networkInstances/v1823516883-618da3a7-bd4f-4524-...-...'

(这些点包含更多数字,但由于这似乎是某种 uuid,我不想分享其余部分)。

所以我不能删除第一个网络。当我更改网络的名称和 reapply时,apply成功,但outbound static ip出口的地址是169.254.X.X,我找到以下信息:

在此处输入图像描述

“当你看到 a169.254.X.X时,你肯定有问题” ==> 闻起来像麻烦。

任何可以帮助我的 Google 员工?我认为重现“损坏”的 VPC 网络的步骤是创建一个Serverless Access Connector与 VPC 的连接,用Cloud Run修订版引用它,然后在删除修订版之前VPC network删除和,但老实说不确定,我不真的有闲置的 GCP 项目来测试它。Serverless Access Connector Cloud Run

这个 StackOverflow 问题没有帮助:https ://serverfault.com/questions/1016015/google-cloud-platform-find-resource-by-full-resource-name ,这是我能找到的唯一相关问题。

有人有想法么?

locals {
  region = "europe-west1"
}

resource "google_compute_network" "webhook_network" {
  name = "webhook-network-6"
  auto_create_subnetworks = false
}

resource "google_compute_subnetwork" "subnetwork" {
  depends_on = [
    google_compute_network.webhook_network
  ]
  name = "webhook-subnet-6"
  network = google_compute_network.webhook_network.self_link
  ip_cidr_range = "10.14.0.0/28"
  region = local.region
}

resource "google_compute_router" "router" {
  depends_on = [
    google_compute_subnetwork.subnetwork,
    google_compute_network.webhook_network
  ]
  name = "router6"
  region = google_compute_subnetwork.subnetwork.region
  network = google_compute_network.webhook_network.name
}

// I created the static IP address manually
//resource "google_compute_address" "static_address" {
//  name = "nat-static-ip-address"
//  region = local.region
//}

resource "google_compute_router_nat" "advanced-nat" {
  name = "natt"
  router = google_compute_router.router.name
  region = local.region
  nat_ip_allocate_option = "MANUAL_ONLY"
  nat_ips = [
    var.ip_name
  ]
  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"

}

data "google_project" "project" {

}


}
resource "google_vpc_access_connector" "access_connector" {
  depends_on = [
    google_compute_network.webhook_network,
    google_compute_subnetwork.subnetwork
  ]
  name = "stat-ip-conn-6"
  project = var.project_id
  region = local.region
  ip_cidr_range = "10.4.0.0/28"
  network = google_compute_network.webhook_network.name
}
4

1 回答 1

2

原来我工作正常,测试它的方法是错误的。我正在使用以下云功能对其进行测试:

def hello_world(request):
    request_json = request.get_json()
    ip = request.remote_addr # the culprit
    remote_port = request.environ.get('REMOTE_PORT')
    url = request.url
    host_url = request.host_url
    return {"ip": ip, "url": url, "port": remote_port, "host_url": host_url}

它返回169.254.X.X,但是当我测试时curlmyip.org,它确实是正确的 IP 地址。

但是,这仍然不能解决无法删除 VPC 网络的问题。

于 2020-11-30T12:26:49.520 回答