-1

Google Compute Engine newbie here.

I'm following along with the bookshelf tutorial: https://cloud.google.com/nodejs/tutorials/bookshelf-on-compute-engine

But run into a problem. When I try to view my application on http://[YOUR_INSTANCE_IP]:8080 with my external IP

Nothing shows up. I've tried running the tutorial again and again, but still same problem avails.

EDIT:

My firewall rules: https://i.stack.imgur.com/Hcsyb.png

My VM instance: https://i.stack.imgur.com/sxpgP.png

VM instance showing the correct networking tags: https://i.stack.imgur.com/OlSCK.png

Going to http://35.189.73.115:8080/ in my web browser still fails to show anything. Says "This page isn't working"

doctopus
  • 5,349
  • 8
  • 53
  • 105

1 Answers1

1

TL;DR - You're most likely missing firewall rules to allow incoming traffic to port 8080 on your instances.

Default Firewall rules

Google Compute Engine firewall by default blocks all ingress traffic (i.e. incoming network traffic) to your Virtual Machines. If your VM is created on the default network (which is usually the case), few ports like 22 (ssh), 3389 (RDP) are allowed.

The default firewall rules are described here.

Opening ports for ingress

The ingress firewall rules are described in detail here.

The recommended approach is to create a firewall rule which allows incoming traffic to your VMs (containing a specific tag you choose) on port 8080 . You can then associate this tag only to the VMs where you will want to allow ingress 8080.

The steps to do this using gcloud:

# Create a new firewall rule that allows INGRESS tcp:8080 with VMs containing tag 'allow-tcp-8080'
gcloud compute firewall-rules create rule-allow-tcp-8080 --source-ranges 0.0.0.0/0 --target-tags allow-tcp-8080 --allow tcp:8080

# Add the 'allow-tcp-8080' tag to a VM named VM_NAME
gcloud compute instances add-tags VM_NAME --tags allow-tcp-8080

# If you want to list all the GCE firewall rules
gcloud compute firewall-rules list

Here is another stack overflow answer which walks you through how to allow ingress traffic on specific ports to your VM using Cloud Console Web UI (in addition to gcloud).

PS: These are also part of the steps in the tutorial you linked.

# Add the 'http-server' tag while creating the VM
gcloud compute instances create my-app-instance \
    --image=debian-8 \
    --machine-type=g1-small \
    --scopes userinfo-email,cloud-platform \
    --metadata-from-file startup-script=gce/startup-script.sh \
    --zone us-central1-f \
    --tags http-server

# Add firewall rules to allow ingress tcp:8080 to VMs with tag 'http-server'
gcloud compute firewall-rules create default-allow-http-8080 \
    --allow tcp:8080 \
    --source-ranges 0.0.0.0/0 \
    --target-tags http-server \
    --description "Allow port 8080 access to http-server"
Tuxdude
  • 47,485
  • 15
  • 109
  • 110
  • I added the firewall rule and can confirm that my VM instance has the correct firewall rule tag applied. But yet still can't access my app when i goto http://35.189.73.115:8080/ – doctopus Jul 23 '17 at 21:43
  • @JosephLiu - Do you have any OS level firewall rules configured on your VM? – Tuxdude Jul 23 '17 at 22:13
  • I'm using a mac and can confirm i dont have a firewall turned on – doctopus Jul 24 '17 at 18:54