通过Gcloud创建四层GLB

参考文档：https://cloud.google.com/load-balancing/docs/tcp/setting-up-tcp#setup-overview

VPC及子网配置：

1. 创建VPC，vpc名称为：longtu-vpc

gcloud compute networks create longtu-vpc --subnet-mode=custom

2. 创建子网，子网名称为：longtu-subnets，vpc选择第一步骤的longtu-vpc地址段为10.1.2.0/24，region为asia-northeast1

gcloud compute networks subnets create longtu-subnets \
  --network=longtu-vpc \
  --range=10.1.2.0/24 \
  --region=asia-northeast1

配置实例组信息

1. 配置实例启动模板，模板名称为web-asia-template，并通过启动脚本配置一个web测试页，标签为：lb-tag

gcloud compute instance-templates create web-asia-template \
--region=asia-northeast1 \
--network=longtu-vpc \
--subnet=longtu-subnets \
--tags=lb-tag \
--image-family=debian-10 \
--image-project=debian-cloud \
--metadata=startup-script='#! /bin/bash
apt-get update
apt-get install apache2 -y
a2ensite default-ssl
a2enmod ssl
vm_hostname="$(curl -H "Metadata-Flavor:Google" \
http://169.254.169.254/computeMetadata/v1/instance/name)"
echo "Page served from: $vm_hostname" | \
tee /var/www/html/index.html
systemctl restart apache2'

2. 创建托管实例组，实例组名称分别为vmgroup1、vmgroup2，每个实例组有2台VM

gcloud compute instance-groups managed create vmgroup1 \
    --zone asia-northeast1-a \
    --size 2 \
    --template web-asia-template

gcloud compute instance-groups managed create vmgroup2 \
    --zone asia-northeast1-b \
    --size 2 \
    --template web-asia-template

TCP LB****时，实例组配置方法如下：

实例组1

gcloud compute instance-groups unmanaged create tcp-vmgroup1 \
    --zone asia-northeast1-a

gcloud compute instance-groups set-named-ports tcp-vmgroup1 \
    --named-ports tcp80:80 \
    --zone asia-northeast1-a

gcloud compute instance-groups unmanaged add-instances tcp-vmgroup1 \
   --instances vmgroup1-m6x3,vmgroup1-qcrn \
   --zone asia-northeast1-a

实例组2

gcloud compute instance-groups unmanaged create tcp-vmgroup2 \
   --zone asia-northeast1-b

gcloud compute instance-groups set-named-ports tcp-vmgroup2 \
   --named-ports tcp80:80 \
   --zone asia-northeast1-b

gcloud compute instance-groups unmanaged add-instances tcp-vmgroup2 \
   --instances vmgroup2-570n,vmgroup2-n028\
   --zone asia-northeast1-b

3. 防火墙规则，在防火墙规则longtu-allow-network-lb-ipv4中允许公网访问80端口，标签为：lb-tag

gcloud compute firewall-rules create longtu-allow-network-lb-ipv4 \
    --network=longtu-vpc \
    --target-tags=lb-tag \
    --allow=tcp:80 \
    --source-ranges=0.0.0.0/0

LB配置

1. 创建LB IP：提前创建一个IPV4地址，该地址为LB的外网访问地址

gcloud compute addresses create longtu-network-lb-ipv4 \
    --region asia-northeast1

创建全局****LB IP

gcloud compute addresses create longtu-network-lb-ipv4 \
    --ip-version=IPV4 \
    --global

2. 查看LB地址

gcloud compute addresses list longtu-network-lb-ipv4

3. 创建健康检查：在asia-northeast1中创建80的健康检查策略，名称为longtu-tcp-health-check

gcloud compute health-checks create tcp longtu-tcp-health-check \
    --region asia-northeast1 \
    --port 80

创建全局健康检查

gcloud compute health-checks create tcp longtu-tcp-health-check \
    --port 80

4. 创建后端服务：后端为longtu-network-lb-backend-service，并应用健康检查策略longtu-tcp-health-check

gcloud compute backend-services create longtu-network-lb-backend-service \
    --protocol TCP \
    --health-checks longtu-tcp-health-check \
    --health-checks-region asia-northeast1 \
    --region asia-northeast1

创建全局后端服务

gcloud compute backend-services create longtu-network-lb-backend-service \
    --protocol TCP \
    --health-checks longtu-tcp-health-check \
    --global-health-checks \
    --global \
    --port-name tcp80

5. 为后端服务添加实例组：添加时，需要指定实例组的zone，分别是asia-northeast1-a、asia-northeast1-b

gcloud compute backend-services add-backend longtu-network-lb-backend-service \
--instance-group vmgroup1 \
--instance-group-zone asia-northeast1-a \
--region asia-northeast1

gcloud compute backend-services add-backend longtu-network-lb-backend-service \
--instance-group vmgroup2 \
--instance-group-zone asia-northeast1-b \
--region asia-northeast1

将2个实例组，加入全局的后端服务中

gcloud compute backend-services add-backend longtu-network-lb-backend-service \
--instance-group tcp-vmgroup1 \
--instance-group-zone asia-northeast1-a \
--global \
--balancing-mode UTILIZATION \
--max-utilization 0.8

gcloud compute backend-services add-backend longtu-network-lb-backend-service \
--instance-group tcp-vmgroup2 \
--instance-group-zone asia-northeast1-b \
--global \
--balancing-mode UTILIZATION \
--max-utilization 0.8

6. 创建转发规则：转发规则为longtu-network-lb-forwarding-rule-ipv4，并应用LB-IP及后端服务longtu-network-lb-backend-service

gcloud compute forwarding-rules create longtu-network-lb-forwarding-rule-ipv4 \
  --load-balancing-scheme EXTERNAL \
  --region asia-northeast1 \
  --ports 80 \
  --address longtu-network-lb-ipv4 \
  --backend-service longtu-network-lb-backend-service

配置目标TCP代理及转发规则

gcloud compute target-tcp-proxies create my-tcp-lb-target-proxy \
    --backend-service longtu-network-lb-backend-service \
    --proxy-header NONE

gcloud compute forwarding-rules create longtu-network-lb-forwarding-rule-ipv4 \
    --global \
    --target-tcp-proxy my-tcp-lb-target-proxy \
    --address longtu-network-lb-ipv4 \
    --ports 80

进行测试

在控制台获取LB外网IP地址，通过如下命令进行测试:

while true; do curl -m1 34.98.99.67; done