We're deploying WHM/cPanel in Google Cloud Compute Engine instance. All is OK. Now we want an extra security layer, so think in GCP Load Balancer and Cloud Armor. We want to know if there are any special config we need to check in cPanel and Google Cloud, because in previous tests we have some problems putting GCP Load Balancer in front of the cPanel instance, like the browser trying to connect to the private IP, or some assets couldn't display. But when we access the instance directly, all is OK.
Hey there! Currently there isn't any built-in support on the cPanel side of things for load balancing or similar tools, so while you're welcome to try it, there will need to be a lot of manual intervention required from your side if you want to test this. More discussion on this can be found here:
forums.cpanel.net
I'm sorry I don't have better news on this one for you, but other users that have experience with GCP may be able to provide their thoughts as well.
Auto Scaling and Load Balancing with Google Compute Engine?
Hello, A bit clear already from the topic title, but here goes: Lets say that we have created a VM in Google Compute Engine and installed cPanel per the tutorial at cPanel docs. And it works. If we spin up the copies of that VM in GCE using autoscaling features and distribute the load through...
I'm sorry I don't have better news on this one for you, but other users that have experience with GCP may be able to provide their thoughts as well.
Beyond running more than one instance you are also correct in that the Google load balancer is going to communicate from private ip space whereas cpanel is configured to expect to be seeing traffic from public ip space. That is why you saw problems in the past. It's really just not a product designed to do what you want to do even with a single server.
In theory you would have to somehow disable the Nat feature in cpanel compelty and have it listening on private ips only. It would be ugly.
In theory you would have to somehow disable the Nat feature in cpanel compelty and have it listening on private ips only. It would be ugly.
We're using 1 only cPanel instance, the Load Balancer in front of this instance is only for security purposes (Google Cloud Armor). So we expect it to be a simple traffic pass from Load Balancer to cPanel, without any additional configuration (high availability or similar). Google Cloud Armor (network security service that provides defenses against DDoS and application attacks).
Hmmmmm - if that's the case then, as long as the cPanel server can communicate over a public IP directly to our license network, that would work fine. If the traffic between the load balancer and the cPanel system happens over a private IP, you'd have to have some customizations in place to get that working.
