Using cPanel with Google Cloud Load Balancer

mario.rivera

Registered
Feb 1, 2021
2
0
1
Mexico
cPanel Access Level
Website Owner
We're deploying WHM/cPanel in Google Cloud Compute Engine instance. All is OK. Now we want an extra security layer, so think in GCP Load Balancer and Cloud Armor. We want to know if there are any special config we need to check in cPanel and Google Cloud, because in previous tests we have some problems putting GCP Load Balancer in front of the cPanel instance, like the browser trying to connect to the private IP, or some assets couldn't display. But when we access the instance directly, all is OK.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
5,447
697
313
cPanel Access Level
Root Administrator
Hey there! Currently there isn't any built-in support on the cPanel side of things for load balancing or similar tools, so while you're welcome to try it, there will need to be a lot of manual intervention required from your side if you want to test this. More discussion on this can be found here:


I'm sorry I don't have better news on this one for you, but other users that have experience with GCP may be able to provide their thoughts as well.
 

GOT

Get Proactive!
PartnerNOC
Apr 8, 2003
1,753
311
363
Chesapeake, VA
cPanel Access Level
DataCenter Provider
Beyond running more than one instance you are also correct in that the Google load balancer is going to communicate from private ip space whereas cpanel is configured to expect to be seeing traffic from public ip space. That is why you saw problems in the past. It's really just not a product designed to do what you want to do even with a single server.

In theory you would have to somehow disable the Nat feature in cpanel compelty and have it listening on private ips only. It would be ugly.
 

mario.rivera

Registered
Feb 1, 2021
2
0
1
Mexico
cPanel Access Level
Website Owner
We're using 1 only cPanel instance, the Load Balancer in front of this instance is only for security purposes (Google Cloud Armor). So we expect it to be a simple traffic pass from Load Balancer to cPanel, without any additional configuration (high availability or similar). Google Cloud Armor (network security service that provides defenses against DDoS and application attacks).
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
5,447
697
313
cPanel Access Level
Root Administrator
Hmmmmm - if that's the case then, as long as the cPanel server can communicate over a public IP directly to our license network, that would work fine. If the traffic between the load balancer and the cPanel system happens over a private IP, you'd have to have some customizations in place to get that working.