Servless Cloud (no static IP) to MongoDB Atlas Connection

MongoDB requires IP Address (or range) specification for access to it in addition to the login/password specification.

 

PROBLEM: Serverless Cloud like Google Cloud Run and Amazon Lambda do not have by default static IP addresses when you deploy your code ---this is part of the fact that they are "Serverless" and hence made to be easier for deployment (you don't take care of the server). By default a Serverless cloud service connects to external endpoints on the internet using a dynamic IP address pool and we need a static IP address (static means it is known and fixed). 

SOLUTIONS: There are 2 possibile solutions and the first is to go through the work to create a range of IP Addresses associated with your Serverless Cloud Service (the code you deployed) and the second is to open up the MongoDB database to allow "access from anywhere" (any IP address). Both are discussed below. However, the first solution is considered "more secure". If you do not share your login and password in any way (including github) to the public and the password is strong, the second solution may be considered okay. The negative of doing the first solution is it is more complex.

siest but, the least secure

2nd Solution: Open MongoDB Atlas to allow access from anywhere---EASIEST, LEAST SECURE

 

This is the easiest but, least secure.

STEP 1) Go to the MongDB Console and go to your project and select Network Access link, then hit the "Add IP Address" button
STEP 2) In the pop up select the "Allow Access FROM ANYWHERE" option which will fill in the IP as 0.0.0.0/0 to indicate ANYWHERE/ANY IP
STEP 3) Hit Confirm --- you should see this listed in the IPs that have access.

 

 

Serverless Deployed service (code) deployed on Google CloudRun now can connect to the MongoDB Atlas Database and store a new customer from form data ---as shown in image below:

 

 

1st Solution: Create Static Outbound IP address(es) for Serverless Cloud--- MORE DIFFICULT, MORE SECURE

 

This is the most difficult and for this course a beginning course on web programming we are not going to go over. We will use the easier solution #2 (see above). The idea is you:

1) To enable a Cloud Run service to route requests through a static IP address, you need to configure the Cloud Run service's VPC egress to route all outbound traffic through a VPC network that has a Cloud NAT gateway configured with the static IP address.

2) Routing your traffic through Cloud NAT does not cause an additional hop in your networking stack since the Cloud NAT gateway and the Cloud Router provide only a control plane and the packets do not pass through the NAT gateway or the Cloud Router.

Note that all Cloud Run services connected to the same VPC network will share the same egress IP address. To use different egress IP addresses for separate Cloud Run services, follow this guide to create separate subnetworks and Serverless VPC Access connectors.

from site

Google Cloud Run (serverless cloud) instructions to setup Static Outbound IP address

- how to create static IP address for Google CloudRun via command line GCloud commands

- how to create static IP address for Google CloudRun via GUI console

• Example on Command Line

 

 

Once setup done you must get what the static IP address is:

• To confirm the address must from your code run “ curl https://curlmyip.org”.   Or somehow run in from your Google cloud run service — is there a terminal for the Google cloud run service???
• EXAMPLE NodeJS Code

• Code example 1 - uses http request to a website that reads in the IP from the request header: var http = require('http'); http.get({'host': 'api.ipify.org', 'port': 80, 'path': '/'}, function(resp) { resp.on('data', function(ip) { console.log("My public IP address is: " + ip); }); } NOTE: for URL use Use “ api.ipify.org” or “ https://curlmyip.org/” or “ http://whatismyipaddress.com/”(last is more data)

  Code example 2 - uses http request to a website that reads in the IP from the request header: async function myIP( ) { const response = await fetch("https://api.ipify.org/"); return await response.text(); } and call this inside async await like const ip = await myIP(); NOTE: for URL use Use “ api.ipify.org” or “ https://curlmyip.org/” or “ http://whatismyipaddress.com/”(last is more data)