Connecting Google Cloud Function and GCE using Serverless VPC connector

An article to connect Google cloud function and GCE

We will be triggering a python script hosted in a google compute engine from the google cloud function through a serverless VPC access connector. First, let’s go through what these services are:

Google Cloud function:
Google Cloud Function is a serverless execution environment for building and connecting cloud services in a fully managed environment without provisioning or managing any servers. With Cloud Functions you write simple, single-purpose functions that are attached to events from your cloud infrastructure and services.

Google Compute Engine (GCE):
Google Compute Engine is a virtual machine (VM) hosted on Google’s infrastructure. It is an Infrastructure as a Service (IaaS) offering that allows clients to run workloads on Google’s physical hardware.

Serverless VPC access:
Serverless VPC Access enables you to connect from a serverless environment on Google Cloud such as Cloud Functions to access services like Compute Engine, Memorystore instances with an internal IP address through the VPC network. These internal addresses are accessible only from the Google Cloud services thereby avoiding exposure of resources to the public internet and improves the latency of communication between the services.

Now, since we have a basic knowledge of these services. Let’s find out how they will interact with each other.

The cloud function will hit the http endpoint of the flask application(python script) hosted in the compute engine through the compute engine’s internal IP address. This request sent from the cloud function travels internally through the Serverless VPC Access connector to the compute engine.

Process flow from cloud function to compute engine through serverless VPC access

Let’s go ahead and create the required resources
1. A serverless VPC access connector.
2. A GCE instance where the python script is deployed as Flask application.
3. A cloud function to send request to compute engine.
Note: Make sure to create all the resources in the same region.

  1. Creating a serverless VPC access Connector:
    Select VPC network from the Networking section of the cloud and under the VPC network, select serverless VPC access. After filling in the required details create the connector.
Serverless VPC access connector

2. Creating a compute engine:
Select the compute engine from the compute section of the cloud and under the compute engine, create a new VM instance. Make sure the instance is created in the same region as the VPC connector.

Once the instance is provisioned, SSH into it and create a simple flask application which returns “Connected Successfully!” once triggered.

from flask import Flaskapp = Flask(__name__)
def index():
return "Connected Successfully!"'')

Execute the python script as a nohup process which ensures that upon closing the terminal the flask application doesn’t stop and the same can be triggered from the cloud function.

nohup python <> &

3. Creating a cloud function
While creating a cloud function configure the egress settings under the connections tab and select the VPC connector we just created. Make sure to create it in the same region as VPC access connector and compute engine.

Selecting VPC connector while creating the cloud function

Include the following code in the cloud function and add the private IP address of the compute engine we created in the vm_url variable.

def hello_world(request):
vm_url = 'http://<Private IP of instance>:5000'
res = requests.get(url=vm_url)

Test the function once it is deployed. The output should look similar to the following image.

Testing Results

In this way a cloud function can trigger a python script hosted as a flask
application in the compute engine. The same logic can be extended for the event based triggering of the cloud function.