Google cloud platform GoogleDeploymentManager：创建计算引擎实例时，允许HTTP流量的等价物是什么？_Google Cloud Platform_Google Compute Engine_Firewall_Google Deployment Manager

Google cloud platform GoogleDeploymentManager：创建计算引擎实例时，允许HTTP流量的等价物是什么？

google-cloud-platform google-compute-engine

Google cloud platform GoogleDeploymentManager：创建计算引擎实例时，允许HTTP流量的等价物是什么？,google-cloud-platform,google-compute-engine,firewall,google-deployment-manager,Google Cloud Platform,Google Compute Engine,Firewall,Google Deployment Manager,我尝试用sourceTags创建防火墙规则，并用http标记我的VM。但它仍然不允许HTTP通信。为什么呢 resources: - type: compute.v1.instance name: vm-test properties: zone: {{ properties["zone"] }} machineType: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/zones/{

我尝试用sourceTags创建防火墙规则，并用http标记我的VM。但它仍然不允许HTTP通信。为什么呢

resources:
- type: compute.v1.instance
  name: vm-test
  properties:
    zone: {{ properties["zone"] }}
    machineType: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/zones/{{ properties["zone"] }}/machineTypes/f1-micro
    # For examples on how to use startup scripts on an instance, see:
    #   https://cloud.google.com/compute/docs/startupscript
    disks:
    - deviceName: boot
      type: PERSISTENT
      boot: true
      autoDelete: true
      initializeParams:
        diskName: disk-{{ env["deployment"] }}
        sourceImage: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/family/debian-9
    networkInterfaces:
    - network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
      # Access Config required to give the instance a public IP address
      accessConfigs:
      - name: External NAT
        type: ONE_TO_ONE_NAT
    metadata:
      items:
        - key: startup-script
          value: |
             #!/bin/bash
             apt-get update
             apt-get install -y apache2
    tags:
      items:
        - http

标签必须与附加的网络标签相同。默认值为“http服务器”或“https服务器”，因此脚本应具有如下内容：

tags    
  items
    - http-server
    - https-server

还要记住，要正确配置防火墙规则，并检查http服务器是否正在该端口上运行和侦听

标签必须与连接的网络标签相同。默认值为“http服务器”或“https服务器”，因此脚本应具有如下内容：

tags    
  items
    - http-server
    - https-server

还要记住，要正确配置防火墙规则，并检查http服务器是否正在该端口上运行和侦听

您还需要在那里添加防火墙部分。这是为我工作的一个：

resources:
- type: compute.v1.firewall
  name: tcp-firewall-rule
  properties:
    network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
    sourceRanges: ["0.0.0.0/0"]
    targetTags: ["http","http-server"]
    allowed:
     - IPProtocol: TCP
       ports: ["80"]
- type: compute.v1.instance
  name: vm-test
  properties:
    zone: {{ properties['zone'] }}
    machineType: https://www.googleapis.com/compute/v1/projects/{{ env['project'] }}/zones/{{ properties['zone'] }}/machineTypes/f1-micro
    tags:
     items: ["http","http-server"]
    metadata:
      items:
      # For more ways to use startup scripts on an instance, see:
      #   https://cloud.google.com/compute/docs/startupscript
      - key: startup-script
        value: |
          #!/bin/bash
          apt-get update
          apt-get install -y apache2
    disks:
    - deviceName: boot
      type: PERSISTENT
      boot: true
      autoDelete: true
      initializeParams:
        diskName: disk-{{ env["deployment"] }}
        sourceImage: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/family/debian-9
    networkInterfaces:
    - network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
      # Access Config required to give the instance a public IP address
      accessConfigs:
      - name: External NAT
        type: ONE_TO_ONE_NAT

您还需要在那里添加防火墙部分。这是为我工作的一个：

resources:
- type: compute.v1.firewall
  name: tcp-firewall-rule
  properties:
    network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
    sourceRanges: ["0.0.0.0/0"]
    targetTags: ["http","http-server"]
    allowed:
     - IPProtocol: TCP
       ports: ["80"]
- type: compute.v1.instance
  name: vm-test
  properties:
    zone: {{ properties['zone'] }}
    machineType: https://www.googleapis.com/compute/v1/projects/{{ env['project'] }}/zones/{{ properties['zone'] }}/machineTypes/f1-micro
    tags:
     items: ["http","http-server"]
    metadata:
      items:
      # For more ways to use startup scripts on an instance, see:
      #   https://cloud.google.com/compute/docs/startupscript
      - key: startup-script
        value: |
          #!/bin/bash
          apt-get update
          apt-get install -y apache2
    disks:
    - deviceName: boot
      type: PERSISTENT
      boot: true
      autoDelete: true
      initializeParams:
        diskName: disk-{{ env["deployment"] }}
        sourceImage: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/family/debian-9
    networkInterfaces:
    - network: https://www.googleapis.com/compute/v1/projects/{{ env["project"] }}/global/networks/default
      # Access Config required to give the instance a public IP address
      accessConfigs:
      - name: External NAT
        type: ONE_TO_ONE_NAT