Deploying a Global ALB on GCP

To set up a Global HTTP Load Balancer with:

• A global instance template

• A regional managed instance group (MIG)

• Firewall rules to allow HTTP traffic

• A backend service

• URL map and target HTTP proxy

• A global forwarding rule

Create the Startup Script

This script installs and starts nginx, then customizes the default web page.

cat << EOF > startup.sh
#! /bin/bash
apt-get update
apt-get install -y nginx
service nginx start
HOSTNAME="\$(curl -H "Metadata-Flavor:Google" http://169.254.169.254/computeMetadata/v1/instance/name)"
sed -i -- 's/nginx/Google Cloud Platform - '"\$HOSTNAME"'/' /var/www/html/index.nginx-debian.html
EOF

Why?

This script ensures that every VM launched by the instance group will serve a web page that identifies which instance handled the request.

Create a Global Instance Template

gcloud compute instance-templates create web-template \
  --machine-type=e2-medium \
  --image-family=debian-11 \
  --image-project=debian-cloud \
  --tags=allow-health-check \
  --metadata-from-file=startup-script=startup.sh

Why?

The instance template defines the VM configuration. It's global by default, so it can be reused across regions and zones.

Create a Regional Managed Instance Group

gcloud compute instance-groups managed create web-mig \
  --template=web-template \
  --size=2 \
  --region=us-central1 \
  --zones=us-central1-a,us-central1-b \
  --base-instance-name=web

Why?

Regional MIGs provide high availability by spreading instances across multiple zones.

Create a Firewall Rule

gcloud compute firewall-rules create allow-tcp-rule-294 \
  --allow=tcp:80 \
  --direction=INGRESS \
  --target-tags=allow-health-check \
  --source-ranges=0.0.0.0/0 \
  --priority=1000 \
  --description="Allow incoming HTTP traffic on port 80"

Why?

This rule allows HTTP traffic to reach your VM instances on port 80.

Create a Health Check

gcloud compute health-checks create http basic-check \
  --port=80

Why?

Health checks ensure that the backend service only sends traffic to healthy instances.

Create a Backend Service and Attach the MIG

gcloud compute backend-services create web-backend-service \
  --protocol=HTTP \
  --port-name=http \
  --health-checks=basic-check \
  --global

gcloud compute instance-groups managed set-named-ports web-mig \
  --named-ports=http:80 \
  --region=us-central1

gcloud compute backend-services add-backend web-backend-service \
  --instance-group=web-mig \
  --instance-group-region=us-central1 \
  --global

Why?

The backend service connects the load balancer to your instance group, and the named port helps GCP route traffic correctly.

Create URL Map and Target HTTP Proxy

gcloud compute url-maps create web-map \
  --default-service=web-backend-service

gcloud compute target-http-proxies create web-http-proxy \
  --url-map=web-map

Why?

The URL map defines how requests are routed, and the proxy handles the HTTP protocol.

Reserve a Global IP Address

gcloud compute addresses create web-ip \
  --ip-version=IPV4 \
  --global

Create Global Forwarding Rule

gcloud compute forwarding-rules create web-forwarding-rule \
  --address=web-ip \
  --global \
  --target-http-proxy=web-http-proxy \
  --ports=80

Why?

This rule exposes the load balancer to the internet on port 80, using the static global IP address.

Final check: Visit your global IP address in the browser

gcloud compute addresses describe web-ip --global --format="get(address)"

You should see a page that says: Google Cloud Platform - [Instance Name]