GCP - Cloud CDN for external site

Scenario
https://www.foobar.com
- external site, not in Google Cloud.

Requirement
set another hostname for origin server access
- for example, web.foobar.com ip = www.foobar.com ip

Steps

0. In the beginning of Cloud CDN, click "ADD ORIGIN".


1. After reading preparation, and click "Continue".


2. www.foobar.com is an external site, so check "Use an external backend".


3. Click "Load balancer" list, and click "Create a load balancer".


4. In "New Classic HTTP(S) load balancer" form, start at Backend configuration.


5. Click "Backend services & backend buckets" list, and click "CREATE A BACKEND SERVICE".


6. In "Create backend service" form, basic area.


7. In "Create backend service" form, "Backends" area.


8. In "Create backend service" form, "Cloud CDN" area.


9. In basic area, input "Name" and "Description", "Backend type" select "Internet network endpoint group / External backends".


10. After selecting "Backend type", "Protocol" select "HTTPS".


11. In "Backends" area, click "Internet network endpoint group" list, and click "CREATE INTERNET NETWORK ENDPOINT GROUP".


12. In "Create a network endpoint group" form.


13. Input "Name", "Network endpoint group type" select "Network endpoint group (Internet)", "Default port" input "443",
  "Fully qualified domain name" input "web.foobar.com", and click "Create".


14. After clicking "Create", "www-foobar-com" in the Network endpoint group list.


15. "Network endpoint group details" of "www-foobar-com".


16. Back to the "Backends" area, input "foobar" at "Filter" and shows "www-foobar-com", click it.


17. After clicking "www-foobar-com", it showed at "Internet network endpoint group".


18. In "Cloud CDN" form, check "Enable Cloud CDN" and change default settings, then click "CREATE".


19. After creating "Backend configuration" successful, back to "New Classic HTTP(S) load balancer" form.
  Check "www-foobar-com" in "Backend services & backend buckets" list, then click "OK".



20. After clicking "OK", "www-foobar-com" is listed below.


21. Skip "Host and path rules" form, because of using CDN to cache whole site.


22. In "New Classic HTTP(S) load balancer" form, "Frontend configuration" area.


23. Input "Name", "Protocol" select "HTTPS (include HTTP/2)", shows "Certificate" list below, cilck "CREATE A NEW CERTIFICATE".


24. In "Create a Certificate" form.


25. Input "Name", check "Create Google-managed certificate", input "Domains" then click "CREATE".


26. Back to "Frontend configuration" form. Click "IP address" list, and click "CREATE IP ADDRESS”.


27. In "Reserved a new static IP address" form. Input "Name", and click "RESERVE".


28. Back to "Frontend configuration" form.


29. In the bottom of "Frontend configuration" form, click "ADDITIONAL CERTIFICATES" to expand form.
  Check "Enable HTTP to HTTPS redirect”, and click “DONE”.


30. Complete "Frontend configuration" form.


31. Click "Review and finalize" to confirm, and click “CREATE”.


32. There are two new load balancers. "HTTPS" is for supporting service, and "HTTP" is for redirecting connections to "HTTPS".


33. Reload "Cloud CDN", there is a new CDN listed. Click "www-foobar-com" under "Associated load balancers".


34. IP:Port of www-foobar-com is detailed. Set this IP address to www.foobar.com in DNS service.




Remove CDN settings:

1. Network services - Cloud CDN
2. Network services - Load balancing (remove with backend and certification)
3. VPC Network - IP addresses