Tutorial - Quick Domain Hosting in Google Cloud


#1

I was experimenting with cloud hosting for the High Fidelity domain server and came across a pretty convenient workflow using Google Compute with the Docker image and thought I’d share it here.

In case anyone wants to try it out, Google is currently offering a $300 free trial to the Google Cloud Platform for new customers for 1 year here: https://cloud.google.com/free/

Here are the steps at a high level:

  • Sign into the Google Console and create a VM instance under Compute\Compute Engine

  • To start, I chose the g1-small configuration (1 vCPU with 1.7 GB) and you can always go up from there as needed

  • Choose the option to use a container image when configuring the VM.

  • For the image, specify the docker image: registry.hub.docker.com/highfidelity/hifi:stable

  • Under firewall, specify a network tag like ‘high-fidelity’ to define the open ports

  • Create the VM image as configured

  • Now, go to Firewall rules in Networking\VPC network and create a new rule

  • Make the target tag ‘high-fidelity’ as referenced above, set Source IP ranges to 0.0.0.0/0, and open tcp and udp ports 40100-40102 as well as udp ports 48000-48006.

  • Create the rule and start the VM

  • Get the external IP address and open it in a browser at port 40100 to configure. Be sure to set a username and password to secure your domain settings under the Security panel.

You should then be able to connect to the domain server from your client using the VM’s external IP address.

I put together a more detailed writeup with screenshots on my blog:

I hope this is helpful as another option for domain cloud hosting.


#2

Not too bad, but here are some points I REALLY suggest:

  • Setup a username/password for the domain settings page! You can do this in the Security section of the Settings. If you do not do this, if someone gets the IP of the server, they can do whatever they want with it (block the original owner, setup their own password, override the domain, etc).

  • I will have to check the docker setup, but unless they are doing something special for it, ports 40102 to 40109 are not the default ports. 40100 and 40101 are the default ports for the domain server (40101, if I remember, is an SSL enabled port). The rest are the assignment-clients, which will hole punch a random port unless specified normally. If this is the case, then this should REALLY be mentioned in the actual docs instead of self-discovery.


#3

Hi FlameSoulis, thank you for taking the time to look it over and writing your feedback. I have updated the instructions to include securing the domain settings page as suggested.

With regards to the ports, I have to admit this was an areas that I wasn’t entirely clear on and provided settings that worked for me based on the information I was able to gather at the time. I came across this post which listed the ports but it is almost 5 years old now:

I then discovered this more recent post describing setting up Docker compose which opens up a wider range of ports and that’s what I based my settings on:

Now, doing a bit more investigating I can see that the docker image itself is not opening up all those ports:
“ExposedPorts”: {
“40100/tcp”: {},
“40100/udp”: {},
“40101/tcp”: {},
“40101/udp”: {},
“40102/tcp”: {},
“40102/udp”: {},
“48000/udp”: {},
“48001/udp”: {},
“48002/udp”: {},
“48003/udp”: {},
“48004/udp”: {},
“48005/udp”: {},
“48006/udp”: {}
},

From the above, it looks like it might work with just the port range 40100-40102 for tcp/udp. I’m not sure about the 48000-48006 udp ports.

I’ll be happy to update my settings with further input from the community here as I wasn’t able to find any official documentation. If I missed it, please do point me to the relevant resource as I’m still finding my way around.

Thanks again!


#4

48000-48006? Uh… what?

I haven’t used Docker before, so I’m not sure what setup they’re using. If you can find out what it is running, the parameters for the assignment-client will tell you what ports they are.

…Unless the assignment-clients attempt to punch any ports and the exposed ports part only allows assignment to the varying ports (meaning, it can try to hole punch, but will fail). In which case, the exposed ports would make sense: 48000-48006 are the 6 assignment clients, 40100/40101 is the domain settings page, and 40102 is the domain server’s port for high fidelity interfaces.


#5

I can see the following in the Nodes list which does match what you described:


#6

Hey there!

So I’m stuck on the firewall rule; it wants an IP Range or I can’t submit. In the tutorial/guide this is blank, but I can’t get past it. Any help would be very welcome.


#7

The Source IP ranges should be: “0.0.0.0/0”. I’ve updated the guide with this detail.


#8

Great, thanks! Gonna try and get the server up and running so I can start building :smiley: