We're trying to get our GAE standard app connected through one of our VPC's which is being used to connect to our VPN clients. VPC (rsvpn) runs openvpn as a client, connecting to our OpenVPN subnet. It is configured with ip_forward and is setup to forward all inbound packets destined for 172.16.0.0/24 through tun0. VPC networks global routing is configured to route 172.16.0.0/24 via rsvpn. When I hop on another VPC, I'm able to ping out to the VPN subnet as expected. However, the GAE app's packets destined for 172.16.0.0/24 are not being routed via rsvpn.
We did some digging and found that we probably need to deploy the app via gcloud beta, making use of the vpc_access_connector, so we did this as well. vpc_access_connector configured with subnet 10.8.0.0/28 and the app was configured with the appropriate config. Re-deploy the app, and it still doesn't hit the rsvpn server.
When we look at the running config for the app, we see no mention of the vpc_access_connector, but it's clearly configured in the app.yaml.
Discussed with google support. They confirm that our setup should be correct and that the app should be making use of our vpc routing tables. They're looking into it currently.
I'm wondering though if anyone might be able to shed some light on this. Google's documentation isn't amazing, and I find pretty consistently that it's just often wrong. I've heard a few references that sorta might suggest that the vpc_access_connector may only work in flex environments, but then the docs, and google support say it should work in standard.
Anyone every made this setup work?
