Cloud Load Balancing in Trusted Cloud versus Google Cloud

Cloud Load Balancing offers a comprehensive portfolio of application and network load balancers that let you distribute user traffic across multiple instances of your applications. By spreading the load, load balancing reduces the risk that your applications experience performance issues. Google's Cloud Load Balancing is built on reliable, high-performing technologies such as Maglev, Andromeda, Google Front Ends, and Envoy—the same technologies that power Google's own products. This page describes the differences between the Trusted Cloud and Google Cloud versions of Cloud Load Balancing.

For more detailed information about Cloud Load Balancing, see the Cloud Load Balancing overview and the rest of the Cloud Load Balancing documentation.

Key differences

There are some differences between the Trusted Cloud version of Cloud Load Balancing and the Google Cloud version. If you are already familiar with Google Cloud, we recommend that you review these differences carefully, particularly before designing an application to run on Trusted Cloud. We also recommend reviewing the general differences between Google Cloud and your universe in the Trusted Cloud by S3NS overview.

If you would like to use a particular Cloud Load Balancing feature that isn't currently available in Trusted Cloud, contact Trusted Cloud support. To be notified when new features roll out in Trusted Cloud, subscribe to the release notes.

Load balancers

Load balancers

Trusted Cloud by S3NS has a single region, so only the following regional load balancers are available:

  • Regional internal Application Load Balancer
  • Regional external Application Load Balancer
  • Regional internal proxy Network Load Balancer
  • Regional external proxy Network Load Balancer
  • Internal passthrough Network Load Balancer
  • External passthrough Network Load Balancer

Global and classic load balancers aren't available.

Load balancer resources

Load balancer components

Only regional resources that are used by regional load balancers are available in Trusted Cloud by S3NS. For example, regional IP addresses, regional backend services, regional forwarding rules, regional target proxies, and regional URL maps are available. The global versions of these resources aren't available.

Exceptions to this are the legacy global HTTP health checks which are required for target pool-based external passthrough Network Load Balancers, and firewall rules which are always global.
Backends

The following backend types aren't available:

  • Backend buckets that reference Cloud Storage buckets
  • Serverless NEGs (Cloud Run, Cloud Run functions, and App Engine aren't available in Trusted Cloud by S3NS)
  • Global internet NEGs
  • Private Service Connect NEGs

Availability and disaster recovery

Regions and zones Trusted Cloud by S3NS has only a single region, though with multiple zones. Multi-region features and cross-region failover aren't available. Load balancers with backends deployed across multiple zones for resiliency are available.

Networking features

Network Service Tiers

Standard Tier isn't available in Trusted Cloud by S3NS. All load balancers and their resources use Premium Tier.

VPC networks
  • Because there's only one region in Trusted Cloud by S3NS, auto mode networks contain only one subnet.
  • There is no default network created when you create a project. Some guides assume that you have a default network. If you need a default network you can manually create an equivalent auto mode network called default.

See the VPC documentation to learn more about which VPC features are available in Trusted Cloud by S3NS.

Routing and traffic management

The following features are not available:

  • Service load balancing policies
  • Custom metrics
Cloud Interconnect Partner Interconnect and Cross-Cloud Interconnect aren't available. See the Cloud Interconnect documentation to learn more.
Network topologies Dynamic Network Interfaces aren't available in Trusted Cloud by S3NS.

Security and access control

Google Cloud Armor See the Google Cloud Armor documentation to learn which Google Cloud Armor features are available in Trusted Cloud by S3NS.
TLS/SSL certificates

The following types of SSL certificates aren't available in Trusted Cloud by S3NS:

  • Certificate Manager certificates and certificate maps
  • Compute Engine Google-managed certificates (global and regional)
  • Compute Engine self-managed certificates (global only)
Other security features

The following security features aren't available in Trusted Cloud by S3NS:

  • Authorization policies
  • Frontend and backend mTLS
  • Global SSL policies

Other cross-product integrations

Cloud CDN Not available
Media CDN Not available
Certificate Manager Not available
Service Extensions Not available
Network Intelligence Center Not available
Cloud Service Mesh Not available

The following information might also affect how you use and design for Cloud Load Balancing in Trusted Cloud by S3NS. These guides include general information about working in Trusted Cloud, including documentation, security and access control, billing, tooling, and service usage.

For details about other services and features in Trusted Cloud and their differences from their Google Cloud counterparts, see the product list.

Trusted Cloud guides