GCP Classroom Series – 20/Feb/2021

Internet Access to Internal IP VM Instances

  • GCP Supports two approaches for it
    • NAT-Instance:
      • Create a VM with external ip and enable IP forwardding enabled
      • Then create a route table route with 0.0.0.0/0 to this vm instance for vms with internal ip (network tag)
    • Cloud-NAT:
      • This is a managed service and if you have a route to internet gateway (default rule), NAT Forwarding works automatically
  • Lets use this Cloud-NAT Approach
    • Create a vm instance with no external ip
    • Ensure network has a firewall rule to allow ssh
    • Lets create a cloud-nat with cloud-router Preview Preview Preview

Exercises:

  • Write a gcloud cli to create the network as shown below Preview
  • VM Instances for web should be able to access vm instances in app on port 8080 and port 22, vm instances in app should be able to access vm instance in db on port 3306 and port 22

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin