GCP Subnetwork

GCP Subnetwork includes best-practice GCP reference architecture for networks, IAM management, and observability integrations.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Made by

Massdriver

Official

Yes

Clouds
GCP
Text Link
Tags
networking
Text Link
Read me
Variables

Google Cloud Subnetwork

Google Cloud Subnetworks are a part of the Virtual Private Cloud (VPC) network. They allow you to create logically isolated network partitions within the larger VPC network, each having its own IP address range. Subnetworks facilitate the organization and isolation of GCP resources, enabling them to communicate securely within a specified IP range.

Design Decisions

This implementation includes the following design features:

  • Automatic CIDR Allocation: If the network is set to automatic, CIDR ranges are dynamically assigned.
  • Private Google Access: Enables private access for Google services within the subnet.
  • VPC Access Connector: Facilitates serverless applications' access to Redis, Postgres, etc.
  • NAT Configuration: Automatic NAT IP allocation to facilitate outgoing connections for instances without public IPs.
  • API Enablement: This configuration needs specific APIs like monitoring.googleapis.com and vpcaccess.googleapis.com to be enabled for proper operation.

Runbook

API Not Enabled

If you encounter issues with services not working correctly, you may need to check if the required APIs are enabled.

To view enabled services:

gcloud services list --enabled

If the required APIs are not listed, enable them:

gcloud services enable monitoring.googleapis.com
gcloud services enable vpcaccess.googleapis.com

Subnetwork Not Created

If the subnetwork is not created as expected, you can list existing subnetworks to verify:

gcloud compute networks subnets list --regions=<your-region>

Replace <your-region> with your specific region. If the subnetwork is not listed, check your configurations or retry creation.

Connectivity Issues

For connectivity issues within the VPC, verify the routes and firewall rules:

List routes:

gcloud compute routes list --filter="network=<your-vpc-name>"

Check firewall rules:

gcloud compute firewall-rules list --filter="network=<your-vpc-name>"

Replace <your-vpc-name> with your VPC name to ensure the correct routes and firewall rules are in place.

NAT Issues

If instances cannot access the internet, ensure that the NAT configuration is functioning correctly:

Check the NAT status:

gcloud compute routers nats list --router=<your-router-name> --region=<your-region>

Replace <your-router-name> and <your-region> with your specific router name and region.

For detailed logging:

gcloud logging read "resource.type=gce_router AND resource.labels.router_id=<your-router-name>" --limit=50

Here, replace <your-router-name> with your router's name to review the latest logs.

VariableTypeDescription
gcp_regionstringGCP region to create the subnetwork in.
network.automaticbooleanEnabling this will automatically select an available CIDR range for your database. Unchecking will require you to specify the CIDR.
System Operational

Marketplace

AWSAzure

Templates

AWSGCPAzure

Solutions

CompareDeveloper Self ServiceOpenTofu for EnterpriseFractional DevOps HoursPartner Program

Company

About UsJobsNewsContact UsNews

Resources

PricingBlogDocsCase StudiesWebinarsPitch DeckFAQ
Start Free Trial
Massdriver Reviews
Massdriver Reviews
© Massdriver, Inc. 2024
Terms of Service
Privacy Policy
Security