VPC Network Peering

VPC Network Peering setup

In this lab you have been provisioned 2 projects, the first project as a Project A and second as Project B.

Project-A:

1. Go back to first cloud shell and create a custom network:

   gcloud compute networks create network-a --subnet-mode custom

2. Create a subnet within this VPC and specify a region and IP range by running:

   gcloud compute networks subnets create network-a-central --network network-a  --range 10.0.0.0/16 --region us-central1

3. Create a VM instance:

   gcloud compute instances create vm-a --zone us-central1-a --network network-a --subnet network-a-central

4. Run the following to enable SSH and icmp, because you’ll need a secure shell to communicate with VMs during connectivity testing:

   gcloud compute firewall-rules create network-a-fw --network network-a --allow tcp:22,icmp

Project-B:

1. Switch to the second cloud shell and create a custom network:

   gcloud compute networks create network-b --subnet-mode custom

2. Create a subnet within this VPC and specify a region and IP range by running:

   gcloud compute networks subnets create network-b-central --network network-b --range 10.8.0.0/16 --region us-central1

3. Create a VM instance:

   gcloud compute instances create vm-b --zone us-central1-a --network network-b --subnet network-b-central

4. Run the following to enable SSH and icmp, because you’ll need a secure shell to communicate with VMs during connectivity testing:

   gcloud compute firewall-rules create network-b-fw --network network-b --allow tcp:22,icmp

Setting up a VPC Network Peering session

Project-A – Peer network-a with network-b:

Go to the VPC Network Peering in the Cloud Console by navigating to the Networking section and clicking VPC Network > VPC network peering in the left menu. Once you’re there:

1. Click Create connection.
2. Click Continue.
3. Type “peer-ab” as the Name for this side of the connection.
4. Under Your VPC network, select the network you want to peer (network-a).
5. Set the Peered VPC network radio buttons to In another project.
6. Paste in the Project ID of the second project.
7. Type in the VPC network name of the other network (network-b).
8. Click Create.

Project-B – Peer network-b with network-a:

1. Click Create connection.
2. Click Continue.
3. Type “peer-ba” as the Name for this side of the connection.
4. Under Your VPC network, select the network you want to peer (network-b).
5. Set the Peering VPC network radio buttons to In another project, unless you wish to peer within the same project.
6. Specify the Project ID of the first project.
7. Specify VPC network name of the other network (network-a).
8. Click Create.

Connectivity test

Project-A

1. Navigate to VM instances console: Click Navigation Menu > Compute Engine > VM instances.
2. Copy the INTERNAL_IP for vm-a.

Project-B

1. Click Navigation Menu > Compute Engine > VM instances.
   SSH into vm-b instance.

2. In the SSH shell of vm-b, run the following command replacing <INTERNAL_IP_OF_VM_A> with the vm-a instance INTERNAL_IP:

   ping -c 5 <INTERNAL_IP_OF_VM_A>