Skip to main content

Creating a Custom Mode VPC Network on Google Cloud Platform

Hands-On Lab

 

Photo of Matthew Ulasien

Matthew Ulasien

Team Lead Google Cloud in Content

Length

00:30:00

Difficulty

Beginner

In this hands-on lab, we are going to create a custom mode VPC network on Google Cloud Platform. The objective is to become familiar working with VPC configurations.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Create a Custom Mode VPC Network on Google Cloud Platform

Introduction

In this hands-on lab, we are going to create a custom mode VPC network on Google Cloud Platform. The objective is to become familiar working with VPC configurations.

To avoid issues with cached logins, right click on the launch button and choose Open in Incognito Mode (or your web browser's version of private browsing).

You will need to confirm a few 'terms and conditions' for a new account, this is normal.

Solution

How to log in to the lab environment

Create a custom VPC network

Let's start by going to our VPC menu in the web console by going to the top left menu, and scrolling down to VPC Network.

Optional: If you want to remove the default VPC network to clean up your views, do the following:

  • Click on default underneath the Name column.
  • Click on DELETE VPC NETWORK from the top bar, and confirm the deletion on the pop-up prompt. It will take a couple minutes to completely delete the default VPC, however you can continue the below steps while it is in process.

Next, let's create a new custom VPC:

  1. Click CREATE VPC NETWORK from the options up top.
    • Name the network custom-vpc.
    • Under Subnets, select the Custom tab for subnet creation mode.
    • We will create two subnets:
      1. In the New subnet box, give the first subnet the name of subnet-a.
    • Under Region, choose us-central1
    • Enter a subnet range in CIDR notation under IP address range. For this subnet, let's use 10.0.1.0/24.
    • We will leave Private Google access and Flow logs off for now. click Done.
    • Click on the Add subnet button to create a second subnet.
    • Using the same steps for the first subnet, this time enter the following information for their relevant fields:
      • Name: subnet-b
      • Region: us-east1
      • IP address range: 10.0.2.0/24 - notice that if you enter the same iP address range as above, you receive an error. All subnet ranges must be unique.
      • When finished with the above, click on Done.
    • Optional: Before creating the network, click the blue command line link under the Create button to view the equivalent gcloud command for our custom VPC network and subnets. Being able to create scripts using gcloud commands from this cross reference is a powerful tool to use.
    • Leaving all other settings as defaults, click on the blue Create button at the bottom to create the custom VPC network.

Create a firewall rule

Great! So we now have a custom VPC network up, however we have zero firewall rules in place. If we were to create an instance, we would be unable to connect to it. Let's fix that by creating a firewall rule to allow us to SSH into the instance.

  1. From the side VPC Network menu, click on Firewall rules
    • Click the blue button Create firewall rule
    • In the Name field, name your rule allow-ssh
    • In the Network dropdown menu, select the custom-vpc network.
    • Under Targets, set the dropdown menu to All instances in the network
    • Under Source IP ranges, enter 0.0.0.0/0 to allow public access
    • Under Protocols and ports, select the radio button for Specified protocols and ports.
    • Select the check box for tcp, and enter 22 for the port next to the check box
    • Click the blue Create button to finish creating the rule.

Create Compute Engine instance on custom VPC network

Now that our firewall rule has been created. Let's now create a compute engine instance on our custom VPC network. Let's first start by creating one that will not successfully attach...

  1. Go to the Compute Engine menu from the top-left menu, then scroll down and click on Compute Engine
    • Click Create
    • Name the instance instance-1
    • Set the Region dropdown to us-west1. This is going to cause a problem, but let's see what happens....
    • Scroll down and click the text for Management, security, disks, networking, sole tenancy to expand it
    • Click the Networking menu that appears
    • Click the box under Network interfaces
    • In the Network dropdown, select custom-vpc
    • In the Subnetwork field, notice that no subnetworks are available
    • Scroll back to the top and change the region to us-central1
    • Scroll back down and notice that subnet-a is now an option
    • Click Done, then click Create

When the instance is created, attempt to SSH into it by clicking the SSH button next to it, which should be successful.

Conclusion

Congratulations, you've completed this hands-on lab!