VPC Network Peering

“VPC Network Peering”

Pengantar

Peering Jaringan Virtual Private Cloud (VPC) Google Cloud memungkinkan konektivitas pribadi di dua jaringan VPC terlepas dari apakah mereka termasuk dalam proyek yang sama atau organisasi yang sama.

Peering Jaringan VPC memungkinkan Anda membangun ekosistem SaaS (Software-as-a-Service) di Google Cloud, membuat layanan tersedia secara pribadi di berbagai jaringan VPC di dalam dan di seluruh organisasi, memungkinkan beban kerja berkomunikasi di ruang pribadi.

Create a custom network in projects

Project-A:

• Buat custom network

gcloud compute networks create network-a --subnet-mode custom

• Buat Subnet

gcloud compute networks subnets create network-a-central --network network-a \
    --range 10.0.0.0/16 --region us-central1

• Buat Vm

gcloud compute instances create vm-a --zone us-central1-a --network network-a --subnet network-a-central

• Enable SSH dan icmp

gcloud compute firewall-rules create network-a-fw --network network-a --allow tcp:22,icmp

Project-B:

• Buat custom network

gcloud compute networks create network-b --subnet-mode custom

• Buat subnet

gcloud compute networks subnets create network-b-central --network network-b \
    --range 10.8.0.0/16 --region us-central1

• Buat Vm instance

gcloud compute instances create vm-b --zone us-central1-a --network network-b --subnet network-b-central

• Enable SSH dan icmp

gcloud compute firewall-rules create network-b-fw --network network-b --allow tcp:22,icmp

Setting up a VPC Network Peering session

Peer network-a with network-b:

• Masuk ke VPC Network > VPC network peering

1. Click Create connection.
2. Click Continue.
3. Type “peer-ab” as the Name for this side of the connection.
4. Under Your VPC network, select the network you want to peer (network-a).
5. Set the Peered VPC network radio buttons to In another project.
6. Paste in the Project ID of the second project.
7. Type in the VPC network name of the other network (network-b).
8. Click Create.

Peer network-b with network-a

Project-B

1. Click Create connection.
2. Click Continue.
3. Type “peer-ba” as the Name for this side of the connection.
4. Under Your VPC network, select the network you want to peer (network-b).
5. Set the Peering VPC network radio buttons to In another project, unless you wish to peer within the same project.
6. Specify the Project ID of the first project.
7. Specify VPC network name of the other network (network-a).
8. Click Create.

VPC Network Peering becomes ACTIVE and routes are exchanged As soon as the peering moves to an ACTIVE state, traffic flows are set up:

• Between VM instances in the peered networks: Full mesh connectivity.
• From VM instances in one network to Internal Load Balancing endpoints in the peered network.

The routes to peered network CIDR prefixes are now visible across the VPC network peers. These routes are implicit routes generated for active peerings. They don’t have corresponding route resources. The following command lists routes for all VPC networks for project-a.

• Cek route list

gcloud compute routes list --project <FIRST_PROJECT_ID>

NAME                              NETWORK    DEST_RANGE     NEXT_HOP                  PRIORITY
default-route-2a865a00fa31d5df    network-a  0.0.0.0/0      default-internet-gateway  1000
default-route-8af4732e693eae27    network-a  10.0.0.0/16                              1000
peering-route-4732ee69e3ecab41    network-a  10.8.0.0/16    peer-ab                   1000

Connectivity Test

SSH into vm-b instance.

ping -c 5 <INTERNAL_IP_OF_VM_A>

Penutup

Sahabat Blog Learning & Doing demikianlah penjelasan mengenai VPC Network Peering. Semoga Bermanfaat . Sampai ketemu lagi di postingan berikut nya.