What are the steps to set up VPC peering in Google Cloud Platform?

/ / Published in Cloud Computing, EITC/CL/GCP Google Cloud Platform, GCP networking, VPC Peering, Examination review

To set up VPC peering in Google Cloud Platform (GCP), you need to follow a series of steps that involve configuring the necessary resources and establishing the peering connection between Virtual Private Cloud (VPC) networks. VPC peering allows you to connect VPC networks across different projects or organizations, enabling secure communication between them.

Here are the steps to set up VPC peering in GCP:

Step 1: Create the VPC networks
First, you need to create the VPC networks that you want to peer. Each VPC network represents a separate network segment in GCP. You can create VPC networks using the GCP Console, the gcloud command-line tool, or the API. For example, to create a VPC network named "vpc-network-1" using the gcloud command-line tool, you can use the following command:

bash
gcloud compute networks create vpc-network-1 --subnet-mode=auto

Step 2: Enable VPC network peering
Next, you need to enable VPC network peering for the VPC networks you want to peer. This allows the networks to send and receive traffic to and from each other. You can enable VPC network peering using the GCP Console, the gcloud command-line tool, or the API. For example, to enable VPC network peering for "vpc-network-1" and "vpc-network-2" using the gcloud command-line tool, you can use the following command:

bash
gcloud compute networks peerings create vpc-network-1-to-vpc-network-2 --network=vpc-network-1 --peer-network=vpc-network-2 --auto-create-routes

Step 3: Configure firewall rules
After enabling VPC network peering, you need to configure firewall rules to allow the desired traffic between the peered networks. By default, VPC network peering allows all traffic between the peered networks, but you can restrict it using firewall rules. You can configure firewall rules using the GCP Console, the gcloud command-line tool, or the API. For example, to allow SSH traffic from "vpc-network-1" to "vpc-network-2" using the gcloud command-line tool, you can use the following command:

bash
gcloud compute firewall-rules create allow-ssh-from-vpc-network-1 --network=vpc-network-2 --allow=tcp:22 --source-ranges=vpc-network-1-ip-range

Step 4: Verify the peering connection
Once you have completed the configuration steps, you should verify the peering connection to ensure it is functioning correctly. You can verify the peering connection by testing connectivity between instances in the peered networks or by checking the peering status using the GCP Console, the gcloud command-line tool, or the API.

Step 5: Delete the peering connection (optional)
If you no longer need the peering connection, you can delete it. Deleting the peering connection removes the configuration and stops traffic from flowing between the peered networks. You can delete the peering connection using the GCP Console, the gcloud command-line tool, or the API. For example, to delete the peering connection between "vpc-network-1" and "vpc-network-2" using the gcloud command-line tool, you can use the following command:

bash
gcloud compute networks peerings delete vpc-network-1-to-vpc-network-2

Setting up VPC peering in Google Cloud Platform involves creating the VPC networks, enabling VPC network peering, configuring firewall rules, verifying the peering connection, and optionally deleting the peering connection. Following these steps allows you to establish secure communication between VPC networks in GCP.

Other recent questions and answers regarding Examination review:

More questions and answers:

Tagged under: , , , ,