vpc 및 고정 ip 설정.txt

1. vpc 네트워크 생성 // https://cloud.google.com/vpc/docs/create-modify-vpc-networks?hl=ko
ㄴ  gcloud compute networks create NETWORK \
    --subnet-mode=custom \
    --bgp-routing-mode=DYNAMIC_ROUTING_MODE \
    --mtu=MTU

ㄴㄴ     gcloud compute networks create gfps-network \
        --subnet-mode=custom \
        --bgp-routing-mode=regional \
        --mtu=1460


2. 앱엔진을 위한 vpc 서브넷 생성 //https://cloud.google.com/appengine/docs/legacy/standard/python/outbound-ip-addresses?hl=ko
ㄴ gcloud compute networks subnets create SUBNET_NAME \
    --range=RANGE \
    --network=NETWORK_NAME \
    --region=REGION

ㄴㄴ    gcloud compute networks subnets create gfps-subnet \ 
        --range=10.0.0.0/8 \
        --network=gfps-network \
        --region=asia-northeast3

ㄴㄴㄴ      gcloud compute networks subnets create gfps-subnet-nat \ 
        --range=172.8.0.0/28 \
        --network=gfps-network \
        --region=asia-northeast3

3. connector 생성   //https://cloud.google.com/appengine/docs/legacy/standard/python/connecting-vpc?hl=ko
subnet mask 28제한.
gcloud compute networks vpc-access connectors create CONNECTOR_NAME \
--network VPC_NETWORK \
--region REGION \
--range IP_RANGE

ㄴㄴㄴ  gcloud compute networks vpc-access connectors create gfps-connector \
        --network gfps-network \
        --region asia-northeast3 \
        --range 172.8.0.0/28
        --max-instances=3 \
        --min-instances=2

4. App engine 서비스를 서브넷에 연결    //https://cloud.google.com/appengine/docs/legacy/standard/python/connecting-vpc?hl=ko
ㄴ  gcloud compute networks vpc-access connectors create CONNECTOR_NAME \
    --region REGION \
    --subnet SUBNET \
    # If you are not using Shared VPC, omit the following line.
    --subnet-project HOST_PROJECT_ID \
    # Optional: specify minimum and maximum instance values between 2 and
    10, default is 2 min, 10 max.
    --min-instances MIN \
    --max-instances MAX \
    # Optional: specify machine type, default is e2-micro
    --machine-type MACHINE_TYPE

ㄴㄴ    

5. Cloud Router 생성
ㄴ gcloud compute routers create ROUTER_NAME \
    --network=NETWORK_NAME \
    --region=REGION

ㄴㄴ  gcloud compute routers create gfps-router \
     --network=gfps-network \
     --region=asia-northeast3

6. 고정 IP 예약
ㄴ gcloud compute addresses create ORIGIN_IP_NAME \
    --region=REGION

ㄴㄴ  gcloud compute addresses create gfps-ip \
      --region=asia-northeast3

ㄴㄴㄴ  gcloud compute addresses create gfps-ip-nat \
      --region=asia-northeast3

7. Cloud NAT 게이트웨이 생성 후 IP 주소 지정
ㄴ gcloud compute routers nats create NAT_NAME \
    --router=ROUTER_NAME \
    --region=REGION \
    --nat-custom-subnet-ip-ranges=SUBNET_NAME \
    --nat-external-ip-pool=ORIGIN_IP_NAME

ㄴㄴ  gcloud compute routers nats create gfps-nat \
    --router=gfps-router \
    --region=asia-northeast3 \
    --nat-custom-subnet-ip-ranges=gfps-subnet \
    --nat-external-ip-pool=gfps-ip

ㄴㄴㄴ      gcloud compute routers nats create gfps-nat-nat     \
            --router=gfps-router     \
            --region=asia-northeast3     \
            --nat-custom-subnet-ip-ranges=gfps-subnet-nat     \
            --nat-external-ip-pool=gfps-ip-nat

8. app.yaml 에서 외부 트래픽 이용하는 설정 추가
ㄴ vpc_access_connector:
  name: projects/PROJECT_ID/locations/REGION/connectors/CONNECTOR_NAME
  egress_setting: all-traffic

ㄴㄴ vpc_access_connector:
    name: projects/granfondophotosearch/locations/asia-northeast3/connectors/gfps-connector
    egress_setting: all-traffic



vpc peering 
https://nangman14.tistory.com/41