EU-Vietnam Business Network (EVBN) > Noindex > Default VPC Network In Use

Default VPC Network In Use

01 Run compute networks create command (Windows/macOS/Linux) to create a custom (non-default) Virtual Private Cloud (VPC) network within the GCP project referenced as value for the –project parameter: 

gcloud compute networks create cc-custom-vpc-network
  --project cc-production-app-123123
  --subnet-mode=custom
  --bgp-routing-mode=regional

02 The command output should return the configuration metadata available for the newly created VPC network: 

Created [https://www.googleapis.com/compute/v1/projects/cc-production-app-123123/global/networks/cc-custom-vpc-network].

NAME                    SUBNET_MODE    BGP_ROUTING_MODE    IPV4_RANGE    GATEWAY_IPV4
cc-custom-vpc-network   CUSTOM         REGIONAL

Instances on this network will not be reachable until firewall rules are created. As an example, you can allow all
internal traffic between instances as well as SSH, RDP, and ICMP by running:
$ gcloud compute firewall-rules create <FIREWALL_NAME> --network cc-custom-vpc-network --allow tcp,udp,icmp --source-ranges <IP_RANGE>
$ gcloud compute firewall-rules create <FIREWALL_NAME> --network cc-custom-vpc-network --allow tcp:22,tcp:3389,icmp

03 Run compute networks subnets create command (Windows/macOS/Linux) to create and attach a custom subnet to the VPC network created at the previous steps. The following command example creates a VPC network subnet named “cc-europe-west2-subnet”, in the London, UK (europe-west2) region with the primary IP address range set to 10.0.0.0/24. Use the compute networks subnets create command to create as many VPC subnets as you want: 

gcloud compute networks subnets create cc-europe-west2-subnet
  --network=cc-custom-vpc-network
  --range=10.0.0.0/24
  --region=europe-west2

04 The command output should return the VPC subnet configuration metadata: 

Created
[https://www.googleapis.com/compute/v1/projects/cc-production-app-123123/regions/europe-west2/subnetworks/cc-europe-west2-subnet].

NAME                      REGION          NETWORK                  RANGE
cc-europe-west2-subnet    europe-west2    cc-custom-vpc-network    10.0.0.0/24

05 Run compute firewall-rules create command (Windows/macOS/Linux) to create the necessary firewall rules for your new, non-default Virtual Private Cloud (VPC) network. Firewall rules control incoming and/or outgoing traffic to GCP resources such as VM instances. The following command example creates a firewall rule that allows inbound traffic to all VM instances deployed within the VPC network through TCP port 80 (HTTP) and 443 (HTTPS): 

gcloud compute firewall-rules create allow-http-https-traffic
  --network cc-custom-vpc-network
  --allow tcp:80,tcp:443
  --direction ingress
  --source-ranges 0.0.0.0/0
  --enable-logging

06 The command output should return the VPC firewall rule configuration metadata: 

Created [https://www.googleapis.com/compute/v1/projects/cc-production-app-123123/global/firewalls/allow-https-traffic].

NAME                        NETWORK                 DIRECTION   PRIORITY    ALLOW     DENY      DISABLED
allow-http-https-traffic    cc-custom-vpc-network   INGRESS     1000        tcp:80,   tcp:443   False

07 (Optional) Now you can migrate your cloud applications from the default VPC network to the newly created non-default VPC network.

08 Once the default Virtual Private Cloud (VPC) network is not in use anymore, it is safe remove it from your GCP project. Before you can delete a VPC network, you must delete all GCP resources in all of its subnets, and all the resources that reference the network. Resources that reference the network include Cloud VPN gateways, Cloud Routers, firewall rules, and custom static routes. For example, run compute firewall-rules delete command (Windows/macOS/Linux) to delete a firewall rule named “default-allow-rdp” from the default VPC network: 

gcloud compute firewall-rules delete default-allow-rdp

09 The compute firewall-rules delete command request should ask you for confirmation. Type Y to confirm the removal action. Once removed, the command output should return the ID of the deleted rule: 

The following firewalls will be deleted:
- [default-allow-rdp]
Do you want to continue (Y/n)? Y
Deleted [https://www.googleapis.com/compute/v1/projects/cc-production-app-123123/global/firewalls/default-allow-rdp].

10 Run compute networks delete command (Windows/macOS/Linux) to remove the default Virtual Private Cloud (VPC) network from the selected GCP project: 

gcloud compute networks delete default

11 The compute networks delete command request should ask you for confirmation. Type Y to confirm the removal action. Once the resource is deleted, the command output should return the ID of the removed VPC network: 

The following networks will be deleted:
- [default]
Do you want to continue (Y/n)? Y

Deleted [https://www.googleapis.com/compute/v1/projects/cc-production-app-123123/global/networks/default].

12 Repeat steps no. 1 – 11 for each GCP project available within your Google Cloud account.

Bài viết liên quan
Bài viết mới
Thể Thao nổi bật