Google Cloud VPCΒΆ

The following example will be used to illustrate configuration schema.

vpc:
  the-first-vpc:
    type: gcp-provision-vpc
    subnets:
      frontend:
        cidr: 10.21.0.0/16
        flow-logs: false
        private-access: true
        region: us-central1
        secondary-ranges:
          pods:
            cidr: 192.168.0.0/17
          services:
            cidr: 192.168.128.0/18
  the-second-vpc:
    type: gcp-existing-vpc
    subnets:
      frontend2:
        cidr: 10.11.0.0/16
        secondary-ranges:
          pods:
            cidr: 192.168.0.0/17
          services:
            cidr: 192.168.128.0/18

VPCs are defined using YAML syntax as described in the table below

Element

Description

vpc

Parent element for VPC definitions, contains list of named networks.

the-first-vpc, the-second-vpc

VPC identifier. Groups VPC settings. OpeNgine will assign this name to VPC, also used as reference in other configuration sections.

type

For GCP networks, type can have 2 values: gcp-provision-vpc - the network will be provisioned and configured by OpeNgine, gcp-existing-vpc - the network already exists and OpeNgine will use it to configure infrastructure

subnets

Groups one or more subnets for the same VPC

frontend, frontend2

Subnet identifiers.

cidr

Primary IP range of the sub-network or secondary IP ranges.

flow-logs

Only for type: gcp-provision-vpc. Set true to enable network packets monitoring for troubleshooting.

private-access

Only for type: gcp-provision-vpc. Enables VM instances with only internal (private) IP addresses (no external IP addresses) to reach the public IP addresses of Google APIs and services.

region

Only for type: gcp-provision-vpc. GCP region that will be used to provision subnet.

secondary-ranges

Group of secondary IP ranges to be assigned to Kubernetes services and application pods. Required to provision GKE cluster.

pods,services

Secondary IP range names, for reference in GKE configuration.

References: