Scenario – Bob tries configure the VM to his requirements and has to install & update packages but, he finds out that there’s no internet access on Bob’s server box. He remembers that he has configured a private VPC that has private access enabled. Bob wants the server to be secured but, it should also have the capability to download whatever is needed from the internet!
We can accomplish this with the help of GCP’s Cloud NAT. The diagram below gives an overview of how Cloud NAT arch looks like.
Run the following commands in your terminal or on GCP Cloud Shell.
1. Create router
gcloud compute routers create <nat-router-us-central1> \
--network <my-vpc> \
--region <us-central1>This command creates a router as per values specified in –network and –region options.
2. Create a NAT and attach
gcloud compute routers nats create nat-config \
--router-region <us-central1> \
--router <nat-router-us-central1> \
--nat-all-subnet-ip-ranges \
--auto-allocate-nat-external-ipsThe 2nd command will create a NAT and attach the router created by the previous command along with extra params which will apply to all subnet ip ranges and auto allocate external IPs to the NAT.
Replace with relevant names for your setup
You can check connect to internet by some commands like
sudo apt update
