{GCP VPC}IPレンジ拡張

GCP

 

https://cloud.google.com/sdk/gcloud/reference/compute/networks/subnets/expand-ip-range


-- 1. プロジェクト作成

gcloud init
gcloud auth list

gcloud --version

gcloud projects create project01-9999999 \
--name="project01"

gcloud config list
gcloud config set project project01-9999999
gcloud config set compute/region asia-northeast1 --quiet
gcloud config set compute/zone asia-northeast1-a --quiet

 

gcloud beta billing accounts list
gcloud beta billing projects link project01-9999999 --billing-account=111111-111111-111111

gcloud services enable compute.googleapis.com --project project01-9999999

 


-- 2. VPC、サブネット、VMインスタンス作成

 

cat <<-'EOF' > main.tf


provider "google" {
  project = "project01-9999999"
  region = "asia-northeast1"
}

resource "google_compute_network" "vpc01" {
  name = "vpc01"
  auto_create_subnetworks = false
}

resource "google_compute_subnetwork" "subnet01" {
  name = "subnet01"
  ip_cidr_range = "10.0.0.0/16"
  network = google_compute_network.vpc01.id
  private_ip_google_access =true
}


resource "google_service_account" "sa99999999" {
  account_id   = "sa99999999"
  display_name = "sa99999999"
}

resource "google_compute_instance" "vm01" {
  name         = "vm01"
  machine_type = "e2-micro"
  zone         = "asia-northeast1-a"

  tags = ["tag01"]

  boot_disk {
    initialize_params {
      image = "centos-7-v20221004"
    }
  }

  network_interface {
    network = google_compute_network.vpc01.self_link
    subnetwork = google_compute_subnetwork.subnet01.self_link
    access_config {}
  }

  service_account {
    email  = google_service_account.sa99999999.email
    scopes = ["cloud-platform"]
  }

  scheduling {
    preemptible = true
    automatic_restart = false
  }
}

 

resource "google_compute_firewall" "fw01" {
  name    = "fw01"
  network = google_compute_network.vpc01.name
  direction = "INGRESS"
  allow {
    protocol = "tcp"
    ports    = ["22"]
  }
  source_ranges = [
    "0.0.0.0/0"
  ]
  target_tags = ["tag01"]
}

resource "google_compute_firewall" "fw02" {
  name    = "fw02"
  network = google_compute_network.vpc01.name
  direction = "INGRESS"
  allow {
    protocol = "all"
  }
  source_ranges = [
    "10.1.0.0/24"
  ]
  target_tags = ["tag01"]
}

 

 


EOF

terraform init
terraform fmt
terraform -version

terraform plan

terraform apply -auto-approve


# terraform destroy -auto-approve
# gcloud compute ssh vm01

 

 

-- 2. サブネット拡張

gcloud compute networks subnets list


gcloud compute networks subnets describe subnet01 \
--region=asia-northeast1

gcloud compute networks subnets expand-ip-range subnet01 \
--region=asia-northeast1 \
--prefix-length=15

 


-- 3. プロジェクト削除

gcloud projects list

gcloud projects delete project01-9999999 \
--quiet


gcloud beta billing projects unlink project01-9999999