How to use multi-VPC networking in Google Cloud VMware Engine
Albert Colas Prunera
Networking Specialist
Marcos Hernandez
InfraMod Specialist
Not too long ago, we wrote about some key new capabilities in Google Cloud VMware Engine. One of the new main innovations we announced was multi-VPC connectivity, or the ability to connect the same VMware Private Cloud (that’s the name we use at Google to describe what VMware calls a Software Defined Datacenter, or SDDC) to multiple Virtual Private Clouds (VPCs) inside a customer’s organization. In today's post, we explore in more detail the benefits and use cases that this feature enables.
Because of this new feature, Google Cloud VMware Engine now supports connecting a Private Cloud to multiple customer VPCs (one-to-many). Previously, this was not possible, as the relationship between a VPC and a Private Cloud was unique (one-to-one).
This unique feature also allows you to establish connectivity between Google Cloud VMware Engine and our Managed Partner Services (MPS), such as NetApp Cloud Volumes for high performance file storage , with more solutions to be added in the future. For more details please check out this link.
As of this writing, the maximum number of VPCs that can be associated with a single Private Cloud is three. If a Private Cloud leverages regional Internet access and/or Public IP Service, then the maximum number of customer VPCs that it can connect to is reduced to two.
Use cases
You have separate dev/test and production VPCs (including Shared VPCs), or separate business units, that require access to the same Google Cloud VMware Engine Private Cloud.
A Google Cloud VMware Engine Private Cloud needs to access an existing VPC (including a Shared VPC) and a third-party managed service, such as NetApp Cloud Volumes.
A Virtual Desktop Infrastructure (VDI) farm hosted in Google Cloud VMware Engine needs to access an external storage service and Compute Engine resources.
Benefits and differentiators
Current customers and brownfield deployments in Google Cloud are not required to change their existing architectures to access the same VMware Private Cloud.
You can access and retain existing storage management mechanisms such as NetApp Cloud Volumes Service (CVS) from within the guest OS.
If for some reason you can’t implement, or do not want to implement, a VPN or a multi-NIC network virtual appliance to connect VPCs together, but instead want to use VPC peering, now you can do that. A Google Cloud VMware Engine Private Cloud can connect to these VPCs without any issues; just set up the private connection between the VPC and the Private Cloud.
Google Cloud is the only cloud service provider that provides peering from a single Private Cloud to multiple VPCs.
Google Cloud is the only cloud service provider that provides service-level access to the NetApp Cloud Volumes service.
How to configure multi-VPC connectivity
If you have already connected a VPC in your Project to a Google Cloud VMware Engine Private Cloud, the process to add another connection from the same Private Cloud to a new VPC is very simple. To configure multi-VPC connectivity, do the following:
From the new VPC, create a new Private Service Access connection, just like you did for the original VPC.
An Administrator with the appropriate permissions can then access the Google Cloud VMware Engine portal and navigate to Network > Private Connection > Add Private Connection, where they can fill out the following information for the same Private Cloud referenced above:
Service: VPC Network (or NetApp Cloud Volumes if connecting to this third-party service).
Region: Region where the Private Cloud is located
Peer Project ID and Number: The Project that contains the new VPC that the service will be connecting to.
Peer VPC ID: The new VPC you want to connect to your existing Private Cloud.
Tenant Project ID: The Google-managed project ID, which can be found after creating the Private Service Access connection to the service, as described here.
And that’s it! Just remember the current limits when leveraging this feature: a maximum of three (3) peered VPCs per Private Cloud, or two (2) if using the regional Google Cloud VMware Engine Internet Service or Public IP Service. Multi-VPC connectivity enables a variety of use cases and networking architectures not possible before, and can be combined at the same time with other capabilities of Google Cloud VMware Engine.
For more information about the end-to-end networking capabilities and services available in Google Cloud VMware Engine, please refer to the Private Cloud Networking for Google Cloud VMware Engine whitepaper, which includes details about network flows, configuration options and the differentiated benefits of running your VMware workloads in Google Cloud.
Be sure to join our product team and specialists for a free half-day VMUG virtual event on Thursday May 11th. We’ll showcase what’s new, dive into how Google Cloud VMware Engine works, and provide a sneak peak at what’s coming later in the year.