Using Network Service Tiers

Introduction

This page shows you how to specify a Network Service Tier for your workloads. Before manually setting a network tier, review the information in the Cloud Network Service Tiers Overview.

Limits

  • Quota limits remain unchanged for premium and standard tier.

Restrictions

  • Cloud Platform Console support is not available for the alpha release of Network Service Tiers. Only the API and gcloud commands are supported for alpha. Cloud Platform Console support will be available for beta.
  • For this release, you can configure the network service tier only at the resource level. You cannot configure it at the project level.
  • Standard tier for Google Cloud Storage can be configured by adding the bucket as the backend of cloud load balancer and then setting the network tier on the forwarding rule. For this release, you cannot directly configure the tier on the Google Cloud Storage bucket.
  • You cannot change the tier directly from Standard to Premium and vice versa for a load balancer forwarding rule.
  • Pricing for Premium and Standard Tiers is provided for informational purposes only. You will be charged at current Premium rates in Alpha even if you configure the Standard Tier. The new pricing will take effect once Network Service Tiers is Generally Available (GA).
  • Standard network tier is being launched in regions in a phased manner for Alpha. Standard Tier is currently available in us-central1. It will be launched next in asia-east1 and europe-west1. We will launch other regions after that.

Creating static external addresses

When creating a new static external IP address, you can specify the network tier. The possible values are PREMIUM (default) and STANDARD. A Standard Tier address must be a regional address.

To reserve a regional static external IP address in the Standard Tier, run the following command:

gcloud

gcloud alpha compute addresses create my-standard-tier-ip-address \
     --region [REGION] \
     --network-tier STANDARD

where you would replace the following:

  • [REGION] with the region where you are creating the regional address.

For other command line flags, see the gcloud docs

API

POST https://www.googleapis.com/compute/alpha/projects/[PROJECT_ID]/regions/[REGION]/addresses
{
  "name": "my-standard-tier-ip-address",
  "networkTier": "STANDARD"
}

where you would replace the following:

  • [PROJECT_ID] with your project ID.
  • [REGION] with the region where you are creating the forwarding rule.

Creating forwarding rules

When creating a new forwarding rule, you can specify the network tier. The possible values are PREMIUM (default) and STANDARD.

If you specify an external IP address with the --address flag, that address must be the same tier as you specify for the forwarding rule. If you create a forwarding rule and do not specify the --address flag, GCP will allocate an ephemeral IP address of the appropriate tier.

The Standard Tier is only available for regional forwarding rules. Global forwarding rules must use the Premium Tier.

You must create the target of the forwarding rule before creating the forwarding rule. For example, to create a rule that points at a target pool, you must first create the target pool.

gcloud

gcloud alpha compute forwarding-rules create my-standard-tier-regional-rule \
     --network-tier STANDARD \
     --address my-standard-tier-ip-address \
     --region [REGION] \
     --target-http-proxy=[TARGET_HTTP_PROXY] \
     | --target-https-proxy=[TARGET_HTTPS_PROXY] \
     | --target-ssl-proxy=[TARGET_SSL_PROXY] \
     | --target-tcp-proxy=[TARGET_TCP_PROXY] \
     | --target-pool=[TARGET_POOL] \
     | --target-instance=[TARGET_INSTANCE]

where you would replace the following:

  • [REGION] with the region where you are creating the forwarding rule.
  • [TARGET_HTTP_PROXY] or [TARGET_HTTPS_PROXY] or [TARGET_SSL_PROXY] or [TARGET_TCP_PROXY] or [TARGET_POOL] or [TARGET_INSTANCE] with the appropriate target for the rule, depending on which target flag you specified.

For other command line flags, see the gcloud docs

API

POST https://www.googleapis.com/compute/alpha/projects/[PROJECT_ID]/regions/[REGION]/forwardingRules
{
  "name": "my-standard-tier-regional-rule",
  "networkTier": "STANDARD",
  "IPAddress": "https://www.googleapis.com/compute/alpha/projects/[PROJECT_ID]/regions/[REGION]/addresses/my-standard-tier-ip-address",
  "IPProtocol": "tcp",
  "target": "https://www.googleapis.com/compute/alpha/projects/[PROJECT_ID]/regions/[REGION]/targetPools/[TARGET_POOL]"
}

where you would replace the following:

  • [PROJECT_ID] with your project ID.
  • [REGION] with the region where you are creating the forwarding rule.
  • [TARGET_HTTP_PROXY] or [TARGET_HTTPS_PROXY] or [TARGET_SSL_PROXY] or [TARGET_TCP_PROXY] or [TARGET_POOL] or [TARGET_INSTANCE] with the appropriate target for the rule, depending on which target flag you specified.

Instances

Creating instances

When creating an instance that will connect directly to the Internet, you can specify the network tier. The possible values are PREMIUM (default) and STANDARD. The network tier is only relevant if the instance will communicate directly with the Internet. If the instance can only reach the Internet via a load balancer, you do not need to specify a network tier as the connection will use the tier specified for the load balancer forwarding rule.

If assigning a static external IP using a reserved address, the network tier of the address must match the network tier of the instance. If assigning an ephemeral external IP address, the network tier of the instance is used to assign an IP address from the corresponding pool.

gcloud

gcloud alpha compute instances create my-standard-tier-instance \
    --network-interface nic0 \
    --network-tier STANDARD

For other command line flags, see the gcloud docs

API

POST https://www.googleapis.com/compute/alpha/projects/[PROJECT_ID]/zones/[ZONE]/instances
{
  "name": "my-standard-tier-instance",
  "networkInterfaces":[
   {
    "network": "global/networks/default",
    "name": "nic0",
    "accessConfigs": [
     {
     "name": "External NAT",
     "type":"ONE_TO_ONE_NAT",
     "networkTier":"STANDARD"
     }
    ]
   }
  ],
  "IPAddress": "https://www.googleapis.com/compute/alpha/projects/[PROJECT_ID]/regions/[REGION]/addresses/my-standard-tier-ip-address",
  ... other parameters
}

where you would replace the following:

  • [PROJECT_ID] with your project ID.
  • [REGION] with the region of the resource.
  • [ZONE] with the zone where you are creating the instance.

See the API documentation for a list of other required and optional parameters.

Adding an access configuration to an instance

When creating an access configuration for an instance (i.e., assigning an ephemeral or static external IP to an instance), you can also specify the tier of the instance. If you specify an existing address, it must be the same tier as you are specifying for the instance. The possible values are PREMIUM and STANDARD.

gcloud

gcloud alpha compute instances add-access-config [CONFIG_NAME] \
    [--network-interface [INTERFACE_NAME]; default=”nic0” \
    [--access-config-name=[ACCESS_CONFIG_NAME]; default="external-nat"] \
    [--address=[ADDRESS]] \
    [--network-tier PREMIUM | STANDARD; default=”PREMIUM”]]

where you would replace the following:

  • [INSTANCE_NAME] with the name of the instance.
  • [INTERFACE_NAME] with the name of the interface. Defeault is nic0, the name of the default interface on the instance.
  • [ACCESS_CONFIG_NAME] with the name of the access config for the interface.
  • [ADDRESS] with the url of the IP address resource, if you are specifying an IP address.

API

POST https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]/addAccessConfig?networkInterface=nic0
{
  "name": [INSTANCE_NAME],
  "networkTier": "STANDARD",
  ... other parameters
}

  • [INSTANCE_NAME] with the name of the instance.
  • [PROJECT_ID] with your project ID.
  • [ZONE] with the zone of the instance.

See the API documentation for a list of other required and optional parameters.

Updating network tier on an instance

You can use the update-access-config to change the tier of an instance. The possible values for the network tier are PREMIUM and STANDARD. If the instance has an IP address, or if you are assigning one, it must be the same tier as you are specifying with this command.

gcloud

gcloud alpha compute instances update-access-config [INSTANCE_NAME] \
    --network-interface nic0 \
    --network-tier STANDARD

where you would replace the following:

  • [INSTANCE_NAME] with the name of the instance.

API

POST https://www.googleapis.com/compute/v1/projects/[PROJECT_ID]/zones/[ZONE]/instances/[INSTANCE_NAME]/updateAccessConfig?networkInterface=nic0
{
  "networkTier": "STANDARD",
  ... other parameters
}

where you would replace the following:

  • [INSTANCE_NAME] with the name of the instance.
  • [PROJECT_ID] with your project ID.
  • [ZONE] with the zone of the instance.

Creating an instance template that uses the Standard Tier

When configuring the network tier upon instance template creation, the following command can be used.

gcloud

gcloud alpha compute instance-templates create my-standard-tier-instance-template \
    --network-interface nic0 \
    --network-tier STANDARD

For other command line flags, see the gcloud docs

API

POST https://www.googleapis.com/compute/alpha/projects/[PROJECT_ID]/zones/[ZONE]/instanceTemplates
{
  "name": "my-standard-tier-instance-template",
  "networkInterfaces[].accessConfigs[].networkTier": "STANDARD",
  ... other parameters
}

See the API documentation for a list of other required and optional parameters.

What's next

  • See the Compute Engine Instances documentation for more information about instances.
  • See the Load Balancing documentation for more information about load balancers and forwarding rules.
  • See the Compute Engine Instance Templates documentation for more information about instance templates.

Monitor your resources on the go

Get the Google Cloud Console app to help you manage your projects.

Send feedback about...

Network Service Tiers