Cloud Volumes Service uses private services access to create a high-throughput and low-latency data-path connection. You need to perform the following steps once for each project. However, if you are using a shared VPC, you only need to perform these steps on the host project. You can only peer VPCs that use RFC 1918 address ranges as internal addresses.
You need to perform the following steps based on the cloud volume service type (CVS or CVS-Performance) that you deploy for your project. For example, if you deploy a volume that uses the CVS service type, use the commands for the CVS service type to perform the steps. If, later, you deploy a volume that uses the CVS-Performance service type, you need to perform the steps again and use commands for the CVS-Performance service type.
The steps and examples in this section assume that you are deploying a volume of each service type and that you will use a separate VPC for each service type.
If you plan to peer your consumer project with other producer organizations in addition to NetApp, you must use a different IP address allocation for each of those producers. This precaution is necessary because Cloud Volumes Service uses dynamic routes with your consumer project, but Google Cloud does not check whether your dynamic route allocations overlap. Because these routes are not visible to the other participating producers, multiple producers could inadvertently use an allocation from the same range, causing IP collisions and routing issues.
If you plan to use CVS or CVS-Performance volumes from on-premises networks through a VPN or Cloud Interconnect, choose a CIDR range that does not collide with the CIDR ranges used in your on-premises network. Failing to take this precaution can result in IP collisions and routing issues.
Create an allocated IP range within your VPC for the Cloud Volumes Service mount points. In the case of a shared VPC, allocate the range from the host project. You must provide an RFC 1918 address block. Ensure that your allocated range is sufficient in size for your present and future growth needs. You cannot modify (that is, expand) an existing range after you establish it and allocate it to a volume.
The CVS service type sets a /25 CIDR range for each consumer service project. This setup provides sufficient addresses for volumes in a single zone. You need an additional /25 CIDR range for each subsequent zone that you add in a region.
For example, consider the following CIDR ranges:
CIDR range Maximum volumes Number of supported zones Example deployment /25 100 1 Up to 100 volumes in 1 zone are supported for 1 VPC /24 200 Up to 2 Up to 100 volumes per zone, up to 2 zones, for 1 VPC /23 400 Up to 4 Up to 100 volumes per zone, up to 4 zones, for 1 VPC The following example for the CVS service type assumes that a VPC already exists in the project being used:
gcloud --project=my-cvs-prj compute addresses create netapp-addresses-production-vpc1 \ --global --purpose=VPC_PEERING --prefix-length=25 --network=production-vpc1 --no-user-output-enabledThe CVS-Performance service type uses a /28 CIDR range per region and consumer service project pair. If you pass a /24 CIDR range, you can deploy up to 16 combinations of a region and consumer service project pair.
For example, consider the following CIDR ranges:
CIDR range Number of region and project pairs supported Example Region to Project Pairs /28 1 Region1:Project1 /27 2 Region1:Project1
Region2:Project1/26 4 Region1:Project1
Region2:Project1
Region3:Project1
Region1:Project2/25 8 Region1:Project1
Region2:Project1
Region1:Project2
Region2:Project2
Region1:Project3
Region2:Project3
Region1:Project4
Region2:Project4/24 16 Region1:Project1
Region1:Project2
Region1:Project3
Region1:Project4
Region2:Project1
Region2:Project2
Region2:Project3
Region2:Project4
Region3:Project1
Region3:Project2
Region3:Project3
Region3:Project4
Region4:Project1
Region4:Project2
Region4:Project3
Region4:Project4The following example for the CVS-Performance service type assumes that a VPC already exists in the project:
gcloud \ --project=my-cvs-prj compute addresses create netapp-addresses-production-vpc2 \ --global \ --purpose=VPC_PEERING \ --prefix-length=24 \ --network=production-vpc2 \ --no-user-output-enabledCreate a private service connection to the Cloud Volumes Service endpoint.
CVS service type example:
gcloud \ --project=my-cvs-prj services vpc-peerings connect \ --service=cloudvolumesgcp-sds-api-network.netapp.com \ --ranges=netapp-addresses-production-vpc1 \ --network=production-vpc1CVS-Performance service type example:
gcloud \ --project=my-cvs-prj services vpc-peerings connect \ --service=cloudvolumesgcp-api-network.netapp.com \ --ranges=netapp-addresses-production-vpc2 \ --network=production-vpc2Enable custom route propagation:
CVS service type example:
gcloud \ --project=my-cvs-prj compute networks peerings update netapp-sds-nw-customer-peer \ --network=production-vpc1 \ --import-custom-routes \ --export-custom-routesCVS-Performance service type example:
gcloud \ --project=my-cvs-prj compute networks peerings update netapp-cv-nw-customer-peer \ --network=production-vpc2 \ --import-custom-routes \ --export-custom-routesCheck that the connection is established:
CVS service type example:
gcloud \ --project=my-cvs-prj services vpc-peerings list \ --network=production-vpc1CVS-Performance service type example:
gcloud \ --project=my-cvs-prj services vpc-peerings list \ --network=production-vpc2
Using non-RFC 1918 IP addresses
You can bring non-RFC 1918 IP addresses (non-private addresses) into the NetApp network for the CVS-Performance service type. You can create a new subnet with a new VPC network or add a new subnet to an existing VPC network.
Create a new subnet with a new VPC network
- Create a new VPC network and a new subnet with the non-RFC 1918 IP address range.
- In Cloud Volumes Service, create a volume in the new VPC network. Select the newly created VPC network name in which the volume will be accessible.
- To set up a peer network to create the volume, click the View commands how to set up network peering button, and run the given commands.
Enable the peer on your platform to accept incoming and outgoing public routes:
gcloud \ --project=cloud-heroes compute networks peerings update netapp-cv-nw-customer-peer \ --network=nonrfcdemovpc \ --import-subnet-routes-with-public-ip \ --export-subnet-routes-with-public-ipSet the export policy in the volume details with the VM instance's IP address range.
You can then export the volume to the VM and run your workloads on the volume.
Add a new subnet in an existing VPC network
- Create a new subnet with the non-RFC 1918 IP address range in an existing VPC network.
- Create a support case with NetApp to enable the non-RFC 1918 IP address range.
Accessing Cloud Volumes from different regions or external networks
Your project can access a volume of the CVS or CVS-Performance service type from any zone within the region in which a volume is provisioned. Furthermore, if your VPC has enabled global dynamic routing, your project can access a volume from any other Google Cloud regions.
The routes to CVS or CVS-Performance volumes will only be announced within the VPC. If you want to access the service from an external network, like an on-premises network via VPN or Cloud Interconnect, you need to configure a static route on the on-premises router to the CIDR range that you selected in Step 1 above.
What's next
- Creating and managing NFS volumes
- Creating and managing SMB volumes
- Monitoring cloud volumes
- Creating and managing volume snapshots
- Reverting a volume using a snapshot
- Backing up and restoring a cloud volume
- FAQs about NetApp Cloud Volumes Service for Google Cloud
- Try out other Google Cloud features for yourself. Have a look at our tutorials.