Creating a subnet

Google Cloud VMware Engine creates a network for each private cloud and uses VLANs for network management. For workload virtual machines (VMs), you must create network segments on NSX-T Manager for your private cloud. Network segments created in NSX-T Manager aren't visible in VMware Engine.

Access NSX-T Manager from the VMware Engine portal

The process of creating a subnet happens in NSX-T, which you access through VMware Engine:

  1. Access the VMware Engine portal.
  2. From the main navigation, go to Resources.
  3. Click the Private cloud name corresponding to the private cloud where you want to create the subnet.
  4. On the details page of your private cloud, click the vSphere Management Network tab.
  5. Click the FQDN corresponding to NSX Manager.
  6. When prompted, enter your sign-in credentials. As a reminder, you can retrieve generated credentials from the private cloud details page.

If you've set up NSX-T to use an identity source, such as Active Directory, use your identity source credentials instead.

Create a workload network segment in NSX-T

For workload VMs, create subnets as NSX-T network segments for your private cloud:

  1. In NSX-T, go to Networking > Segments.
  2. Click Add Segment.
  3. In the Segment Name field, enter a name for your segment.
  4. In the Connected Gateway list, select Tier1 to connect to the tier-1 gateway.
  5. In the Transport zone list, select TZ-OVERLAY | Overlay.
  6. In the Subnets column, enter the subnet range. Specify the subnet range with .1 as the last octet. For example, 10.12.2.1/24.
  7. Click Set DHCP Config, and provide values for the DHCP Ranges field.
  8. Click Apply to save your DHCP configuration.
  9. Click Save. You can now select this network segment in vCenter when creating a VM.

In a given region, you can advertise at most 100 unique routes from VMware Engine to your VPC network using private services access. For example, those unique routes include private cloud management IP address ranges, NSX-T workload network segments, and HCX network IP address ranges. This route limit includes all private clouds in the region and corresponds to the Cloud Router learned route limit.

For information about routing limits, see Cloud Router Quotas and limits.

What's next