Creating the Velostrata Reference Cloud Deployment Stack on GCP
The Velostrata Cloud Deployment template provided creates the full stack of resources required to deploy and use the Velostrata solution, including a GCP VPC, subnets, firewall rules, network tags, Velostrata VPN Gateway instance, and Service Accounts with the permissions required for Velostrata operations. Google Cloud Platform Deployment Manager allows you to manage these resources.
To create the Velostrata Reference Cloud Deployment Stack on GCP:
- Download and extract the GCP deployment script: http://tiny.cc/velos-poc-gcp-v3-ps
Open a PowerShell session and change directory to the extracted script folder( cd ...\fullDeployemnt):
run .\ gcp_poc_setup_v1.0.ps
- Enter the Administrative GCP Account.
- Enter an existing Google Cloud Project Id for the Velostrata PoC setup.
- Enter the Google Cloud Platform Region.
- Enter the Google Cloud Platform Region Zone.
- Enter the name for the PoC Deployment, Lowercase, Minimum Length – 8 characters.
- Enter the On-Premises Datacenter outbound public NAT IP, that is, the customer’s public NAT IP.
Enter the On-Premises Subnet CIDR (for example 192.168.0.0/16).
- Enter the desired GCP VPC /16 CIDR block (for example 10.10.0.0/16).
9. A summary appears of the various parameters you entered.
- Review the parameters, and then press enter to continue. The public and private subnets are carved out of the CIDR block. The script takes approximately 5 minutes to complete and creates the following:
- Public and private subnets
- Firewall tags configured with Firewall rules
- Velostrata VPN Gateway instance
- Service Accounts and assigns the required permissions for Velostrata operations
Monitor the script execution for any errors. up on successful execution a .json file will be created in the script directory, this file will be used later for the creation of the cloud extension
Optional : To view the created deployment, open the Deployment Manager in the GCP console.
- Drill-down to review the deployment components and properties.
This includes the following:
- VPC network
- VPC subnets (public and private)
- Firewall rules
- Service account
- VM instance for the Velostrata VPN Gateway
- To view the VPC, select velostrata-gcp-poc-network.
- To manage the resource, click Manage Resource. This shows us the VPN networks.
- The name of the deployment is used as a prefix for the resource name, in this example, velostrata-gcp-poc-setup, and so on.
- Select the Routes tab.
- Select Firewall rules.
- View the velostrata-gcp-poc-setup-velosvpngateway instance.