0

I have a deploymgr template that creates a bunch of network assets and VMs and it runs fine with no errors reported, however no VPC peerings are ever created. It works fine if I create a peering via the console or on the cli via glcoud

Peering fails (with no error msg):

# Create the required routes to talk to prod project
- name: mytest-network
  type: compute.v1.network
  properties:
    name: mytest
    autoCreateSubnetworks: false
    peerings:
    - name: mytest-to-prod
      network: projects/my-prod-project/global/networks/default
      autoCreateRoutes: true

Peering Works:

$ gcloud compute networks peerings create mytest-to-prod --project=myproject --network=default --peer-network=projects/my-prod-project/global/networks/default --auto-create-routes

xref
  • 1,707
  • 5
  • 19
  • 41

2 Answers2

2

The Peering cannot be done at network creation time as per the API reference. First the network needs to be created and once it has been created successfully, the addPeering method needs to be called. This explains why your YAML definition created the network but not the peering and it worked after running the gcloud command that it calls the addPeering method.

There is a possibility of creating and doing the peering on one YAML file by using the Deployment manager actions: 

resources:
- name: mytest-network1
  type: compute.v1.network
  properties:
    name: mytest1
    autoCreateSubnetworks: false

- name: mytest-network2
  type: compute.v1.network
  properties:
    name: mytest2
    autoCreateSubnetworks: false

- name: addPeering2-1
  action: gcp-types/compute-v1:compute.networks.addPeering
  metadata:
    runtimePolicy:
    - CREATE
  properties:
    network: mytest-network2
    name: vpc-2-1
    autoCreateRoutes: true
    peerNetwork: $(ref.mytest-network1.selfLink)
  metadata:
    dependsOn:
    - mytest-network1
    - mytest-network2

- name: addPeering1-2
  action: gcp-types/compute-v1:compute.networks.addPeering
  metadata:
    runtimePolicy:
    - CREATE
  properties:
    network: mytest-network1
    name: vpc-1-2
    autoCreateRoutes: true
    peerNetwork: $(ref.mytest-network2.selfLink)
  metadata:
    dependsOn:
    - mytest-network1
    - mytest-network2

You can copy-paste the YAML above, create the deployment and the peering should be done. The actions use the dependsOn option to make sure the network are created first and when deleting the deployment the peerings would be deleted by calling the removePeering method and then the networks would be deleted.

Note: The Deployment manager actions are undocumented yet but there are several examples in the GoogleCloudPlatform/deploymentmanager-samples repository such as this and this.

Adrián
  • 2,876
  • 17
  • 22
0

From gcloud works as expected, please update your YAML file to use "peerings[].network" when specifying the list of peered network resources.

Thrahir
  • 98
  • 7
  • 1
    Hmm can't get that to work either, also looks like a docs discrepancy because [this doc](https://cloud.google.com/compute/docs/reference/rest/v1/networks) says use `peerings[].network` but your link says use `peerNetwork` – xref May 04 '18 at 19:28
  • agree I will double check it. – Thrahir May 04 '18 at 20:02
  • The correct ressource is peerings[].network. I updated the document. I tested the two of them and they don't work I suggest you as workaround 1) create the original networks deployment 2) update the networks deployment adding the peering – Thrahir May 08 '18 at 13:53