Small correction. It is not that service project do not have their network (vpc). We can create networks in service projects, however they cannot be shared with projects. A host project can share its network with other projects.
Hello Mahesh, I have been following your tutorials from two months and now I feel some confidence in GCP. So i am trying something like this- I used Raspberry Pi to send temperature data from a sensor to Google Cloud. But based on that data, I want to trigger a LED connected to a microcontroller like Arduino or ESP32...But i donno how can I do the second step of LED blinking from real-time data Thanking you and waiting for your valuable reply
Hi Mahesh, Could you please clarify why we are not granting service account of Kubernetes engine the network user in the host project similar to which we did in App engine.
Since, I am owner in all the projects it is not required. th-cam.com/video/uFyUQ1UegxQ/w-d-xo.html th-cam.com/video/JfpmGaugVBU/w-d-xo.html can give some clarification
Hi, just had a query that if gke is in one vpc(shared vpc) and bastion host is in other vpc(service project vpc) so for pod to pod communication (that is 2 microservices having different ports ) we need to open the ports in firewall for which vpc??
What is the connection b/w GKE and bastion host? Regarding Pod to Pod communication are these pods in the same GKE cluster? Lastly, when you are using Shared VPC all the firewall rule will configured in Host Project. There will no VPC and Firewall in Service Project
Is this scenario possible? share Subnet-A to Project-A, then share Subnet-B to Project-B... Project-B shouldn't see Subnet-A when creating an instance... the same goes with Project-A... but both of the instance can reach each other normally.. is that possible? to share and make a subnet available to a specific project only.
Hi Mahesh, Thanks for sharing great and simple content to learn GCP.
My pleasure
is there any way to enable "Kubernetes Engine Access" after sharing the VPC?
Small correction. It is not that service project do not have their network (vpc). We can create networks in service projects, however they cannot be shared with projects. A host project can share its network with other projects.
Aditya, best practice is to avoid creating VPC in Service Project.
Please explain same process through terraform and also which permission we need to have in host and service leval projects
Good Vedio Mahesh !
Thanks, Srinivas
Hi Mahesh did you noticed secondary range for pods and services is very less /24 what is ideal range.
Hello Mahesh,
I have been following your tutorials from two months and now I feel some confidence in GCP. So i am trying something like this-
I used Raspberry Pi to send temperature data from a sensor to Google Cloud. But based on that data, I want to trigger a LED connected to a microcontroller like Arduino or ESP32...But i donno how can I do the second step of LED blinking from real-time data
Thanking you and waiting for your valuable reply
Hi Gollapudi Venkata Saikumar, this link cloud.google.com/community/tutorials/cloud-iot-gateways-rpi gives more information related to your question
thanks Mahesh. why do we need the 2 secondary CIDR ranges? is this something to do with using shared VPC?
For Pods & services it is required
This is something related to Kubernetes. For pods and services.
Hi Mahesh, Could you please clarify why we are not granting service account of Kubernetes engine the network user in the host project similar to which we did in App engine.
Since, I am owner in all the projects it is not required.
th-cam.com/video/uFyUQ1UegxQ/w-d-xo.html
th-cam.com/video/JfpmGaugVBU/w-d-xo.html
can give some clarification
Hi, just had a query that if gke is in one vpc(shared vpc) and bastion host is in other vpc(service project vpc) so for pod to pod communication (that is 2 microservices having different ports ) we need to open the ports in firewall for which vpc??
What is the connection b/w GKE and bastion host? Regarding Pod to Pod communication are these pods in the same GKE cluster? Lastly, when you are using Shared VPC all the firewall rule will configured in Host Project. There will no VPC and Firewall in Service Project
Is this scenario possible? share Subnet-A to Project-A, then share Subnet-B to Project-B... Project-B shouldn't see Subnet-A when creating an instance... the same goes with Project-A... but both of the instance can reach each other normally.. is that possible? to share and make a subnet available to a specific project only.
It is possible to control what subnetwork the service project can access
@@LearnGoogleCloudwithMahesh if it is ok with you, may I know the method how to do this? is this a configuration inside the shared VPC?
@@ericksonjosephsantos8857 The last screen in shared vpc creation page