Setup Clients in different VPC to mount using VPC Peering

Introduction

This article is a step-by-step guide of accessing the Elastifile LB IP from clients which reside on a different VPC or a different project.

The Elastifile load balancer is based on GCP routes.

Each route entry represents a single storage node in the Elastifile system.

Note: Currently, the routes propagation over peered network is a beta feature.

Setup 

In the following example we will use the following environment:

Elastifile Cluster

Project Name: "canary-support"

VPC Name: "dadee-network"

CIDR: "10.142.0.0/20"
 

NFS Clients

Project Name: "support-team-a"

VPC Name: "snir-shared"

CIDR: "10.141.0.0/20"

Note: VPC can be in the same project. The process is the same. 
 

Load Balancer IP [Mount Point]Load Balancer IP

Step-by-Step instructions

  1. Set up VPC peering between the two VPC. This case VPC peering between two VPCs.PeeringProject Name
     
  2. Validate VPC peering is established and connected. Status should say "Connected".validate
     
  3. Run the following commands in order to allow the beta feature of import/export routes between VPC networks. If routes already were Exported from Elastifile VPC and Imported into client VPC skip to step 5. 

    # Modify the arguments according to your own environment!

    # On the Elastifile project, use the export routes flag
    $ gcloud --project=canary-support beta compute networks peerings update peering --network=dadee-network --export-custom-routes

    # On the clients project, use the import routes flag
    $ gcloud --project=support-team-a beta compute networks peerings update peering --network=snir-shared --import-custom-routes

     

  4. Modify the firewall rules. For Elastifile VPC, Add the clients' subnet IP range to the 'elastifile-storage-client' FW rule. For Client VPC, add the Elastifile subnet allowing mount ports open.
    Example below: 

    Name: elastifile-storage-client-<cluster>
    Targets tags: [Elastifile Storage Nodes Network Tags]
    Source: 10.141.0.0/20 [Client Network Range]
    tcp: 111,644,2049,4040,4045
    udp: 111,644,2049,4040,4045
    other: icmp

    Client firewall rule
    Targets: [Client Network Tags]
    Source: 10.142.0.0/20 [Elastifile Network Range]
    tcp: 111,644,2049,4040,4045
    udp: 111,644,2049,4040,4045
    other: icmp

  5.  Now you can use the load balancer IP for mounting the Elastifile shares in your clients:

    root@client ~]# showmount -e 10.251.255.1
Export list for 10.251.255.1:
/first/root             *
/second/root            *
/third/root             *

     

Was this helpful?

How can we improve it?
true
Search
Clear search
Close search
Google apps
Main menu
5644265605380284645
true
Search Help Center
true
true
true
false
false