Listing 1: Erzeugen einer Cloud-SQL-Instanz

gcloud config set project ${project}
gcloud sql instances create mysql-instance \
--project="${project}" \
--region=us-central1 \
--enable-private-service-connect \
--allowed-psc-projects="${project}" \
--availability-type=zonal \
--no-assign-ip \
--tier=db-f1-micro \
--database-version=MYSQL_8_0 \
--enable-bin-log


Listing 2: IP-Adresse und Weiterleitungsregel

region="us-central1"
vpc_spoke_subnet_name="csql-psc-subnet"
# IP-Adresse reservieren
gcloud compute addresses create csql-psc-ip \
--subnet="${vpc_spoke_subnet_name}" \
--region="${region}" \
--addresses=192.168.0.253
#Namen abrufen
gcloud compute addresses list \
--filter="name=csql-psc-ip"
vpc_spoke_network_name="vpc1-spoke"
vpc_spoke_subnet_name="csql-psc-subnet"
region="us-central1"
#Abrufen der Service Attachment Informationen
csql_psc_ep_name="csql-psc-ep"
sa_uri=$(gcloud sql instances describe mysqlinstance \
--
format='value(pscServiceAttachmentLink)')
echo "$sa_uri"
#Erstellen der Weiterleitungsregel
gcloud compute forwarding-rules create
"${csql_psc_ep_name}" \
--address=csql-psc-ip \
--region="${region}" \
--network="${vpc_spoke_network_name}" \
--target-service-attachment="${sa_uri}" \
--allow-psc-global-access


Listing 3: Spoke-VPCs hinzufügen

vpc_spoke_name="sql-vpc1-spoke"
vpc_spoke_network_name="vpc1-spoke"
gcloud network-connectivity spokes linkedvpc-network create "${vpc_spoke_name}" \
--hub="${hub_name}" \
--vpc-network="${vpc_spoke_network_name}" \
--global
vpc_spoke_name="sql-vpc3-spoke"
vpc_spoke_network_name="vpc3-spoke"
gcloud network-connectivity spokes linkedvpc-network create "${vpc_spoke_name}" \
--hub="${hub_name}" \
--vpc-network="${vpc_spoke_network_name}" \
--global


Listing 4: NCC mit Terraform automatisieren

resource "google_network_connectivity_hub"
"default" {
Name = "Hub"
description = "Hub"
project = var.project_id
}
module "spoke-ra-a" {
source = "./fabric/modules/ncc-spoke-ra"
hub = { id =
google_network_connectivity_hub.default.id
}
name = "spoke-ra-a"
project_id = var.project_id
region = var.regions.primary
router_appliances = [
{
internal_ip = module.compute-vmprimary-b.internal_ip
vm_self_link = module.computevm-primary-b.self_link
}
]
router_config = {
asn = 65000
ip_interface0 = "10.0.16.14"
ip_interface1 = "10.0.16.15"
peer_asn = 65001
}
vpc_config = {
network_name = var.vpc.self_link
subnet_self_link =
var.subnets.primary.self_link
}
}