Hello,
I have a few questions/comments related to the ‘Networking Challenge Lab’.
I’m completely new to this material so any feedback or clarification provided on the below points would be greatly appreciated!
1. Created a new Service Account role for the backend instance template/group, with the same custom role ‘Base GCE Role’ as the frontend Service Account.
2. When creating the frontend & backend instance templates, do you need to include both subnets (oregon & california) for each? Do you need to create a separate instance template for each subnet?
I believe as per the example in the lab, frontend instance template is for ‘us-west1’ (oregon) and backend instance template is for ‘us-west2’ (california). Meaning, the oregon subnet is to be used for the frontend instance, and the california subnet is to be used for the backend instance.
3. There are 4 instance templates created, frontend and backend with and without SSH. Will the same ‘open-ssh-by-tag-fwr’ apply to the frontend and backend with SSH instance templates (adding the network tags as ‘open-ssh-tag’)?
4. For the extra-instances, which templates were used for these? The same frontend and backend with SSH used for the other instances?
Thank you for your feedback!
1 Answers
When creating the frontend & backend instance templates, do you need to include both subnets (oregon & california) for each? Do you need to create a separate instance template for each subnet?
you can create front-end instances in one region and backend instances in other region and use respective subsnets as subnets are also regional!
There are 4 instance templates created, frontend and backend with and without SSH. Will the same ‘open-ssh-by-tag-fwr’ apply to the frontend and backend with SSH instance templates (adding the network tags as ‘open-ssh-tag’)?
I have created two instance templates ( one for backend and another for frontend) and configure firewall rules accordingly to make sure that desired network communication does happen smoothly. just to open SSH, we do not need to have separate instance templates, only work with correct set of FW rules.
Hope this helps!