Use a pre-existing VPC network

Use the pre-existing-vpc module to use an existing VPC network in Google Cloud and retrieve the network attributes.

This module lets you integrate your pre-provisioned network infrastructure into new Cluster Toolkit deployments. By using this module, you securely connect new resources, such as virtual machine (VM) instances, to your established network environments without the need to recreate the networks. The module outputs attributes that uniquely identify the VPC network and subnetwork so that other modules can consume the attributes.

Because the module outputs align with the standard vpc module, you can use the pre-existing-vpc module as a direct substitute.

For the complete list of inputs and outputs for this module, see the pre-existing-vpc module page in the Cluster Toolkit GitHub repository.

Before you begin

Before you begin, verify that you meet the following requirements:

• You have installed and configured Cluster Toolkit. For installation instructions, see Set up Cluster Toolkit.
• You have an existing cluster blueprint. You can use and modify an existing blueprint or create one from scratch. For a working example of a blueprint configured for the pre-existing-vpc module, see the examples/hpc-slurm.yaml file. For more information about creating and customizing blueprints, see Cluster blueprint.
• To view a complete list of blueprints, go to the Cluster blueprint catalog page.

• If your target VPC network exists in a different Google Cloud project, then you can use this module to reference the network. However, if you use a network from a different project, then you must first configure a Cloud NAT gateway and configure Identity-Aware Proxy Transmission Control Protocol (TCP) forwarding. For more information about these prerequisites, see the following documentation:

  • Cloud NAT overview
  • Use IAP for TCP forwarding

Required roles

To get the permissions that you need to discover the pre-existing VPC network and subnetwork, ask your administrator to grant you the Compute Network Viewer (roles/compute.networkViewer) IAM role on your project. For more information about granting roles, see Manage access to projects, folders, and organizations.

You might also be able to get the required permissions through custom roles or other predefined roles.

Use an existing VPC

The following example identifies a global network and a regional subnetwork. The use keyword instructs the vm-instance module to accept the variables that identify the network and subnetwork so that the cluster creates the VM inside the correct VPC network.

- id: network1
  source: modules/network/pre-existing-vpc
  settings:
    project_id: $(vars.project_id)
    region: us-central1

- id: example_vm
  source: modules/compute/vm-instance
  use:
  - network1
  settings:
    name_prefix: example
    machine_type: c2-standard-4

The project_id setting and the region setting are inferred from deployment variables that share the same name.

What's next

• For the complete list of inputs and outputs for this module, see the pre-existing-vpc module page in the Cluster Toolkit GitHub repository.
• For a complete list of supported modules, see the compatibility matrix on GitHub.