Configure a VPC network

Parallelstore runs within a Virtual Private Cloud (VPC) which provides networking functionality to Compute Engine virtual machine (VM) instances, Google Kubernetes Engine (GKE) clusters, and serverless workloads.

The same VPC network must be specified when creating the Parallelstore instance and client Compute Engine VMs or Google Kubernetes Engine clusters

You must also configure private services access within your VPC.

Configure IAM permissions

You must have one of the following IAM permissions in order to set up network peering for your project:

To grant a role:

gcloudprojectsadd-iam-policy-bindingPROJECT_ID\
--member="user:EMAIL_ADDRESS"
--role=ROLE

Create and configure the VPC

  1. Enable service networking.

    gcloudservicesenableservicenetworking.googleapis.com

  2. Create a VPC Network.

    gcloudcomputenetworkscreateNETWORK_NAME\
--subnet-mode=auto\
--mtu=8896

  3. Create an IP range.

    Private services access requires a prefix-length of at least /24 (256 addresses). Parallelstore reserves 64 addresses per instance, which means that you can re-use this IP range with other services or other Parallelstore instances if needed. 

    gcloudcomputeaddressescreateIP_RANGE_NAME\
--global\
--purpose=VPC_PEERING\
--prefix-length=24\
--description="Parallelstore VPC Peering"\
--network=NETWORK_NAME

  4. Get the CIDR range associated with the range you created in the previous step.

    CIDR_RANGE=$(
gcloudcomputeaddressesdescribeIP_RANGE_NAME\
--global\
--format="value[separator=/](address, prefixLength)"
)

  5. Create a firewall rule to allow TCP traffic from the IP range you created. 

    gcloudcomputefirewall-rulescreateFIREWALL_NAME\
--allow=tcp\
--network=NETWORK_NAME\
--source-ranges=$CIDR_RANGE

  6. Connect the peering.

    gcloud services vpc-peerings connect \
 --network=NETWORK_NAME \
 --ranges=IP_RANGE_NAME \
 --service=servicenetworking.googleapis.com

Known issues

Parallelstore instances and clients cannot use an IP address from the 172.17.0.0/16 subnet range. See Known issues for more information.

What's next

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2026年01月02日 UTC.