Connecting to GCP

If you're more of a visual learner, check out the video tutorial!

Create a VPC

Go to VPC Network > VPC Networks.

Select Create VPC Network.

Enter VPC name, and under Subnets choose region, IP Stack option and IP CIDR range. Remember to select On option for Private Google Access while creating the private subnet.

Here we are using 10.0.1.0/24 for public subnet range and 10.0.2.0/24 for private subnet range. Customize the IPv4 CIDR block if needed.

GCP VPC Subnet

Click on Create and it will generate the VPC Network for you.

After the VPC network creation, go to VPC-Name > Firewalls. Select Add Firewall Rule and then enter the rule name, and source IP range (Source = 0.0.0.0/0).

GCP VPC Firewall

After that you will be asked to select the ingress ports and protocols. Allow inbound SSH (Port range = 22). We’ll need this during initial setup but can close the firewall later.‍

GCP VPC Firewall SSH

Create a Bastion Host

Use one of the supported linux distros.

Go to Compute Engine > Create an Instance > Advanced Options > Networking section.

Add the respective firewall tags in the Network Tags box.

Attach public subnet to the instance from the VPC and assign it a public IP Address.

SSH into the machine and Install the DevZero CLI from the script:

curl -fsSL https://get.devzero.io | sh

Log into your account by executing:

sudo dz auth login && sudo dz net connect

Enable IP forwarding to access resources on VPC CIDR:

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf

Connect to DevZero network:

sudo dz net connect --ssh --advertise-routes=<VPC-CIDR>

Verify that the machine is connected to your DevZero network:

dz net status

dz net status

You should see the GCP virtual machine hostname.

Now you will be able to access Private GCP Resources from your DevBox.

Connecting to GCP

Create a VPC

Create a Bastion Host

Video Walkthrough

On this page