I am attempting to build a VM using the marketplace posgresql11 image (though the problem appears to be general for all images I have tried) with the following GCLOUD command:
gcloud compute instances create-with-container postgres-test \
--container-image gcr.io/cloud-marketplace/google/postgresql11:latest \
--container-env-file=envdata.txt \
--container-mount-host-path mount-path=/var/lib/postgresql,host-path=/mnt/disks/postgres_data,mode=rw \
--machine-type=e2-small \
--scopes=cloud-platform \
--boot-disk-size=10GB \
--boot-disk-device-name=postgres-test \
--create-disk="mode=rw,size=10GB,type=pd-standard,name=postgres-test-data,device-name=postgres-test_data" \
--network-interface=subnet="default,no-address" \
--tags=database-postgres \
--metadata-from-file user-data=metadata.txt
The envdata.txt file contains the environment variable data for the image and the metadata.txt file contains bootcmd instructions to format and mount the external disk for the postgres data.
envdata.txt:
POSTGRES_USER=postgresuser
POSTGRES_PASSWORD=postgrespassword
metadata.txt:
#cloud-config
bootcmd:
- fsck.ext4 -tvy /dev/sdb
- mkdir -p /mnt/disks/postgres_data
- mount -t ext4 -O ... /dev/sdb /mnt/disks/postgres_data
The VM is created but and the sudo journalctl command shows that an attempt is starting to connect to the GCR but this appears to not be successful. The docker image for postgres is not downloaded and is not started on the VM.
If I now remove the no-address command from the network-interface line of the cloud command (allowing google to allocate an external IP address to the VM) by executing the following:
gcloud compute instances create-with-container postgres-test \
--container-image gcr.io/cloud-marketplace/google/postgresql11:latest \
--container-env-file=envdata.txt \
--container-mount-host-path mount-path=/var/lib/postgresql,host-path=/mnt/disks/postgres_data,mode=rw \
--machine-type=e2-small \
--scopes=cloud-platform \
--boot-disk-size=10GB \
--boot-disk-device-name=postgres-test \
--create-disk="mode=rw,size=10GB,type=pd-standard,name=postgres-test-data,device-name=postgres-test_data" \
--network-interface=subnet="default" \
--tags=database-postgres \
--metadata-from-file user-data=metadata.txt
Then a VM is created, the POSTGRES image is downloaded and is executed. sudo journalctl shows that the connection to GCR starting and started.
Can anyone explain to me why the execution of an image in my case is dependant on having an external IP and how I can create a VM using the GCR without having to allocate an external IP address to the instance?
If you have a public IP, then requests from your instance to the Internet go thru the Internet Gateway. If your instance does not have a public IP then you need to setup Cloud NAT to provide a route to the Internet. This is the simplest solution. If you only need to access Google APIs and services and not the public Internet, see the next option.
Google Cloud NAT
Google also offers
Private Google Access
to reach only Google APIs and services.Private Google Access