Bird
Raised Fist0
GCPcloud~10 mins

Custom VPC creation in GCP - Step-by-Step Execution

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Process Flow - Custom VPC creation
Start
Define VPC Name & Region
Specify Subnet Ranges
Create VPC Network
Create Subnets in VPC
Set Firewall Rules (optional)
VPC Ready for Use
This flow shows the steps to create a custom VPC: define name and region, specify subnet IP ranges, create the VPC network, add subnets, optionally set firewall rules, then the VPC is ready.
Execution Sample
GCP
gcloud compute networks create my-custom-vpc --subnet-mode=custom

gcloud compute networks subnets create my-subnet-1 --network=my-custom-vpc --region=us-central1 --range=10.0.1.0/24

gcloud compute firewall-rules create allow-internal --network=my-custom-vpc --allow tcp,udp,icmp --source-ranges=10.0.0.0/16
This code creates a custom VPC, adds a subnet with a specific IP range, and sets a firewall rule to allow internal traffic.
Process Table
StepActionCommandResult
1Create custom VPC networkgcloud compute networks create my-custom-vpc --subnet-mode=customVPC 'my-custom-vpc' created with no subnets
2Create subnet in VPCgcloud compute networks subnets create my-subnet-1 --network=my-custom-vpc --region=us-central1 --range=10.0.1.0/24Subnet 'my-subnet-1' created in 'us-central1' with IP range 10.0.1.0/24
3Create firewall rule to allow internal trafficgcloud compute firewall-rules create allow-internal --network=my-custom-vpc --allow tcp,udp,icmp --source-ranges=10.0.0.0/16Firewall rule 'allow-internal' created allowing tcp, udp, icmp from 10.0.0.0/16
4Verify VPC and subnetgcloud compute networks describe my-custom-vpcShows VPC with custom subnet 'my-subnet-1' and firewall rules
5End-Custom VPC setup complete and ready for use
💡 All steps completed successfully; custom VPC with subnet and firewall rule is ready.
Status Tracker
ResourceInitial StateAfter Step 1After Step 2After Step 3Final State
VPC NetworkNoneCreated (no subnets)Created (no change)Created (no change)Exists with subnet and firewall rules
SubnetNoneNoneCreated with 10.0.1.0/24 in us-central1Created (no change)Exists in VPC
Firewall RulesNoneNoneNoneCreated allowing internal trafficExists and active
Key Moments - 2 Insights
Why do we specify --subnet-mode=custom when creating the VPC?
Because by default, VPCs create automatic subnets in all regions. Using --subnet-mode=custom means no subnets are created automatically, so you can add subnets with your own IP ranges as shown in step 2.
What happens if we skip creating firewall rules after creating the VPC and subnet?
By default, the VPC blocks most traffic. Without firewall rules like in step 3, instances in the subnet cannot communicate internally or externally as desired.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, what is the IP range of the subnet created at step 2?
A10.0.1.0/24
B10.0.0.0/16
C192.168.1.0/24
D172.16.0.0/16
💡 Hint
Check the 'Command' and 'Result' columns in row 2 of the execution table.
At which step is the firewall rule created to allow internal traffic?
AStep 1
BStep 2
CStep 3
DStep 4
💡 Hint
Look for the action mentioning firewall rules in the execution table.
If we omit --subnet-mode=custom in step 1, what changes in the execution?
ANo subnets are created at all
BSubnets are created automatically in all regions
CFirewall rules are created automatically
DThe VPC creation fails
💡 Hint
Refer to the key moment about subnet mode and step 1 in the execution table.
Concept Snapshot
Custom VPC creation in GCP:
- Use 'gcloud compute networks create NAME --subnet-mode=custom' to create empty VPC
- Add subnets with 'gcloud compute networks subnets create' specifying region and IP range
- Set firewall rules to allow traffic as needed
- Custom VPC gives control over subnet IP ranges and network policies
Full Transcript
To create a custom VPC in Google Cloud, first run the command to create a VPC network with subnet mode set to custom. This prevents automatic subnet creation. Next, create subnets inside this VPC by specifying the region and IP address range. Then, add firewall rules to allow internal traffic between instances. The execution table shows each step with commands and results. Variables track the state of the VPC, subnets, and firewall rules as they are created. Key moments clarify why subnet mode custom is important and the role of firewall rules. The visual quiz tests understanding of subnet IP ranges, firewall creation step, and subnet mode effects. The snapshot summarizes the commands and purpose of each step.

Practice

(1/5)
1. What is the main advantage of creating a Custom VPC in Google Cloud Platform?
easy
A. You can define your own IP address ranges and subnets.
B. It automatically creates default firewall rules.
C. It provides free internet access without configuration.
D. It disables all network traffic by default.

Solution

  1. Step 1: Understand Custom VPC purpose

    A Custom VPC allows you to design your network with your own IP ranges and subnets, unlike default VPCs which have preset ranges.

  2. Step 2: Eliminate wrong options

    Custom VPC does not disable traffic, default firewall rules exist regardless, free internet requires configuration.

  3. Final Answer:

    You can define your own IP address ranges and subnets. -> Option A

  4. Quick Check:

    Custom VPC = Custom IP ranges [OK]
Hint: Custom VPC means you pick your IP ranges [OK]
Common Mistakes:
  • Confusing default VPC with custom VPC
  • Thinking firewall rules are auto-created
  • Assuming internet access is automatic
2. Which gcloud command correctly creates a custom VPC named my-vpc with no automatic subnet creation?
easy
A. gcloud compute networks create my-vpc --subnet-mode=auto
B. gcloud compute networks create my-vpc --auto-create-subnetworks
C. gcloud compute networks create my-vpc --no-subnet-mode
D. gcloud compute networks create my-vpc --subnet-mode=custom

Solution

  1. Step 1: Identify subnet mode for custom VPC

    Custom VPC requires the flag --subnet-mode=custom to avoid automatic subnet creation.

  2. Step 2: Evaluate options

    --subnet-mode=auto creates automatic subnets. --auto-create-subnetworks uses invalid syntax. --no-subnet-mode does not exist.

  3. Final Answer:

    gcloud compute networks create my-vpc --subnet-mode=custom -> Option D

  4. Quick Check:

    Custom VPC uses --subnet-mode=custom [OK]
Hint: Use --subnet-mode=custom to create custom VPC [OK]
Common Mistakes:
  • Using --subnet-mode=auto instead of custom
  • Using invalid flags like --no-subnet-mode
  • Assuming subnets are created automatically
3. Given this command:
gcloud compute networks subnets create subnet-1 --network=my-vpc --region=us-central1 --range=10.0.1.0/24

What is the CIDR range assigned to subnet-1?
medium
A. 10.0.0.0/16
B. 192.168.1.0/24
C. 10.0.1.0/24
D. 10.1.0.0/24

Solution

  1. Step 1: Read the subnet creation command

    The command specifies --range=10.0.1.0/24 which sets the IP range for the subnet.

  2. Step 2: Match the CIDR range

    10.0.1.0/24 matches the exact CIDR range given in the command.

  3. Final Answer:

    10.0.1.0/24 -> Option C

  4. Quick Check:

    Subnet range = 10.0.1.0/24 [OK]
Hint: Look for --range flag for subnet CIDR [OK]
Common Mistakes:
  • Confusing VPC range with subnet range
  • Picking wrong CIDR block from options
  • Ignoring the --range parameter
4. You ran this command to create a subnet:
gcloud compute networks subnets create subnet-2 --network=my-vpc --region=us-east1 --range=10.0.1.0/24

But you get an error saying the IP range overlaps with an existing subnet. What is the likely cause?
medium
A. The subnet range 10.0.1.0/24 overlaps with another subnet in the same VPC.
B. The region us-east1 is invalid for subnet creation.
C. The network my-vpc does not exist.
D. The command is missing the --subnet-mode flag.

Solution

  1. Step 1: Understand the error message

    The error about overlapping IP range means the subnet's CIDR block conflicts with an existing subnet in the same VPC.

  2. Step 2: Check other options

    Region and network existence errors produce different messages; --subnet-mode is for network creation, not subnet.

  3. Final Answer:

    The subnet range 10.0.1.0/24 overlaps with another subnet in the same VPC. -> Option A

  4. Quick Check:

    Overlapping CIDR causes subnet creation error [OK]
Hint: Check subnet CIDR overlaps before creating [OK]
Common Mistakes:
  • Assuming region is invalid without checking
  • Confusing network creation flags with subnet flags
  • Ignoring existing subnet CIDR ranges
5. You want to create a custom VPC named prod-vpc with two subnets:
- subnet-a in us-west1 with range 10.10.1.0/24
- subnet-b in us-east1 with range 10.10.2.0/24
Which sequence of gcloud commands correctly creates this setup?
hard
A. 1) gcloud compute networks create prod-vpc --subnet-mode=auto 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24
B. 1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24
C. 1) gcloud compute networks create prod-vpc 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24
D. 1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.2.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.1.0/24

Solution

  1. Step 1: Create the VPC with custom subnet mode

    The VPC must be created with --subnet-mode=custom to allow manual subnet creation.

  2. Step 2: Create subnets with correct regions and CIDR ranges

    Subnets must be created with specified regions and matching CIDR ranges as per requirements.

  3. Step 3: Verify order and correctness

    1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24 correctly creates the VPC first, then subnets with correct ranges and regions. 1) gcloud compute networks create prod-vpc --subnet-mode=auto 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24 uses auto subnet mode which auto-creates subnets, conflicting with manual subnet creation. 1) gcloud compute networks create prod-vpc 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24 misses subnet mode flag. 1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.2.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.1.0/24 swaps CIDR ranges between subnets.

  4. Final Answer:

    Correct sequence with custom subnet mode and matching subnet ranges -> Option B

  5. Quick Check:

    Custom VPC + correct subnet ranges = 1) gcloud compute networks create prod-vpc --subnet-mode=custom 2) gcloud compute networks subnets create subnet-a --network=prod-vpc --region=us-west1 --range=10.10.1.0/24 3) gcloud compute networks subnets create subnet-b --network=prod-vpc --region=us-east1 --range=10.10.2.0/24 [OK]
Hint: Create VPC with --subnet-mode=custom before adding subnets [OK]
Common Mistakes:
  • Using auto subnet mode when manual subnets needed
  • Swapping subnet CIDR ranges by mistake
  • Omitting --subnet-mode flag on VPC creation