This week you will take control of the networking and network security of your devbox. In a way, this week’s activities are out of order. If you were going to setup a new application you would probably create the network first, then create instances. After we create a new VPC this week we’ll move our existing instance over to use it. Using a non-default VPC gives us more control over how we want to network applications. Also this week we’ll learn how to use common Linux commands to examine the state of the network, including finding the IP address and active connections to an instance.


Plan IP Address Ranges#

Plan an IP address range. You should have one subnet in each of the free tier regions:

  • Oregon: us-west1

  • Iowa: us-central1

  • South Carolina: us-east1

You can use IPv6 if you like but you don’t have to.

Create Firewall Rules#

The Firewall on your new VPC should enable the Internet to connect to your devbox using two protocols:

  • SSH (TCP/22)

  • HTTP (TCP/80)

Verify that you can SSH into your VM after moving it to the new VPC. After that verify that you can connect to its external IP address using your browser.

Project Documentation#

To meet the project requirements for this week you have to accomplish the following tasks:

  1. Create a non-default VPC with custom subnets

  2. Create firewall rules for the new VPC

  3. Move your devbox to the new VPC

Document your progress with the following required items:

  1. The IP address ranges you used (IPv4 is required, IPv6 is optional)

  2. The firewall rules you applied. The list of rules must contain:

    1. The name of the rule

    2. Type

    3. Target

    4. Filters

    5. Protocols / ports

    6. Action

  3. Document the steps you used to create the VPC, subnets and firewall rules. You only have to document one of the subnets and firewall rules since you will repeat the process multiple times.

  4. A screenshot of your VM configuration