Part-58: Google Cloud VPC – Internal and External Static IP Addresses - Demo

In Google Cloud, you can assign both External (Public) and Internal (Private) static IP addresses to VM instances. Unlike ephemeral IPs that change when the resource restarts, static IPs remain fixed until you release them.

In this demo, we will:

✅ Reserve External and Internal static IPs
✅ Create a VM with both IPs
✅ Create a firewall rule to allow HTTP (port 80)
✅ Access the application using the static IP
✅ Clean up the resources

---

🔹 Step-01: Introduction

We will perform the following tasks:

1. Create an External Static IP
2. Create an Internal Static IP
3. Create a VM Instance with both IPs
4. Create a Firewall Rule to allow HTTP (port 80)
5. Verify the application in the browser
6. Delete VM, firewall rule, and static IPs

---

🔹 Step-02: Create External and Internal Static IP Address

Reserve External Static IP

• Navigate to: VPC Networks → IP Addresses → RESERVE STATIC ADDRESS
• Name: myexternalip1
• Description: My External IP created for a VM
• Leave the rest as defaults
• Click RESERVE

Reserve Internal Static IP

• Navigate to: VPC Networks → IP Addresses → RESERVE STATIC ADDRESS
• Name: myinternalip1
• Description: My Internal IP created for a VM
• IP Version: IPv4
• Network: vpc2-custom
• Subnetwork: mysubnet1
• Static IP Address: Assign Automatically
• Purpose: Non-shared
• Click RESERVE

---

🔹 Step-03: Create VM Instance with External and Internal Static IP

# Create VM with both External and Internal Static IPs
gcloud compute instances create myvm7-static-ips \
    --zone=us-central1-a \
    --machine-type=e2-micro \
    --network-interface=subnet=mysubnet1,address=34.41.67.198,private-network-ip=10.1.0.5 \
    --metadata-from-file=startup-script=nginx-webserver.sh

# Verify VM
gcloud compute instances list

✅ Confirm that the VM shows both the reserved External IP and Internal IP.

---

🔹 Step-04: Create Firewall Rule to Allow Port 80

gcloud compute firewall-rules create fw-ingress-80-allinstances \
    --description="Allow inbound port 80 for all instances in a network" \
    --direction=INGRESS \
    --priority=1000 \
    --network=vpc2-custom \
    --action=ALLOW \
    --rules=tcp:80 \
    --source-ranges=0.0.0.0/0

---

🔹 Step-05: Verify Application

Open your browser and go to:

http://<EXTERNAL-IP>

(replace with your reserved static external IP, e.g., 34.41.67.198)

You should see the nginx web page deployed from the startup script.

---

🔹 Step-06: Cleanup – Delete VM, Firewall Rule, and IPs

# Delete VM
gcloud compute instances delete myvm7-static-ips --zone=us-central1-a --delete-disks=all

# Delete firewall rule
gcloud compute firewall-rules delete fw-ingress-80-allinstances

# Release External and Internal Static IPs
Go to: VPC Network → IP Addresses → Select both → RELEASE STATIC ADDRESS

---

✅ Summary

• Static IPs (External & Internal) remain fixed until released.
• External Static IP → Provides internet access (public).
• Internal Static IP → Used for communication within a VPC or peered networks.
• Useful for stable connections, DNS mapping, and consistent networking.

By using static IPs, you ensure that applications and services remain accessible without disruption even if a VM restarts. 🚀