This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Cannot Access Filestore from Service Project in Shared VPC

Posted on 01-27-2025 04:45 PM
atancoder
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM
I’m facing an issue with a Shared VPC setup on Google Cloud:

Setup:
- Shared VPC with a host project and a service project.
- Filestore instance is in the host project, created with Private Service Access.
- All subnets in the host project are shared with the service project.

Problem:
Nodes in the service project cannot access the Filestore. Routes from the service project to the Filestore are missing.

On the service project pod, `nc -zv 10.108.193.26 2049` hangs, while on a host project pod, it connects. `10.108.193.26` is the ipv4 of the filestore. On the service project pod, I'm able to ping pods in the host project, so I know the shared VPC is setup correctly, but perhaps it's due to the peering aspect of things (from Private Service Access)?

What I’ve Tried:
1. Granted roles/compute.networkUser on the shared subnet in the host project to service project accounts.
2. Created a filestore in the service project, but in the shared VPC. Same issue in that the service project nodes don't have access, but the host project does

I'm not sure if I'm missing a step or is this setup not designed to work? I saw a similar post saying it should work: https://www.googlecloudcommunity.com/gc/Infrastructure-Compute-Storage/Accessing-Filestore-in-host-p...
0 1 111
Topic Labels
0 Likes
1 REPLY 1
Top Labels in this Space
Top Solution Authors
View all