This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
This site is in read only until July 22 as we migrate to a new platform; refer to this community post for more details.
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Help understanding Shared VPC, Private Service Access and Vertex AI Notebook

Posted on 05-05-2023 07:58 AM
dgnemo
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

Would anyone be able to explain me more about the networking configuration when dealing with:
Shared VPC, Private Service Access and Vertex AI Notebook ?

Vertex AI Managed Notebook allow you to select a Shared Network (see pic below)
and the tooltip seems to say that the notebook will receive an IP from the selected subnet.

 Screenshot 2023-05-04 at 11.50.21 PM.png
Still when I try the configuration above, and execute `ifconfig` in the terminal inside the Vertex AI notebook, I never see an IP in that range.

Am I doing something wrong? Am I misunderstanding something?

Thanks!!

1 4 3,692
Reply
4 REPLIES 4

Posted on --/--/---- --:-- AM
jcskalant
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hey @dgnemo 

If you are using a Managed notebook, one of the IPs you see in the terminal should be from the 
service producer network. This is a Google-managed project where your notebook/GCE is provisioned. This diagram is a good reference.

From that article: "... A resource in the service producer network is similar to other resources in your VPC network. For example, it's reachable through internal IP addresses by other resources in your VPC network. You can also create firewall rules in your VPC network to control access to the service producer's network..."

Your SharedVPC should have a VPC network peering connection to the producer project. This connection includes a destination CIDR range with routes for the resources to communicate. 

0 Likes
Reply

Posted on --/--/---- --:-- AM
dgnemo
Bronze 1
Bronze 1
In response to jcskalant
Reply posted on --/--/---- --:-- AM

Thanks @jcskalant !

When I execute ifconfig in the managed notebook I indeed see an IP from the IP Range I reserved for the peering with the Google Managed Network.

Do you know if I should also see an IP from one of the VPC subnets ranges?

In the screenshot above, Google asks to select a specific subnet and the tooltip says:
"Assign the notebook an IP address from the subnetwork range."

Do you know how this should work? or why you HAVE to select a subnetwork when creating a managed notebook?

Thanks a lot!

0 Likes
Reply

Posted on --/--/---- --:-- AM
ambeshsingh
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi @dgnemo I am also stuck in similar issue where my managed notebook does not have public Ip and i need to install some packages(like langchain) from the internet. Were you able to solve your issue? any idea how can i let my managed notebook communicate to internet?

Reply

Posted on --/--/---- --:-- AM
dgnemo
Bronze 1
Bronze 1
In response to ambeshsingh
Reply posted on --/--/---- --:-- AM

sorry, I could not find a solution, despite multiple support tickets 😞

Reply
Top Labels in this Space
Top Solution Authors
View all