Simplify the docs

I've now added a Cloud Router and Cloud NAT to the private cluster terraform config, so many of the components that need to be in place to set this up for a private cluster will already have been deployed.
2i2c-org · Aug 3, 2021 · 140652c · 140652c
1 parent 645e7c2
commit 140652c
Showing 1 changed file with 10 additions and 60 deletions.
diff --git a/docs/howto/operate/manual-nfs-setup.md b/docs/howto/operate/manual-nfs-setup.md
@@ -10,12 +10,12 @@ Using `gcloud`, the command is:
 
 ```bash
 gcloud compute instances create nfs-server-01 \
---image=ubuntu-2004-focal-v20210720 \
---image-project=ubuntu-os-cloud \
---machine-type=g1-small \
---boot-disk-device-name=nfs-server-01 \
---boot-disk-size=100GB \
---boot-disk-type=pd-standard
+  --image=ubuntu-2004-focal-v20210720 \
+  --image-project=ubuntu-os-cloud \
+  --machine-type=g1-small \
+  --boot-disk-device-name=nfs-server-01 \
+  --boot-disk-size=100GB \
+  --boot-disk-type=pd-standard
 ```
 
 ````{note}
@@ -34,51 +34,11 @@ gcloud computer images describe IMAGE_NAME --project=IMAGE_PROJECT
 ```
 ````
 
-### Deploying a host VM with no External IP
-
-If you are working in a project that restricts the use of external IPs, there are a few extra steps to consider.
-While the NFS server does not require an external IP address to do it's job, internet access is required to install the appropriate packages in the next section.
-Therefore, we will temporarily deploy a [Cloud NAT](https://cloud.google.com/nat/docs) to grant internet access to our VM.
-
 ```{note}
-Tutorials on this will mention setting up a firewall rule to allow SSH connections.
-However, if you're in the situation of being restricted on external IPs, you likely deployed the cluster with the `enable_private_cluster` variable set to `true` which means there is already a firewall rule allowing SSH connections in place.
+If deploying a NFS server for a **private** cluster, add the `--no-address` flag to the `gcloud compute instances create` command.
+This will prevent the VM trying to claim an external IP address, which will not be allowed within the private configuration.
 ```
 
-1. Create a Cloud Router instance for your region.
-   We will assume `us-central1`.
-
-   ```bash
-   gcloud compute routers create nat-router-us-central1 \
-     --network default \
-     --region us-central1
-   ```
-
-2. Configure the routers for Cloud NAT
-
-   ```bash
-   gcloud compute routers nats create nat-config \
-     --router-region us-central1 \
-     --router nat-router-us-central1 \
-     --nat-all-subnet-ip-ranges \
-     --auto-allocate-nat-external-ips
-   ```
-
-3. Test your VM has access to the internet.
-   SSH into it:
-
-   ```bash
-   gcloud compute ssh nfs-server-01 --tunnel-through-iap
-   ```
-
-   Use the `curl` command to make an outbound request:
-
-   ```bash
-   curl example.com
-   ```
-
-   This should print some raw html to your console.
-
 ## Setting up the NFS Server
 
 Once your VM has been deployed, SSH into it so we can configure the NFS server.
@@ -88,7 +48,8 @@ gcloud compute ssh nfs-server-01
 ```
 
 ```{note}
-Don't forget to add the `--tunnel-through-iap` flag if you deployed the VM **without** an external IP!
+If the cluster you are setting up the NFS for is **private**, you will need to add the `--tunnel-through-iap` flag to the above command.
+This is because the VM will not have an external IP address and will therefore need to be routed differently.
 ```
 
 1. Install the dependencies
@@ -126,14 +87,3 @@ Don't forget to add the `--tunnel-through-iap` flag if you deployed the VM **wit
    ```bash
    sudo exportfs
    ```
-
-### Deleting the Cloud NAT resources
-
-Once the NFS server is configured, the Cloud NAT resources can be deleted.
-
-```bash
-gcloud compute routers nats delete nat-config \
-  --router nat-router-us-central1
-
-gcloud compute routers delete nat-router-us-central1
-```