GCP
Overview
A range of options are available for deploying Connectors on Google Cloud Platform depending on your particular environment and needs.
Compute Engine deployment
- Deploying Connectors as a
systemdservice on a supported Linux distribution such as Ubuntu 20.04 - Deploying Connectors via Docker on a container-optimized Compute Engine VM
These approaches are documented below.
Google Kubernetes Engine (GKE) deployment
Connectors can also be deployed on a GKE cluster using the official Twingate Helm chart. If you intend use Twingate for K8s, you may also want to look at our Kubernetes Best Practices Guide.
Deployment automation options
Deployment automation is available using the Twingate Terraform Provider or the Twingate API.
Please see our Connector Best Practices overview for general recommendations as well as hardware recommendations for GCP.
Access and refresh tokens, which are required for Connector deployment, are specific to an individual Connector and cannot be shared between multiple Connectors.
Compute Engine VM (systemd service)
Part 1: Create a Connector in Twingate
Create a new Connector in the Twingate Admin console and choose the “Linux” deployment option. You will add the generated script, which contains all the necessary configuration parameters, as a startup script when configuring the new VM on GCP.
Part 2: Deploy a new VM on GCP
Unless noted otherwise in the steps below, the default settings can be kept.
From the Cloud Console, select Compute Engine → VM Instances → Create Instance.
Select ”New VM instance“.
Set the following configuration options for the VM:
- Name: We recommend matching this to the Connector name to be able to identify it later on.
- Machine configuration, Machine family: We recommend the
e2-smallmachine type. - Boot disk: We recommend Ubuntu 20.04 LTS, but we support several Linux distributions.
Select “Management, security, disks, networking, sole tenancy” to expand the configuration section before continuing.
- Under Automation, paste the script generated during the Connector deployment flow for “Linux” in the Twingate Admin console into Startup script.
Select the Networking tab, and select the existing Network interface to modify its settings:
- Network and Subnetwork: Choose the network and subnetwork where you’d like to deploy the Connector. The Connector must be able to reach any Resource that you configure from this network.
- External IP: Select “None” as no external IP address is required.
Finalize the deployment by clicking Create.
After the VM has booted, you will see the Connector connection status change to “connected” in the Connector detailed view in the Admin console.
Compute Engine VM (Docker container)
Part 1: Create a Connector in Twingate
Create a new Connector in the Twingate Admin console and choose the “Docker” deployment option. A deployment command will be generated, and you will use the configuration parameters in this commend to configure the container VM.
Part 2: Deploy a new VM on GCP
Unless noted otherwise in the steps below, the default settings can be kept.
From the Cloud Console, select Compute Engine → VM Instances → Create Instance.
Select ”New VM instance“.
Set the following configuration options for the VM:
- Name: We recommend matching this to the Connector name to be able to identify it later on.
- Machine configuration, Machine family: We recommend the
e2-smallmachine type. - Under Container check “Deploy a container image to this VM instance.”
- Container image:
twingate/connector:1
Expand “Advanced container options”
- Add the following Environment variables, replacing the values on the right with the values from the Docker deployment command you generated in Part 1.
- (Optional) You may wish to enable real-time connection logs or set custom metadata by setting the appropriate environment variables.
For the environment variable values, ensure that you omit the enclosing quotes from the Connector deployment command.
Name Value notes TENANT_URL < pasted from the Connector deployment command > eg. https://autoco.twingate.com ACCESS_TOKEN < pasted from the Connector deployment command > REFRESH_TOKEN < pasted from the Connector deployment command > Select “Management, security, disks, networking, sole tenancy” to expand the configuration section before continuing.
Select the Networking tab, and select the existing Network interface to modify its settings:
- Network and Subnetwork: Choose the network and subnetwork where you’d like to deploy the Connector. The Connector must be able to reach any Resource that you configure from this network.
- External IP: Select “None” as no external IP address is required.
Finalize the deployment by clicking Create.
After the VM has booted, you will see the Connector connection status change to “connected” in the Connector’s details view in the Admin console.
Last updated 3 minutes ago