保留靜態外部 IP 位址

您可以保留靜態外部 IP 位址。您也可以列出並釋出已保留的靜態外部 IP 位址。如要將靜態外部 IP 位址指派給虛擬機器 (VM) 執行個體,請參閱「設定靜態外部 IP 位址」。

外部 IP 位址可以是靜態或臨時。如果 VM 需要不變的固定外部 IP 位址,您可以取得靜態外部 IP 位址。您可以保留新的外部 IP 位址,也可以將現有的臨時外部 IP 位址提升為靜態外部 IP 位址。

如果您需要靜態內部 IP 位址,請改為參閱「保留靜態內部 IP 位址」相關說明。

事前準備

  • 請參閱IP 位址相關說明。
  • 請參閱靜態外部 IP 位址的配額和限制
  • 如果尚未設定,請先設定驗證機制。「驗證」是指驗證身分,以便存取 Trusted Cloud by S3NS 服務和 API 的程序。如要在本機開發環境中執行程式碼或範例,您可以按照下列步驟進行驗證。

    Select the tab for how you plan to use the samples on this page:

    Console

    When you use the Trusted Cloud console to access Trusted Cloud by S3NS services and APIs, you don't need to set up authentication.

    gcloud

    After installing the Google Cloud CLI, sign in to the gcloud CLI with your federated identity and then initialize it by running the following command: 

    gcloud init

    Terraform

    如要在本機開發環境中使用本頁面的 Terraform 範例,請先安裝並初始化 gcloud CLI,然後使用您的使用者憑證設定應用程式預設憑證。

    1. Install the Google Cloud CLI.

    2. Configure the gcloud CLI to use your federated identity.

      For more information, see Sign in to the gcloud CLI with your federated identity.

    3. To initialize the gcloud CLI, run the following command: 

      gcloud init

    4. Create local authentication credentials for your user account: 

      gcloud auth application-default login

      If an authentication error is returned, and you are using an external identity provider (IdP), confirm that you have signed in to the gcloud CLI with your federated identity.

      5. 詳情請參閱 Trusted Cloud 驗證說明文件中的「 為本機開發環境設定 ADC」。

    REST

    如要在本機開發環境中使用本頁的 REST API 範例,請使用您提供給 gcloud CLI 的憑證。

      After installing the Google Cloud CLI, sign in to the gcloud CLI with your federated identity and then initialize it by running the following command: 

      gcloud init

    詳情請參閱 Trusted Cloud 驗證說明文件中的「驗證 REST 使用權」。

必要的角色

如要取得保留及管理靜態 IP 位址所需的權限,請要求管理員為您授予專案的 Compute Network Admin (roles/compute.networkAdmin) IAM 角色。如要進一步瞭解如何授予角色,請參閱「管理專案、資料夾和機構的存取權」。

這個預先定義的角色具備保留及管理靜態 IP 位址所需的權限。如要查看確切的必要權限,請展開「必要權限」部分:

所需權限

如要保留及管理靜態 IP 位址,您必須具備下列權限:

  • compute.addresses.create IP 位址
  • compute.addresses.createInternal IP 位址
  • compute.networks.list 網路上
  • compute.subnetworks.use 子網路
  • compute.subnetworks.list 子網路

您或許還可透過自訂角色或其他預先定義的角色取得這些權限。

關於靜態外部 IP 位址

靜態外部 IP 位址是保留給資源的 IP 位址,在您決定釋出位址之前,皆會予以保留。如果您有客戶或使用者用來存取服務的 IP 位址,可以預留該 IP 位址,讓只有您的資源可以使用。您也可以將臨時外部 IP 位址推送至靜態外部 IP 位址。

詳情請參閱「IP 位址」。

下表列出Trusted Cloud支援的靜態外部 IP 位址。

IP 位址類型 資源 IP 範圍 來源 關聯資源數
區域性外部 IPv4 位址 VM 和區域性負載平衡器 /32 Google 的外部 IP 位址集區 專案
區域性外部 IPv6 位址 VM 和支援的區域性負載平衡器 /96 子網路的外部 IPv6 位址範圍 子網路
全球外部 IPv4 位址 全域負載平衡器 /32 Google 的外部 IP 位址集區 專案
全球外部 IPv6 位址 全域負載平衡器 /64 Google 的外部 IP 位址集區 專案

如需區域和全域負載平衡器清單,請參閱「負載平衡器類型的摘要」。

指派的外部 IP 位址與 VM 位於相同的實體主機,且與 VM 位於相同的區域,因此可用於所有用途,包括路由和延遲。無論網路地理位置查詢資訊為何,都適用這項規定。

限制

  • 一次只有一個資源可使用靜態外部 IP 位址。

  • 無法檢查分配給資源後的 IP 位址是靜態還是臨時位址。您可以將 IP 位址與保留給該專案的靜態外部 IP 位址清單進行比較。如要查看專案可用的靜態外部 IP 位址清單,請使用 gcloud compute addresses list 子指令

  • 每個 VM 可擁有多個網路介面,且每個介面可根據堆疊類型指派下列 IP 位址:

    • 僅限 IPv4 介面:
      • 內部 IPv4 位址 (必要)
      • 外部 IPv4 位址 (選填)
    • 雙堆疊 (IPv4 和 IPv6) 介面:
      • 內部 IPv4 位址 (必要)
      • 外部 IPv4 位址 (選用)
      • /96 IPv6 位址範圍 (內部或外部,但不能同時為內部和外部) (必要)
    • 僅限 IPv6 介面 (預先發布版):
      • /96 IPv6 位址範圍 (內部或外部,但不能同時為內部和外部) (必要)

  • 您無法取消指派或變更僅限 IPv6 網路介面的 VM 外部 IPv6 位址。不過,您可以將資源的臨時外部 IP 位址升級為靜態外部 IP 位址,這樣即使資源遭到刪除,您仍可保留該位址。

  • 您無法變更靜態 IP 位址的名稱。

附註:網路介面可接收來自多個轉送規則的流量,這些規則可能適用於其他外部 IP 位址。數量不限的外部 IP 位址可透過這些轉送規則參照網路介面,但每個網路介面只能指派一組外部 IPv4 位址和一組外部 /96 IPv6 位址範圍。

如要進一步瞭解負載平衡和轉送規則,請參閱負載平衡文件。

保留新的靜態外部 IP 位址

在保留位址後,您可在建立新 VM 時指派位址,或是指派給現有 VM

主控台

  1. 在 Trusted Cloud 控制台中,前往「IP addresses」(IP 位址) 頁面。

    前往「IP addresses」(IP 位址) 頁面

  2. 按一下「保留外部靜態 IP 位址」
  3. 在「名稱」欄位中輸入 IP 位址名稱。
  4. 指定網路服務級別是「Premium」(進階級) 或「Standard」(標準級)。只有進階級支援 IPv6 靜態位址預留功能。
  5. 指定為 IPv4IPv6 位址。
  6. 指定此 IP 位址是地區還是全球
    • 如果您是為全域負載平衡器保留靜態 IP 位址,請選擇「Global」,然後按一下「Reserve」
    • 如果您要為 VM 或區域負載平衡器保留靜態 IP 位址,請選擇「Regional」,然後選取要在其中建立位址的地區。

  7. 如果您要預留區域性外部 IPv6 位址,請一併選擇下列項目:

    • Network:虛擬私有雲網路
    • 子網路:要指派靜態區域性 IPv6 位址的子網路
    • 端點類型:選擇「VM 執行個體」或「Network Load Balancer」

  8. 選用:如果您要為 VM 保留靜態外部 IP 位址,請在「Attached to」清單中選取要附加 IP 位址的 VM。

  9. 按一下「保留」,即可預留 IP 位址。

gcloud

如要保留靜態外部 IP 位址,請使用 gcloud compute addresses create 指令

請按照下列操作說明,預留靜態外部 IPv4 或 IPv6 位址:

全球 IP 位址

如要保留全球 IP 位址:
  gcloud compute addresses create ADDRESS_NAME \
      --global \
      --ip-version=IP_VERSION

區域外部 IPv4 位址

如要預約地區外部 IPv4 位址,請按照下列步驟操作:
   gcloud compute addresses create ADDRESS_NAME \
       --region=REGION

區域性外部 IPv6 位址

如要預約地區外部 IPv6 位址,請按照下列步驟操作:
   gcloud compute addresses create ADDRESS_NAME \
       --region=REGION \
       --subnet=SUBNET_NAME \
       --ip-version=IPV6 \
       --endpoint-type=ENDPOINT_TYPE

更改下列內容:

  • ADDRESS_NAME:您要與此地址建立關聯的名稱。
  • REGION:如果是區域外部 IP 位址,請指定 IP 位址的區域。
  • SUBNET_NAME:針對區域性外部 IPv6 位址,請指定要指派靜態區域性 IPv6 位址的子網路。子網路必須有指派的外部 IPv6 位址範圍
  • IP_VERSION:針對全球 IP 位址,請指定 IP 版本 (IPv4IPv6)。
  • ENDPOINT_TYPE:針對區域外部 IPv6 位址,請指定端點類型 (VMNETLB)。

如要查看結果,請使用 gcloud compute addresses describe 指令

gcloud compute addresses describe ADDRESS_NAME

Terraform

您可以使用 google_compute_address 資源建立區域外部 IP 位址。

resource "google_compute_address" "default" {
  name   = "my-test-static-ip-address"
  region = "us-central1"
}

以下範例說明如何使用 google_compute_global_address 資源建立全球外部 IPv6 位址:

resource "google_compute_global_address" "default" {
  project      = var.project_id # Replace this with your service project ID in quotes
  name         = "ipv6-address"
  address_type = "EXTERNAL"
  ip_version   = "IPV6"
}

API

  • 如要建立地區 IPv4 位址,請呼叫地區 addresses.insert 方法

    POST https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/regions/REGION/addresses

    要求內容應包含以下程式碼:

    {
  "name": "ADDRESS_NAME"
}

    更改下列內容:

    • PROJECT_ID:這項要求的專案 ID
    • REGION:這項要求的區域名稱
    • ADDRESS_NAME:您要與地址建立關聯的名稱

  • 針對全域靜態 IPv4 位址,請呼叫 globalAddresses.insert 方法

    POST https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/global/addresses

    要求內容應包含以下程式碼:

    {
  "name": "ADDRESS_NAME"
}

  • 針對全域靜態 IPv6 位址,請呼叫 globalAddresses.insert 方法

    POST https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/global/addresses

    要求內容應包含以下程式碼:

    {
  "name": "ADDRESS_NAME",
  "ipVersion": "IPV6"
}

    如要查看結果,請使用 addresses.get 方法

  • 針對區域靜態 IPv6 位址,請呼叫 addresses.insert 方法

    POST https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/regions/REGION/addresses

    要求內容應包含以下程式碼:

    {
  "name": "ADDRESS_NAME",
  "ipVersion": "IPV6",
  "ipv6EndpointType": "VM|LB",
  "networkTier": "PREMIUM",
  "subnetwork": "SUBNET"
}

    SUBNET 替換為這個專案的子網路。

    如要查看結果,請使用 addresses.get 方法

Go

import (
	"context"
	"fmt"
	"io"

	compute "cloud.google.com/go/compute/apiv1"
	"cloud.google.com/go/compute/apiv1/computepb"
)

// reserveNewRegionalExternal reserves a new regional external IP address in Google Cloud Platform.
func reserveNewRegionalExternal(w io.Writer, projectID, region, addressName string, isPremium bool) (*computepb.Address, error) {
	// projectID := "your_project_id"
	// region := "europe-central2"
	// addressName := "your_address_name"
	// isPremium := true
	ctx := context.Background()

	networkTier := computepb.AccessConfig_STANDARD.String()
	if isPremium {
		networkTier = computepb.AccessConfig_PREMIUM.String()
	}

	address := &computepb.Address{
		Name:        &addressName,
		NetworkTier: &networkTier,
	}

	client, err := compute.NewAddressesRESTClient(ctx)
	if err != nil {
		return nil, fmt.Errorf("NewAddressesRESTClient: %w", err)
	}
	defer client.Close()

	req := &computepb.InsertAddressRequest{
		Project:         projectID,
		Region:          region,
		AddressResource: address,
	}

	op, err := client.Insert(ctx, req)
	if err != nil {
		return nil, fmt.Errorf("unable to reserve regional address: %w", err)
	}

	err = op.Wait(ctx)
	if err != nil {
		return nil, fmt.Errorf("waiting for the regional address reservation operation to complete: %w", err)
	}

	addressResult, err := client.Get(ctx, &computepb.GetAddressRequest{
		Project: projectID,
		Region:  region,
		Address: addressName,
	})
	if err != nil {
		return nil, fmt.Errorf("unable to get reserved regional address: %w", err)
	}

	fmt.Fprintf(w, "Regional address %v reserved: %v", addressName, addressResult.GetAddress())

	return addressResult, err
}

// reserveNewGlobalExternal reserves a new global external IP address in Google Cloud Platform.
func reserveNewGlobalExternal(w io.Writer, projectID, addressName string, isV6 bool) (*computepb.Address, error) {
	// projectID := "your_project_id"
	// addressName := "your_address_name"
	// isV6 := false
	ctx := context.Background()
	ipVersion := computepb.Address_IPV4.String()
	if isV6 {
		ipVersion = computepb.Address_IPV6.String()
	}

	address := &computepb.Address{
		Name:      &addressName,
		IpVersion: &ipVersion,
	}

	client, err := compute.NewGlobalAddressesRESTClient(ctx)
	if err != nil {
		return nil, fmt.Errorf("NewGlobalAddressesRESTClient: %w", err)
	}
	defer client.Close()

	req := &computepb.InsertGlobalAddressRequest{
		Project:         projectID,
		AddressResource: address,
	}

	op, err := client.Insert(ctx, req)
	if err != nil {
		return nil, fmt.Errorf("unable to reserve global address: %w", err)
	}

	err = op.Wait(ctx)
	if err != nil {
		return nil, fmt.Errorf("waiting for the global address reservation operation to complete: %w", err)
	}

	addressResult, err := client.Get(ctx, &computepb.GetGlobalAddressRequest{
		Project: projectID,
		Address: addressName,
	})
	if err != nil {
		return nil, fmt.Errorf("unable to get reserved global address: %w", err)
	}

	fmt.Fprintf(w, "Global address %v reserved: %v", addressName, addressResult.GetAddress())

	return addressResult, nil
}

Java


import com.google.cloud.compute.v1.Address;
import com.google.cloud.compute.v1.Address.AddressType;
import com.google.cloud.compute.v1.Address.IpVersion;
import com.google.cloud.compute.v1.Address.NetworkTier;
import com.google.cloud.compute.v1.AddressesClient;
import com.google.cloud.compute.v1.GlobalAddressesClient;
import com.google.cloud.compute.v1.InsertAddressRequest;
import com.google.cloud.compute.v1.InsertGlobalAddressRequest;
import com.google.common.collect.Lists;
import java.io.IOException;
import java.util.List;
import java.util.UUID;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;

public class ReserveNewExternalAddress {

  public static void main(String[] args)
          throws IOException, ExecutionException, InterruptedException, TimeoutException {
    // TODO(developer): Replace these variables before running the sample.
    // Project ID or project number of the Google Cloud project you want to use.
    String projectId = "your-project-id";
    // Address name you want to use.
    String addressName = "your-address-name";
    // 'IPV4' or 'IPV6' depending on the IP version. IPV6 if True.
    boolean ipV6 = false;
    // 'STANDARD' or 'PREMIUM' network tier. Standard option available only in regional ip.
    boolean isPremium = false;
    // region (Optional[str]): The region to reserve the IP address in, if regional.
    // Must be None if global.
    String region = null;

    reserveNewExternalIpAddress(projectId, addressName, ipV6, isPremium, region);
  }

  // Reserves a new external IP address in the specified project and region.
  public static List<Address> reserveNewExternalIpAddress(String projectId, String addressName,
                                                          boolean ipV6, boolean isPremium,
                                                          String region)
          throws IOException, ExecutionException, InterruptedException, TimeoutException {

    String ipVersion = ipV6 ? IpVersion.IPV6.name() : IpVersion.IPV4.name();
    String networkTier = !isPremium && region != null
            ? NetworkTier.STANDARD.name() : NetworkTier.PREMIUM.name();

    Address.Builder address = Address.newBuilder()
            .setName(addressName)
            .setAddressType(AddressType.EXTERNAL.name())
            .setNetworkTier(networkTier);

    // Use global client if no region is specified
    if (region == null) {
      // Initialize client that will be used to send requests. This client only needs to be created
      // once, and can be reused for multiple requests.
      try (GlobalAddressesClient client = GlobalAddressesClient.create()) {
        address.setIpVersion(ipVersion);

        InsertGlobalAddressRequest addressRequest = InsertGlobalAddressRequest.newBuilder()
                .setProject(projectId)
                .setRequestId(UUID.randomUUID().toString())
                .setAddressResource(address.build())
                .build();

        client.insertCallable().futureCall(addressRequest).get(30, TimeUnit.SECONDS);

        return Lists.newArrayList(client.list(projectId).iterateAll());
      }
    } else {
      // Initialize client that will be used to send requests. This client only needs to be created
      // once, and can be reused for multiple requests.
      try (AddressesClient client = AddressesClient.create()) {
        address.setRegion(region);

        InsertAddressRequest addressRequest = InsertAddressRequest.newBuilder()
                .setProject(projectId)
                .setRequestId(UUID.randomUUID().toString())
                .setAddressResource(address.build())
                .setRegion(region)
                .build();

        client.insertCallable().futureCall(addressRequest).get(30, TimeUnit.SECONDS);

        return Lists.newArrayList(client.list(projectId, region).iterateAll());
      }
    }
  }
}

Python

from typing import Optional

from google.cloud.compute_v1.services.addresses.client import AddressesClient
from google.cloud.compute_v1.services.global_addresses import GlobalAddressesClient
from google.cloud.compute_v1.types import Address


def reserve_new_external_ip_address(
    project_id: str,
    address_name: str,
    is_v6: bool = False,
    is_premium: bool = False,
    region: Optional[str] = None,
):
    """
    Reserves a new external IP address in the specified project and region.

    Args:
    project_id (str): Your Google Cloud project ID.
    address_name (str): The name for the new IP address.
    is_v6 (bool): 'IPV4' or 'IPV6' depending on the IP version. IPV6 if True.
    is_premium (bool): 'STANDARD' or 'PREMIUM' network tier. Standard option available only in regional ip.
    region (Optional[str]): The region to reserve the IP address in, if regional. Must be None if global.

    Returns:
    None
    """

    ip_version = "IPV6" if is_v6 else "IPV4"
    network_tier = "STANDARD" if not is_premium and region else "PREMIUM"

    address = Address(
        name=address_name,
        address_type="EXTERNAL",
        network_tier=network_tier,
    )
    if not region:  # global IP address
        client = GlobalAddressesClient()
        address.ip_version = ip_version
        operation = client.insert(project=project_id, address_resource=address)
    else:  # regional IP address
        address.region = region
        client = AddressesClient()
        operation = client.insert(
            project=project_id, region=region, address_resource=address
        )

    operation.result()

    print(f"External IP address '{address_name}' reserved successfully.")

推送臨時外部 IP 位址

如果您的 VM 擁有臨時的外部 IP 位址,而且您想將該 IP 永久指派給專案,請將臨時的外部 IP 位址推送到靜態外部 IP 位址。透過推送來保留臨時外部 IP 位址並不會導致 Trusted Cloud 捨棄傳送至 VM 的封包。這種做法會直接或透過負載平衡器來納入傳送至 VM 的封包。

主控台

  1. 前往「IP 位址」頁面。

    前往「IP addresses」(IP 位址) 頁面

  2. 按一下「外部 IP 位址」
  3. 選用:在「Filter」欄位中,搜尋要推送的暫時 IP 位址。
  4. 在要推送的 IP 位址的「More actions」選單 () 中,選取「Promote to static IP address」
  5. 輸入新的靜態 IP 位址名稱,然後按一下「保留」

gcloud

請按照下列操作說明,將靜態外部 IPv4 或 IPv6 位址提升為預設值:

  • 如要將臨時外部 IPv4 位址推送到靜態外部 IPv4 位址,請使用 --addresses 標記搭配 compute addresses create 指令,提供臨時外部 IP 位址。您可使用 region 標記推送臨時地區 IP 位址,或使用 global 標記推送臨時通用 IP 位址。

    gcloud compute addresses create ADDRESS_NAME --addresses=IP_ADDRESS \
    [--region=REGION | --global]

    更改下列內容:

    • ADDRESS_NAME:您要與此地址建立關聯的名稱。
    • IP_ADDRESS:您要推送的 IP 位址。
    • REGION:地區 IP 位址所屬的地區。

  • 如要將臨時區域性外部 IPv6 位址推送至靜態區域性外部 IPv6 位址,請使用 --addresses 標記搭配 gcloud compute addresses create 指令,提供臨時外部 IP 位址。

    gcloud compute addresses create ADDRESS_NAME \
  --region=REGION \
  --addresses=IPV6_ADDRESS \
  --prefix-length=96

    更改下列內容:

    • ADDRESS_NAME:IP 位址資源的名稱。
    • REGION:IPv6 位址資源的區域。
    • IPV6_ADDRESS:您要宣傳的 IPv6 位址。

API

如要推送臨時地區 IP 位址,請呼叫 addresses.insert 方法

POST https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/regions/REGION/addresses

如要推送臨時通用 IP 位址,請對以下 URI 發出 POST 要求:

POST https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/global/addresses

指定要求主體的必填欄位值:

  • 針對 IPv4 位址,要求內容應包含下列欄位:

    {
  "name": "ADDRESS_NAME",
  "address": "IPV4_ADDRESS"
  "addressType": "EXTERNAL"
}

  • 針對 IPv6 位址,要求內容應包含下列欄位:

    {
  "name": "ADDRESS_NAME",
  "address": "IPV6_ADDRESS"
  "prefixLength": 96
  "addressType": "EXTERNAL"
}

    更改下列內容:

    • ADDRESS_NAME:您要與這個地址建立關聯的名稱
    • IPV4_ADDRESS|IPV6_ADDRESS:您要宣傳的 IPv4 或 IPv6 位址
    • REGION:IPv4 或 IPv6 位址所屬的區域
    • PROJECT_ID:這項要求的專案 ID

Go

import (
	"context"
	"fmt"
	"io"

	compute "cloud.google.com/go/compute/apiv1"
	computepb "cloud.google.com/go/compute/apiv1/computepb"
	"google.golang.org/protobuf/proto"
)

// promoteEphemeralAddress promotes an ephemeral IP address to a reserved static external IP address.
func promoteEphemeralAddress(w io.Writer, projectID, region, ephemeralIP, addressName string) error {
	// projectID := "your_project_id"
	// region := "europe-central2"
	// ephemeral_ip := "214.123.100.121"
	ctx := context.Background()

	client, err := compute.NewAddressesRESTClient(ctx)
	if err != nil {
		return fmt.Errorf("NewAddressesRESTClient: %w", err)
	}
	defer client.Close()

	addressResource := &computepb.Address{
		Name:        proto.String(addressName),
		AddressType: proto.String("EXTERNAL"),
		Address:     proto.String(ephemeralIP),
	}

	req := &computepb.InsertAddressRequest{
		Project:         projectID,
		Region:          region,
		AddressResource: addressResource,
	}

	op, err := client.Insert(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to insert address promoted: %v", err)
	}

	// Wait for the operation to complete
	err = op.Wait(ctx)
	if err != nil {
		return fmt.Errorf("failed to complete promotion operation: %v", err)
	}

	fmt.Fprintf(w, "Ephemeral IP %s address promoted successfully", ephemeralIP)
	return nil
}

Java


import com.google.cloud.compute.v1.Address;
import com.google.cloud.compute.v1.Address.AddressType;
import com.google.cloud.compute.v1.AddressesClient;
import com.google.cloud.compute.v1.InsertAddressRequest;
import com.google.common.collect.Lists;
import java.io.IOException;
import java.util.List;
import java.util.UUID;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;

public class PromoteEphemeralIp {

  public static void main(String[] args)
          throws IOException, ExecutionException, InterruptedException, TimeoutException {
    // TODO(developer): Replace these variables before running the sample.
    // Project ID or project number of the Google Cloud project you want to use.
    String projectId = "your-project-id";
    // Region where the VM and IP is located.
    String region = "your-region-id";
    // Ephemeral IP address to promote.
    String ephemeralIp = "your-ephemeralIp";
    // Name of the address to assign.
    String addressName = "your-addressName";

    promoteEphemeralIp(projectId, region, ephemeralIp, addressName);
  }

  // Promote ephemeral IP found on the instance to a static IP.
  public static List<Address> promoteEphemeralIp(String projectId, String region,
                                                 String ephemeralIp, String addressName)
          throws IOException, ExecutionException, InterruptedException, TimeoutException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests.
    try (AddressesClient client = AddressesClient.create()) {
      Address addressResource = Address.newBuilder()
              .setName(addressName)
              .setRegion(region)
              .setAddressType(AddressType.EXTERNAL.name())
              .setAddress(ephemeralIp)
              .build();

      InsertAddressRequest addressRequest = InsertAddressRequest.newBuilder()
              .setRegion(region)
              .setProject(projectId)
              .setAddressResource(addressResource)
              .setRequestId(UUID.randomUUID().toString())
              .build();

      client.insertCallable().futureCall(addressRequest).get(30, TimeUnit.SECONDS);

      return Lists.newArrayList(client.list(projectId, region).iterateAll());
    }
  }
}

Python

import uuid

from google.cloud.compute_v1 import AddressesClient
from google.cloud.compute_v1.types import Address


def promote_ephemeral_ip(project_id: str, ephemeral_ip: str, region: str):
    """
    Promote ephemeral IP found on the instance to a static IP.

    Args:
        project_id (str): Project ID.
        ephemeral_ip (str): Ephemeral IP address to promote.
        region (str): Region where the VM and IP is located.
    """
    addresses_client = AddressesClient()

    # Create a new static IP address using existing ephemeral IP
    address_resource = Address(
        name=f"ip-reserved-{uuid.uuid4()}",  # new name for promoted IP address
        region=region,
        address_type="EXTERNAL",
        address=ephemeral_ip,
    )
    operation = addresses_client.insert(
        project=project_id, region=region, address_resource=address_resource
    )
    operation.result()

    print(f"Ephemeral IP {ephemeral_ip} has been promoted to a static IP.")

即使將外部 IP 位址推送為靜態外部 IP 位址,該外部 IP 位址仍會連結到該 VM。如果您要將新推送的靜態外部 IP 位址指派給其他資源,請從現有 VM 取消指派靜態外部 IP 位址

列出靜態外部 IP 位址

如要列出為專案保留的靜態外部 IP 位址,請按照下列步驟操作。

主控台

  1. 前往 Trusted Cloud 控制台的「IP addresses」(IP 位址) 頁面。

    前往「IP 位址」

  2. 按一下「外部 IP 位址」

gcloud

使用 gcloud compute addresses list 指令

  • 如要列出所有 IP 位址,請使用下列指令:

    gcloud compute addresses list

  • 如要列出所有全球 IP 位址,請使用下列指令:

    gcloud compute addresses list --global

  • 如要列出指定區域的所有區域 IP 位址,請使用下列指令:

    gcloud compute addresses list \
    --regions=REGION

    REGION 替換為您要列出地址的區域。您可以指定以半形逗號分隔的區域名稱,列出多個區域的地址:

    gcloud compute addresses list \
    --regions=REGION1,REGION2,..REGION_n_

API

  • 如要列出區域性 IPv4 或 IPv6 位址,請呼叫 addresses.list 方法

    GET https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/regions/REGION/addresses

    更改下列內容:

    • PROJECT_ID:這項要求的專案 ID
    • REGION:這項要求的區域名稱

  • 如要列出所有地區的所有位址,請呼叫 addresses.aggregatedList 方法

    GET https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/aggregated/addresses

  • 如要列出全球 IPv4 或 IPv6 位址,請呼叫 globalAddresses.list 方法

    GET https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/global/addresses

    更改下列內容:

    PROJECT_ID:這項要求的專案 ID

Go

import (
	"context"
	"fmt"
	"io"

	compute "cloud.google.com/go/compute/apiv1"
	"google.golang.org/api/iterator"

	"cloud.google.com/go/compute/apiv1/computepb"
)

// listRegionalExternal retrieves list external IP addresses in Google Cloud Platform region.
func listRegionalExternal(w io.Writer, projectID, region string) ([]*computepb.Address, error) {
	// projectID := "your_project_id"
	// region := "europe-west3"

	ctx := context.Background()
	// Create the service client.
	addressesClient, err := compute.NewAddressesRESTClient(ctx)
	if err != nil {
		return nil, err
	}
	defer addressesClient.Close()

	// Build the request.
	req := &computepb.ListAddressesRequest{
		Project: projectID,
		Region:  region,
	}

	// List the addresses.
	it := addressesClient.List(ctx, req)

	// Iterate over the results.
	var addresses []*computepb.Address
	for {
		address, err := it.Next()
		if err == iterator.Done {
			break
		}
		if err != nil {
			return nil, err
		}
		addresses = append(addresses, address)
	}

	// Print the addresses.
	fmt.Fprint(w, "Fetched addresses: \n")
	for _, address := range addresses {
		fmt.Fprintf(w, "%s\n", *address.Name)
	}

	return addresses, nil
}

// listGlobalExternal retrieves list external global IP addresses in Google Cloud Platform.
func listGlobalExternal(w io.Writer, projectID string) ([]*computepb.Address, error) {
	// projectID := "your_project_id"

	ctx := context.Background()
	// Create the service client.
	addressesClient, err := compute.NewGlobalAddressesRESTClient(ctx)
	if err != nil {
		return nil, err
	}
	defer addressesClient.Close()

	// Build the request.
	req := &computepb.ListGlobalAddressesRequest{
		Project: projectID,
	}

	// List the addresses.
	it := addressesClient.List(ctx, req)

	// Iterate over the results.
	var addresses []*computepb.Address
	for {
		address, err := it.Next()
		if err == iterator.Done {
			break
		}
		if err != nil {
			return nil, err
		}
		addresses = append(addresses, address)
	}

	// Print the addresses.
	fmt.Fprint(w, "Fetched addresses: \n")
	for _, address := range addresses {
		fmt.Fprintf(w, "%s\n", *address.Name)
	}

	return addresses, nil
}

Java


import com.google.cloud.compute.v1.Address;
import com.google.cloud.compute.v1.AddressesClient;
import com.google.cloud.compute.v1.GlobalAddressesClient;
import com.google.cloud.compute.v1.ListAddressesRequest;
import com.google.cloud.compute.v1.ListGlobalAddressesRequest;
import com.google.common.collect.Lists;
import java.io.IOException;
import java.util.List;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeoutException;

public class ListStaticExternalIp {

  public static void main(String[] args)
          throws IOException, ExecutionException, InterruptedException, TimeoutException {
    // TODO(developer): Replace these variables before running the sample.
    // Project ID or project number of the Google Cloud project you want to use.
    String projectId = "your-project-id";
    // Region where the VM and IP is located.
    String region = "your-region-id";

    listStaticExternalIp(projectId, region);
  }

  // Lists all static external IP addresses, either regional or global.
  public static List<Address> listStaticExternalIp(String projectId, String region)
          throws IOException {
    // Use regional client if a region is specified
    if (region != null) {
      // Initialize client that will be used to send requests. This client only needs to be created
      // once, and can be reused for multiple requests.
      try (AddressesClient client = AddressesClient.create()) {
        ListAddressesRequest request = ListAddressesRequest.newBuilder()
                .setProject(projectId)
                .setRegion(region)
                .build();

        return Lists.newArrayList(client.list(request).iterateAll());
      }
    } else {
      // Initialize client that will be used to send requests. This client only needs to be created
      // once, and can be reused for multiple requests.
      try (GlobalAddressesClient client = GlobalAddressesClient.create()) {
        ListGlobalAddressesRequest request = ListGlobalAddressesRequest.newBuilder()
                .setProject(projectId)
                .build();

        return Lists.newArrayList(client.list(request).iterateAll());
      }
    }
  }
}

Python

from typing import List, Optional

from google.cloud.compute_v1.services.addresses.client import AddressesClient
from google.cloud.compute_v1.services.global_addresses import GlobalAddressesClient
from google.cloud.compute_v1.types import Address


def list_static_ip_addresses(
    project_id: str, region: Optional[str] = None
) -> List[Address]:
    """
    Lists all static external IP addresses, either regional or global.

    Args:
    project_id (str): project ID.
    region (Optional[str]): The region of the IP addresses if regional. None if global.

    Returns:
    List[Address]: A list of Address objects containing details about the requested IPs.
    """
    if region:
        # Use regional client if a region is specified
        client = AddressesClient()
        addresses_iterator = client.list(project=project_id, region=region)
    else:
        # Use global client if no region is specified
        client = GlobalAddressesClient()
        addresses_iterator = client.list(project=project_id)

    return list(addresses_iterator)  # Convert the iterator to a list to return

說明靜態外部 IP 位址

如要取得靜態外部 IP 位址資訊,請按照下列步驟操作。

主控台

  1. 前往 Trusted Cloud 控制台的「IP addresses」(IP 位址) 頁面。

    前往「IP 位址」

  2. 按一下「外部 IP 位址」

  3. 按一下要進一步瞭解的 IP 位址。

gcloud

使用 gcloud compute addresses describe 指令。將 ADDRESS_NAME 替換為您要說明的外部 IP 位址名稱。

  • 如要使用全球 IPv4 或 IPv6 位址,請使用下列指令:

    gcloud compute addresses describe ADDRESS_NAME --global

  • 如要使用區域性 IPv4 或 IPv6 位址,請使用下列指令:

    gcloud compute addresses describe ADDRESS_NAME --region=REGION

API

  • 如要描述區域 IPv4 或 IPv6 位址,請呼叫 addresses.get 方法

    GET https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/regions/REGION/addresses/ADDRESS_NAME

    更改下列內容:

    • PROJECT_ID:要求的專案 ID
    • REGION:要求的區域名稱
    • ADDRESS_NAME:IP 位址名稱

  • 如要描述全球 IPv4 或 IPv6 位址,請呼叫 globalAddresses.get 方法

    GET https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/global/addresses/ADDRESS_NAME

    更改下列內容:

    • PROJECT_ID:要求的專案 ID
    • ADDRESS_NAME:IP 位址名稱

Go

import (
	"context"
	"fmt"
	"io"

	compute "cloud.google.com/go/compute/apiv1"
	"cloud.google.com/go/compute/apiv1/computepb"
)

// getExternalAddress retrieves the external IP address of the given address.
func getRegionalExternal(w io.Writer, projectID, region, addressName string) (*computepb.Address, error) {
	// projectID := "your_project_id"
	// region := "europe-west3"
	// addressName := "your_address_name"

	ctx := context.Background()
	addressesClient, err := compute.NewAddressesRESTClient(ctx)
	if err != nil {
		return nil, fmt.Errorf("NewAddressesRESTClient: %w", err)
	}
	defer addressesClient.Close()

	req := &computepb.GetAddressRequest{
		Project: projectID,
		Region:  region,
		Address: addressName,
	}

	address, err := addressesClient.Get(ctx, req)
	if err != nil {
		return nil, fmt.Errorf("unable to get address: %w", err)
	}

	fmt.Fprintf(w, "Regional address %s has external IP address: %s\n", addressName, address.GetAddress())

	return address, nil
}

func getGlobalExternal(w io.Writer, projectID, addressName string) (*computepb.Address, error) {

	ctx := context.Background()
	globalAddressesClient, err := compute.NewGlobalAddressesRESTClient(ctx)
	if err != nil {
		return nil, fmt.Errorf("NewGlobalAddressesRESTClient: %w", err)
	}
	defer globalAddressesClient.Close()

	req := &computepb.GetGlobalAddressRequest{
		Project: projectID,
		Address: addressName,
	}

	address, err := globalAddressesClient.Get(ctx, req)
	if err != nil {
		return nil, fmt.Errorf("unable to get address: %w", err)
	}

	fmt.Fprintf(w, "Global address %s has external IP address: %s\n", addressName, address.GetAddress())

	return address, nil
}

Java


import com.google.cloud.compute.v1.Address;
import com.google.cloud.compute.v1.AddressesClient;
import com.google.cloud.compute.v1.GetAddressRequest;
import com.google.cloud.compute.v1.GetGlobalAddressRequest;
import com.google.cloud.compute.v1.GlobalAddressesClient;
import java.io.IOException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeoutException;

public class GetStaticIpAddress {

  public static void main(String[] args)
          throws IOException, ExecutionException, InterruptedException, TimeoutException {
    // TODO(developer): Replace these variables before running the sample.
    // Project ID or project number of the Google Cloud project you want to use.
    String projectId = "your-project-id";
    // Region where the VM and IP is located.
    String region = "your-region-id";
    // Name of the address to assign.
    String addressName = "your-addressName";

    getStaticIpAddress(projectId, region, addressName);
  }

  // Retrieves a static external IP address, either regional or global.
  public static Address getStaticIpAddress(String projectId, String region, String addressName)
          throws IOException {
    // Use regional client if a region is specified
    if (region != null) {
      // Initialize client that will be used to send requests. This client only needs to be created
      // once, and can be reused for multiple requests.
      try (AddressesClient client = AddressesClient.create()) {
        GetAddressRequest request = GetAddressRequest.newBuilder()
                .setProject(projectId)
                .setRegion(region)
                .setAddress(addressName)
                .build();

        return client.get(request);
      }
    } else {
      // Initialize client that will be used to send requests. This client only needs to be created
      // once, and can be reused for multiple requests.
      try (GlobalAddressesClient client = GlobalAddressesClient.create()) {
        GetGlobalAddressRequest request = GetGlobalAddressRequest.newBuilder()
                .setProject(projectId)
                .setAddress(addressName)
                .build();

        return client.get(request);
      }
    }
  }
}

Python

from typing import Optional

from google.cloud.compute_v1.services.addresses.client import AddressesClient
from google.cloud.compute_v1.services.global_addresses import GlobalAddressesClient
from google.cloud.compute_v1.types import Address


def get_static_ip_address(
    project_id: str, address_name: str, region: Optional[str] = None
) -> Address:
    """
    Retrieves a static external IP address, either regional or global.

    Args:
    project_id (str): project ID.
    address_name (str): The name of the IP address.
    region (Optional[str]): The region of the IP address if it's regional. None if it's global.

    Raises: google.api_core.exceptions.NotFound: in case of address not found

    Returns:
    Address: The Address object containing details about the requested IP.
    """
    if region:
        # Use regional client if a region is specified
        client = AddressesClient()
        address = client.get(project=project_id, region=region, address=address_name)
    else:
        # Use global client if no region is specified
        client = GlobalAddressesClient()
        address = client.get(project=project_id, address=address_name)

    return address

釋出靜態外部 IP 位址

如果您不再需要靜態外部 IPv4 或 IPv6 位址,可以刪除 IP 位址資源來釋出 IP 位址。

如果您使用 Trusted Cloud 控制台,則只有在其他資源未使用靜態 IP 位址的情況下,您才能釋出該 IP 位址。

如果您使用的是 gcloud CLI 或 API,無論 IP 位址是否由其他資源使用,您都可以釋出該 IP 位址。

  • 如果資源未使用 IP 位址,系統會將 IP 位址傳回至可用外部 IP 位址集區。

  • 如果某項資源正在使用該 IP 位址,那麼在資源遭到刪除之前,該位址都會與資源保持連結。

主控台

  1. 前往 Trusted Cloud 控制台的「IP addresses」(IP 位址) 頁面。

    前往「IP 位址」

  2. 按一下「外部 IP 位址」

  3. 選用:在「Filter」欄位中輸入 static,然後從下拉式清單中選取「Static : Type」

  4. 選取要釋出的靜態外部 IP 位址。

  5. 按一下「Release static address」

    如果沒有看到這個選項,請按一下頂端選單列中的「更多動作」選單圖示 (),然後從清單中選取「釋出靜態位址」

gcloud

使用 compute addresses delete 指令

gcloud compute addresses delete ADDRESS_NAME

ADDRESS_NAME 替換為要釋放的 IPv4 或 IPv6 位址名稱。

API

  • 如要釋放區域性 IPv4 或 IPv6 位址,請呼叫 addresses.delete 方法

    DELETE https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/regions/REGION/addresses/ADDRESS_NAME

    更改下列內容:

    • PROJECT_ID:這項要求的專案 ID
    • REGION:這項要求的區域名稱
    • ADDRESS_NAME:IP 位址名稱

  • 如要釋出全域 IPv4 或 IPv6 位址,請呼叫 globalAddresses.delete 方法

    DELETE https://compute.s3nsapis.fr/compute/v1/projects/PROJECT_ID/global/addresses/ADDRESS_NAME

    更改下列內容:

    • ADDRESS_NAME:IP 位址名稱
    • PROJECT_ID:這項要求的專案 ID

Go

import (
	"context"
	"fmt"
	"io"

	compute "cloud.google.com/go/compute/apiv1"
	"cloud.google.com/go/compute/apiv1/computepb"
)

// releaseRegionalStaticExternal releases a static regional external IP address.
func releaseRegionalStaticExternal(w io.Writer, projectID, region, addressName string) error {
	// projectID := "your_project_id"
	// region := "us-central1"
	// addressName := "your_address_name"

	ctx := context.Background()
	addressesClient, err := compute.NewAddressesRESTClient(ctx)
	if err != nil {
		return fmt.Errorf("NewAddressesRESTClient: %w", err)
	}
	defer addressesClient.Close()

	req := &computepb.DeleteAddressRequest{
		Project: projectID,
		Region:  region,
		Address: addressName,
	}

	op, err := addressesClient.Delete(ctx, req)
	if err != nil {
		return fmt.Errorf("unable to release static external IP address: %w", err)
	}

	if err = op.Wait(ctx); err != nil {
		return fmt.Errorf("unable to wait for the operation: %w", err)
	}

	fmt.Fprintf(w, "Static external IP address released\n")

	return nil
}

// releaseGlobalStaticExternal releases a static global external IP address.
func releaseGlobalStaticExternal(w io.Writer, projectID, addressName string) error {
	// projectID := "your_project_id"
	// addressName := "your_address_name"

	ctx := context.Background()
	addressesClient, err := compute.NewGlobalAddressesRESTClient(ctx)
	if err != nil {
		return fmt.Errorf("NewGlobalAddressesRESTClient: %w", err)
	}
	defer addressesClient.Close()

	req := &computepb.DeleteGlobalAddressRequest{
		Project: projectID,
		Address: addressName,
	}

	op, err := addressesClient.Delete(ctx, req)
	if err != nil {
		return fmt.Errorf("unable to release static external IP address: %w", err)
	}

	if err = op.Wait(ctx); err != nil {
		return fmt.Errorf("unable to wait for the operation: %w", err)
	}

	fmt.Fprintf(w, "Static external IP address released\n")

	return nil
}

Java


import com.google.cloud.compute.v1.AddressesClient;
import com.google.cloud.compute.v1.DeleteAddressRequest;
import com.google.cloud.compute.v1.DeleteGlobalAddressRequest;
import com.google.cloud.compute.v1.GlobalAddressesClient;
import com.google.cloud.compute.v1.Operation;
import java.io.IOException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;

public class ReleaseStaticAddress {

  public static void main(String[] args)
          throws IOException, ExecutionException, InterruptedException, TimeoutException {
    // TODO(developer): Replace these variables before running the sample.
    // Project ID or project number of the Google Cloud project you want to use.
    String projectId = "your-project-id";
    // The region to reserve the IP address in, if regional. Must be None if global
    String region = "your-region =";
    // Name of the address to release.
    String addressName = "your-addressName";

    releaseStaticAddress(projectId, addressName, region);
  }

  // Releases a static external IP address that is currently reserved.
  // This action requires that the address is not being used by any forwarding rule.
  public static void releaseStaticAddress(String projectId, String addressName, String region)
          throws IOException, ExecutionException, InterruptedException, TimeoutException {
    Operation operation;
    // Use global client if no region is specified
    if (region == null) {
      // Initialize client that will be used to send requests. This client only needs to be created
      // once, and can be reused for multiple requests.
      try (GlobalAddressesClient client = GlobalAddressesClient.create()) {
        DeleteGlobalAddressRequest request = DeleteGlobalAddressRequest.newBuilder()
                .setProject(projectId)
                .setAddress(addressName)
                .build();

        operation = client.deleteCallable().futureCall(request).get(30, TimeUnit.SECONDS);
      }
    } else {
      // Initialize client that will be used to send requests. This client only needs to be created
      // once, and can be reused for multiple requests.
      try (AddressesClient client = AddressesClient.create()) {
        DeleteAddressRequest request = DeleteAddressRequest.newBuilder()
                .setProject(projectId)
                .setRegion(region)
                .setAddress(addressName)
                .build();

        operation = client.deleteCallable().futureCall(request).get(30, TimeUnit.SECONDS);
      }
    }
    if (operation.hasError()) {
      System.out.printf("Can't release external IP address '%s'. Caused by : %s",
              addressName, operation.getError());
    }
    System.out.printf("External IP address '%s' released successfully.", addressName);
  }
}

Python

from typing import Optional

from google.cloud.compute_v1.services.addresses.client import AddressesClient
from google.cloud.compute_v1.services.global_addresses import GlobalAddressesClient


def release_external_ip_address(
    project_id: str,
    address_name: str,
    region: Optional[str] = None,
) -> None:
    """
    Releases a static external IP address that is currently reserved.
    This action requires that the address is not being used by any forwarding rule.

    Args:
        project_id (str): project ID.
        address_name (str): name of the address to release.
        region (Optional[str]): The region to reserve the IP address in, if regional. Must be None if global.


    """
    if not region:  # global IP address
        client = GlobalAddressesClient()
        operation = client.delete(project=project_id, address=address_name)
    else:  # regional IP address
        client = AddressesClient()
        operation = client.delete(
            project=project_id, region=region, address=address_name
        )

    operation.result()
    print(f"External IP address '{address_name}' released successfully.")

後續步驟