Recently we encountered network connectivity challenges between Google Cloud Platform (GCP) resources while working on an enterprise customer migration to GCP. Specifically, users could not connect to cluster services like Google Kubernetes Engine (GKE) and Cloud-SQL running in a peered Virtual Private Cloud (VPC). Utilizing public IP addresses is an option, but that solution did not meet our customer’s security guidelines.
After troubleshooting and root cause analysis we discovered that GCP doesn’t allow transitive peering. Let’s step through the situation in greater detail and then the process to resolve the issue.