Support GCP gVNIC interface 7.0.1

The new GCP gVNIC interface is supported, which offers improved performance and bandwidth and is required on some VM shapes tuned for optimal performance.

A VM with gVNIC must be deployed with the CLI or API. Refer to the Using Google Virtual NIC documentation for other limitations. If you are upgrading from prior images that support virtIO, the images will remain that way.

Refer to Creating a VM that uses gVNIC for detailed instructions. The following example shows sample commands used to create an instance.

To deploy a gVNIC with the gcloud CLI:

Create a gVNIC enabled image using the FortiGate marketplace image.

gcloud compute --project=dev-project-000-000000 images create gcp-ond-700-gvnic --source-image=fortinet-fgtondemand-700-20210407-000-w-license --source-image-project=fortigcp-project-000 --guest-os-features=GVNIC

Deploy the instance with the gVNIC image and gVNIC specification in the parameter:

gcloud compute --project=dev-project-000-000000 instances create xxxxxx-script-ond-0128-gvnic --zone=us-central1-c --machine-type=n1-standard-1 --network-interface nic-type=GVNIC,subnet=xxxxxx-hapvc-port1external,private-network-ip=10.0.0.15,address=**.**.**.*** --network-interface nic-type=GVNIC,subnet=xxxxxx-hapvc-port2internal,private-network-ip=10.0.1.15,no-address --can-ip-forward --maintenance-policy=MIGRATE --service-account=************-compute@developer.gserviceaccount.com --scopes=https://www.googleapis.com/auth/cloud-platform --image=gcp-ond-0128-gvnic --image-project=dev-project-000-000000 --boot-disk-type=pd-standard --boot-disk-device-name=xxxxxx-script-ond-0128
Created [https://www.googleapis.com/compute/beta/projects/dev-project-000-000000/zones/us-central1-c/instances/xxxxxx-script-ond-0128-gvnic].
NAME                          ZONE           MACHINE_TYPE   PREEMPTIBLE  INTERNAL_IP  EXTERNAL_IP   STATUS
xxxxxx-script-ond-0128-gvnic  us-central1-c  n1-standard-1               10.6.30.5    **.**.**.***  RUNNING

Verify that gVNIC is enabled for the NIC:

gcloud compute instances describe xxxxxx-script-ond-0128-gvnic --zone=us-central1-c
…
guestOsFeatures:
- type: GVNIC
…
name: xxxxxx-script-ond-0128-gvnic
networkInterfaces:
- accessConfigs:
- kind: compute#accessConfig
name: external-nat
natIP: **.**.**.***
networkTier: PREMIUM
type: ONE_TO_ONE_NAT
fingerprint: OiB_2ejfR-g=
kind: compute#networkInterface
name: nic0
network: https://www.googleapis.com/compute/v1/projects/xxx-xxxxxxx-000-000000/global/networks/xxxxxxxx
networkIP: 10.6.30.5
nicType: GVNIC
…

# diagnose hardware lspci –v
00:04.0 Class 0200: Device 1ae0:0042
        Subsystem: Device 1ae0:0058
        Flags: bus master, fast devsel, latency 0, IRQ 11
        Memory at feb01000 (32-bit, non-prefetchable) [size=4K]
        Memory at feb02000 (32-bit, non-prefetchable) [size=64]
        Memory at fea00000 (32-bit, non-prefetchable) [size=1M]
        Capabilities: [80] MSI-X: Enable+ Count=3 Masked-
        Kernel driver in use: gvnic

# diagnose hardware deviceinfo nic port1
Name:            port1
Driver:          gve
Version:         1.2.0
Bus:             0000:00:04.0
Hwaddr:          **:**:**:**:**:**
Permanent Hwaddr:**:**:**:**:**:**
State:           up
Link:            up
Mtu:             1460
Supported:
Advertised:
Auto:            disabled

Support GCP gVNIC interface 7.0.1

The new GCP gVNIC interface is supported, which offers improved performance and bandwidth and is required on some VM shapes tuned for optimal performance.

Refer to Creating a VM that uses gVNIC for detailed instructions. The following example shows sample commands used to create an instance.

To deploy a gVNIC with the gcloud CLI:

Create a gVNIC enabled image using the FortiGate marketplace image.

gcloud compute --project=dev-project-000-000000 images create gcp-ond-700-gvnic --source-image=fortinet-fgtondemand-700-20210407-000-w-license --source-image-project=fortigcp-project-000 --guest-os-features=GVNIC

Deploy the instance with the gVNIC image and gVNIC specification in the parameter:

gcloud compute --project=dev-project-000-000000 instances create xxxxxx-script-ond-0128-gvnic --zone=us-central1-c --machine-type=n1-standard-1 --network-interface nic-type=GVNIC,subnet=xxxxxx-hapvc-port1external,private-network-ip=10.0.0.15,address=**.**.**.*** --network-interface nic-type=GVNIC,subnet=xxxxxx-hapvc-port2internal,private-network-ip=10.0.1.15,no-address --can-ip-forward --maintenance-policy=MIGRATE --service-account=************-compute@developer.gserviceaccount.com --scopes=https://www.googleapis.com/auth/cloud-platform --image=gcp-ond-0128-gvnic --image-project=dev-project-000-000000 --boot-disk-type=pd-standard --boot-disk-device-name=xxxxxx-script-ond-0128
Created [https://www.googleapis.com/compute/beta/projects/dev-project-000-000000/zones/us-central1-c/instances/xxxxxx-script-ond-0128-gvnic].
NAME                          ZONE           MACHINE_TYPE   PREEMPTIBLE  INTERNAL_IP  EXTERNAL_IP   STATUS
xxxxxx-script-ond-0128-gvnic  us-central1-c  n1-standard-1               10.6.30.5    **.**.**.***  RUNNING

Verify that gVNIC is enabled for the NIC:

gcloud compute instances describe xxxxxx-script-ond-0128-gvnic --zone=us-central1-c
…
guestOsFeatures:
- type: GVNIC
…
name: xxxxxx-script-ond-0128-gvnic
networkInterfaces:
- accessConfigs:
- kind: compute#accessConfig
name: external-nat
natIP: **.**.**.***
networkTier: PREMIUM
type: ONE_TO_ONE_NAT
fingerprint: OiB_2ejfR-g=
kind: compute#networkInterface
name: nic0
network: https://www.googleapis.com/compute/v1/projects/xxx-xxxxxxx-000-000000/global/networks/xxxxxxxx
networkIP: 10.6.30.5
nicType: GVNIC
…

# diagnose hardware lspci –v
00:04.0 Class 0200: Device 1ae0:0042
        Subsystem: Device 1ae0:0058
        Flags: bus master, fast devsel, latency 0, IRQ 11
        Memory at feb01000 (32-bit, non-prefetchable) [size=4K]
        Memory at feb02000 (32-bit, non-prefetchable) [size=64]
        Memory at fea00000 (32-bit, non-prefetchable) [size=1M]
        Capabilities: [80] MSI-X: Enable+ Count=3 Masked-
        Kernel driver in use: gvnic

# diagnose hardware deviceinfo nic port1
Name:            port1
Driver:          gve
Version:         1.2.0
Bus:             0000:00:04.0
Hwaddr:          **:**:**:**:**:**
Permanent Hwaddr:**:**:**:**:**:**
State:           up
Link:            up
Mtu:             1460
Supported:
Advertised:
Auto:            disabled

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Unified SASE

Single Vendor SASE

Cloud Network Security

Secure Endpoint Connectivity

Web Application / API Protection

Security Operations

Security Operations Automation

Identity

Early Detection & Prevention

Secure Networking

Hybrid Mesh Firewall

NOC Management

LAN

WAN

Communication & Surveillance

Unified SASE

Single Vendor SASE

Secure Endpoint Connectivity

Cloud Network Security

Cloud-Native Security

Web Application / API Protection

Security Operations

Security Operations Automation

Endpoint

Data Protection

Identity

Email

Early Detection & Prevention

Expert Services

Edge Firewall

Orchestration & management

SD Branch

Application Delivery

Single Vendor SASE

Secure Endpoint Connectivity

Secure Private Access

Thin Edge

Identity

Application Gateway

Enterprise Asset Management

Endpoint Agent

Agentless Security Posture

Identity

Wireless

Switching

Identity

Privilege Acccess Management

Next Generation Firewall

Orchestration & management

Expert Services

All

All

Account Management

SAAS Management

SAAS Application Security

Managed Services

Platform as a service (PAAS)

Other SAAS Services

4D Pillars

Cloud

Popular Solutions

New Features

Support GCP gVNIC interface 7.0.1

Support GCP gVNIC interface 7.0.1

To deploy a gVNIC with the gcloud CLI:

Support GCP gVNIC interface 7.0.1

Support GCP gVNIC interface 7.0.1

To deploy a gVNIC with the gcloud CLI: