Merge pull request #3133 from otherjason/google-internal-ip-only

Google driver: add `--google-use-internal-ip-only` flag

docs/drivers/gce.md

@@ -50,6 +50,7 @@ To create a machine instance, specify `--driver google`, the project id and the
     -   `--google-preemptible`: Instance preemptibility.
     -   `--google-tags`: Instance tags (comma-separated).
     -   `--google-use-internal-ip`: When this option is used during create it will make docker-machine use internal rather than public NATed IPs. The flag is persistent in the sense that a machine created with it retains the IP. It's useful for managing docker machines from another machine on the same network e.g. while deploying swarm.
+    -   `--google-use-internal-ip-only`: When this option is used during create, the new VM will not be assigned a public IP address. This is useful only when the host running `docker-machine` is located inside the Google Cloud infrastructure; otherwise, `docker-machine` can't reach the VM to provision the Docker daemon. The presence of this flag implies `--google-use-internal-ip`.
     -   `--google-use-existing`: Don't create a new VM, use an existing one. This is useful when you'd like to provision Docker on a VM you created yourself, maybe because it uses create options not supported by this driver. 
 
 The GCE driver will use the `ubuntu-1510-wily-v20151114` instance image unless otherwise specified. To obtain a

drivers/google/compute_util.go

@@ -20,19 +20,20 @@ import (
 
 // ComputeUtil is used to wrap the raw GCE API code and store common parameters.
 type ComputeUtil struct {
-	zone          string
+	zone              string
-	instanceName  string
+	instanceName      string
-	userName      string
+	userName          string
-	project       string
+	project           string
-	diskTypeURL   string
+	diskTypeURL       string
-	address       string
+	address           string
-	preemptible   bool
+	preemptible       bool
-	useInternalIP bool
+	useInternalIP     bool
-	service       *raw.Service
+	useInternalIPOnly bool
-	zoneURL       string
+	service           *raw.Service
-	globalURL     string
+	zoneURL           string
-	SwarmMaster   bool
+	globalURL         string
-	SwarmHost     string
+	SwarmMaster       bool
+	SwarmHost         string
 }
 
 const (
@@ -57,19 +58,20 @@ func newComputeUtil(driver *Driver) (*ComputeUtil, error) {
 	}
 
 	return &ComputeUtil{
-		zone:          driver.Zone,
+		zone:              driver.Zone,
-		instanceName:  driver.MachineName,
+		instanceName:      driver.MachineName,
-		userName:      driver.SSHUser,
+		userName:          driver.SSHUser,
-		project:       driver.Project,
+		project:           driver.Project,
-		diskTypeURL:   driver.DiskType,
+		diskTypeURL:       driver.DiskType,
-		address:       driver.Address,
+		address:           driver.Address,
-		preemptible:   driver.Preemptible,
+		preemptible:       driver.Preemptible,
-		useInternalIP: driver.UseInternalIP,
+		useInternalIP:     driver.UseInternalIP,
-		service:       service,
+		useInternalIPOnly: driver.UseInternalIPOnly,
-		zoneURL:       apiURL + driver.Project + "/zones/" + driver.Zone,
+		service:           service,
-		globalURL:     apiURL + driver.Project + "/global",
+		zoneURL:           apiURL + driver.Project + "/zones/" + driver.Zone,
-		SwarmMaster:   driver.SwarmMaster,
+		globalURL:         apiURL + driver.Project + "/global",
-		SwarmHost:     driver.SwarmHost,
+		SwarmMaster:       driver.SwarmMaster,
+		SwarmHost:         driver.SwarmHost,
 	}, nil
 }
 
@@ -235,9 +237,6 @@ func (c *ComputeUtil) createInstance(d *Driver) error {
 		},
 		NetworkInterfaces: []*raw.NetworkInterface{
 			{
-				AccessConfigs: []*raw.AccessConfig{
-					{Type: "ONE_TO_ONE_NAT"},
-				},
 				Network: c.globalURL + "/networks/default",
 			},
 		},
@@ -255,6 +254,13 @@ func (c *ComputeUtil) createInstance(d *Driver) error {
 		},
 	}
 
+	if !c.useInternalIPOnly {
+		cfg := &raw.AccessConfig{
+			Type: "ONE_TO_ONE_NAT",
+		}
+		instance.NetworkInterfaces[0].AccessConfigs = append(instance.NetworkInterfaces[0].AccessConfigs, cfg)
+	}
+
 	if c.address != "" {
 		staticAddress, err := c.staticAddress()
 		if err != nil {

drivers/google/google.go

@@ -15,18 +15,19 @@ import (
 // Driver is a struct compatible with the docker.hosts.drivers.Driver interface.
 type Driver struct {
 	*drivers.BaseDriver
-	Zone          string
+	Zone              string
-	MachineType   string
+	MachineType       string
-	MachineImage  string
+	MachineImage      string
-	DiskType      string
+	DiskType          string
-	Address       string
+	Address           string
-	Preemptible   bool
+	Preemptible       bool
-	UseInternalIP bool
+	UseInternalIP     bool
-	Scopes        string
+	UseInternalIPOnly bool
-	DiskSize      int
+	Scopes            string
-	Project       string
+	DiskSize          int
-	Tags          string
+	Project           string
-	UseExisting   bool
+	Tags              string
+	UseExisting       bool
 }
 
 const (
@@ -111,6 +112,11 @@ func (d *Driver) GetCreateFlags() []mcnflag.Flag {
 			Usage:  "Use internal GCE Instance IP rather than public one",
 			EnvVar: "GOOGLE_USE_INTERNAL_IP",
 		},
+		mcnflag.BoolFlag{
+			Name:   "google-use-internal-ip-only",
+			Usage:  "Configure GCE instance to not have an external IP address",
+			EnvVar: "GOOGLE_USE_INTERNAL_IP_ONLY",
+		},
 		mcnflag.BoolFlag{
 			Name:   "google-use-existing",
 			Usage:  "Don't create a new VM, use an existing one",
@@ -170,7 +176,8 @@ func (d *Driver) SetConfigFromFlags(flags drivers.DriverOptions) error {
 		d.DiskType = flags.String("google-disk-type")
 		d.Address = flags.String("google-address")
 		d.Preemptible = flags.Bool("google-preemptible")
-		d.UseInternalIP = flags.Bool("google-use-internal-ip")
+		d.UseInternalIP = flags.Bool("google-use-internal-ip") || flags.Bool("google-use-internal-ip-only")
+		d.UseInternalIPOnly = flags.Bool("google-use-internal-ip-only")
 		d.Scopes = flags.String("google-scopes")
 		d.Tags = flags.String("google-tags")
 	}