Merge pull request #3133 from otherjason/google-internal-ip-only

Google driver: add `--google-use-internal-ip-only` flag

docs/drivers/gce.md

@@ -50,6 +50,7 @@ To create a machine instance, specify `--driver google`, the project id and the
     -   `--google-preemptible`: Instance preemptibility.
     -   `--google-tags`: Instance tags (comma-separated).
     -   `--google-use-internal-ip`: When this option is used during create it will make docker-machine use internal rather than public NATed IPs. The flag is persistent in the sense that a machine created with it retains the IP. It's useful for managing docker machines from another machine on the same network e.g. while deploying swarm.
+    -   `--google-use-internal-ip-only`: When this option is used during create, the new VM will not be assigned a public IP address. This is useful only when the host running `docker-machine` is located inside the Google Cloud infrastructure; otherwise, `docker-machine` can't reach the VM to provision the Docker daemon. The presence of this flag implies `--google-use-internal-ip`.
     -   `--google-use-existing`: Don't create a new VM, use an existing one. This is useful when you'd like to provision Docker on a VM you created yourself, maybe because it uses create options not supported by this driver. 
 
 The GCE driver will use the `ubuntu-1510-wily-v20151114` instance image unless otherwise specified. To obtain a

drivers/google/compute_util.go

@@ -28,6 +28,7 @@ type ComputeUtil struct {
 	address           string
 	preemptible       bool
 	useInternalIP     bool
+	useInternalIPOnly bool
 	service           *raw.Service
 	zoneURL           string
 	globalURL         string
@@ -65,6 +66,7 @@ func newComputeUtil(driver *Driver) (*ComputeUtil, error) {
 		address:           driver.Address,
 		preemptible:       driver.Preemptible,
 		useInternalIP:     driver.UseInternalIP,
+		useInternalIPOnly: driver.UseInternalIPOnly,
 		service:           service,
 		zoneURL:           apiURL + driver.Project + "/zones/" + driver.Zone,
 		globalURL:         apiURL + driver.Project + "/global",
@@ -235,9 +237,6 @@ func (c *ComputeUtil) createInstance(d *Driver) error {
 		},
 		NetworkInterfaces: []*raw.NetworkInterface{
 			{
-				AccessConfigs: []*raw.AccessConfig{
-					{Type: "ONE_TO_ONE_NAT"},
-				},
 				Network: c.globalURL + "/networks/default",
 			},
 		},
@@ -255,6 +254,13 @@ func (c *ComputeUtil) createInstance(d *Driver) error {
 		},
 	}
 
+	if !c.useInternalIPOnly {
+		cfg := &raw.AccessConfig{
+			Type: "ONE_TO_ONE_NAT",
+		}
+		instance.NetworkInterfaces[0].AccessConfigs = append(instance.NetworkInterfaces[0].AccessConfigs, cfg)
+	}
+
 	if c.address != "" {
 		staticAddress, err := c.staticAddress()
 		if err != nil {

drivers/google/google.go

@@ -22,6 +22,7 @@ type Driver struct {
 	Address           string
 	Preemptible       bool
 	UseInternalIP     bool
+	UseInternalIPOnly bool
 	Scopes            string
 	DiskSize          int
 	Project           string
@@ -111,6 +112,11 @@ func (d *Driver) GetCreateFlags() []mcnflag.Flag {
 			Usage:  "Use internal GCE Instance IP rather than public one",
 			EnvVar: "GOOGLE_USE_INTERNAL_IP",
 		},
+		mcnflag.BoolFlag{
+			Name:   "google-use-internal-ip-only",
+			Usage:  "Configure GCE instance to not have an external IP address",
+			EnvVar: "GOOGLE_USE_INTERNAL_IP_ONLY",
+		},
 		mcnflag.BoolFlag{
 			Name:   "google-use-existing",
 			Usage:  "Don't create a new VM, use an existing one",
@@ -170,7 +176,8 @@ func (d *Driver) SetConfigFromFlags(flags drivers.DriverOptions) error {
 		d.DiskType = flags.String("google-disk-type")
 		d.Address = flags.String("google-address")
 		d.Preemptible = flags.Bool("google-preemptible")
-		d.UseInternalIP = flags.Bool("google-use-internal-ip")
+		d.UseInternalIP = flags.Bool("google-use-internal-ip") || flags.Bool("google-use-internal-ip-only")
+		d.UseInternalIPOnly = flags.Bool("google-use-internal-ip-only")
 		d.Scopes = flags.String("google-scopes")
 		d.Tags = flags.String("google-tags")
 	}