Migrate from other Google Cloud solutions

This page describes the migration options from Virtual Private Cloud (VPC) peering and HA VPN to VPC spokes within Network Connectivity Center.

When your hub is configured for mesh topology and you migrate to VPC spokes, the topology resulting from the migration is a full mesh topology, which means that every VPC spoke is connected to every other VPC spoke. Your starting topology might be different from the final mesh topology because mesh topology establishes additional connectivity.

Migrate from VPC peering

For existing brownfield hub-and-spoke network topology deployments with Virtual Private Cloud (VPC) peering, migrating directly to VPC spokes can cause disruption to existing sessions. If you attempt to configure a VPC network pair as spokes, the Network Connectivity Center hub detects the existing VPC peering and generates an error.

We recommend the following two migration options:

Migrate with downtime of existing VPC peering sessions
Migrate with zero downtime by using HA VPN

Migrate with downtime of existing VPC peering sessions

If your organization can support a change management window that disrupts VPC-to-VPC communication for a brief window of time, follow these steps.

Schedule a downtime for the migration process.
Delete existing VPC peering.
Configure VPCs as Network Connectivity Center spokes. This enables full mesh connectivity.

Network Connectivity Center ensures that between any pair of VPC networks, there is no existing peering connection.

Migrate with zero downtime by using HA VPN

If your business cannot afford downtime, start your migration by following these steps.

Configure a new HA VPN between two peered VPC networks, for example VPC1 and VPC2.
Delete the existing VPC Network Peering between VPC1 and VPC2. During this time, packets traverse the HA VPN tunnels and inter-VPC connectivity is sustained.
Configure the two VPCs, VPC1 and VPC2, as Network Connectivity Center spokes. For detailed instructions about how to create a VPC spoke, see Propose a spoke. This enables full mesh connectivity.
Delete the HA VPN tunnels.

Migrate from HA VPN

If you are an existing customer using HA VPN tunnels to enable inter-VPC communication, there are two migration patterns available that depend on your existing deployment. Start by determining if the Cloud VPN tunnels are configured as Network Connectivity Center hybrid spokes or standalone HA VPN tunnels.

If the existing Cloud VPN tunnels are configured as Network Connectivity Center hybrid spokes and you have an existing Network Connectivity Center hub, Hub1, that you want to migrate, follow these steps.

Note: There is a traffic disruption between steps 2 and 3.
1. Create a new Network Connectivity Center hub, Hub2, to support inter-VPC communication.
2. Delete the existing Network Connectivity Center hub, Hub1, where the Cloud VPN tunnels are configured to hybrid spokes.
  
  For information about how to delete hubs and spokes, see Work with hubs and spokes.
3. Add the VPC network to the new hub.
4. Delete the HA VPN tunnels.
If the existing HA VPN tunnels are not configured as Cloud VPN hybrid spokes, follow these steps.

Note: There is no traffic disruption when HA VPN tunnels are not configured as Cloud VPN hybrid spokes.

What's next

To create hubs and spokes, see Work with hubs and spokes.
To view a list of partners whose solutions are integrated with Network Connectivity Center, see Network Connectivity Center partners.
To find solutions for common issues, see Troubleshooting.
To get details about API and gcloud commands, see APIs and reference.