Cant create a VM within the ILB network: Subnetwork must have purpose=PRIVATE.

[palladius]

gcloud compute instances create sol0-pvt-connect --zone=$REGION-b \
    --machine-type=e2-small --network-interface=subnet=dmarzi-proxy,no-address \
    --maintenance-policy=MIGRATE --provisioning-model=STANDARD --service-account=$PROJECT_NUMBER-compute@developer.gserviceaccount.com \
    --scopes=https://www.googleapis.com/auth/devstorage.read_only,https://www.googleapis.com/auth/logging.write,https://www.googleapis.com/auth/monitoring.write,https://www.googleapis.com/auth/servicecontrol,https://www.googleapis.com/auth/service.management.readonly,https://www.googleapis.com/auth/trace.append \
    --tags=http-server,https-server \
    --create-disk=auto-delete=yes,boot=yes,device-name=sol0-pvt-connect,image=projects/ubuntu-os-cloud/global/images/ubuntu-minimal-2204-jammy-v20220712,mode=rw,size=100,type=projects/cicd-platinum-test002/zones/europe-west1-b/diskTypes/pd-balanced \
    --no-shielded-secure-boot --shielded-vtpm --shielded-integrity-monitoring --reservation-affinity=any
# ERROR: (gcloud.compute.instances.create) Could not fetch resource:
# - Subnetwork must have purpose=PRIVATE.

[palladius]

I don't understand how to work around this.
The dmarzi proxy is created by this command in script 11:

     gcloud compute networks subnets create "dmarzi-proxy" \
     --range='192.168.0.0/24' # changed after dmarzi-proxy rename..

[palladius]

I've tried in different ways, enabling private access in the network (still doesn't work).

Daniel says I don't need to create a VM within that proxy subnet (which seems impossible).
I've created another subnet and created a VM within it, but I can't seem to be able to ping or curl80 the IP I'm given by the frontend part of ILB. (172.0.0.9):

$ ping 10.172.0.9
$ curl http://10.172.0.9:80/

=> both timeout

[palladius]

I'm tempted of just abandoning the ILB solution unless Daniel find a good workaround for this.