MultiCloud Classroom notes 24/Feb/2024

How does internet work in private networks

Network Adress Translation (NAT)

• NAT Servers are generally maintained by internet service providers
• NAT Server will be connected to public network and will have a public ip
• How NAT Works
  
  

Cloud Infrastructure

• Cloud providers will identify geographical locations called as Regions to host datacenters
• There are two widely adopted models
  • Regions with Availability Zones (AZ)
    
  • Regions with Datacenters directly
    
• AWS, GCP has all regions with AZ’s
• Azure has mix of Regions with Zones and Regions without Zones
• AWS Regions: Refer Here
• Azure regions: Refer Here
• Both AWS and Azure have created Back bone network, a duplex network created to connect all regions and other infra belonging to CSP
  • Azure Backbone Network
  • AWS Global Network
• There are some regions in us designed for government Gov-Cloud

Virtual Private cloud in AWS

• AWS has a service called as VPC (Virtual Private cloud) for creating and managing the private networks on AWS cloud
• In AWS we can create a private network that belongs to a single region
• Subnets will be belonging to AZ’s and the network can be attached to aws resources via subnets not vpc.

Lets create a vpc in hyderabad

• I need six subnets with names
  • web1 => az-a
  • web2 => az-b
  • web3 => az-c
  • db1 => az-a
  • db2 => az-b
  • db3 => az-c
• Every region in aws has a code <continent>-<direction>-<number>

ap-south-1 => mumbai
   Azs => ap-south-1a, ap-south-1b
ap-south-2 => hyderabad

• Network diagram
  
• Enable Hyderabad region if it is not enabled in your account.
• Open VPC from services
  
• AWS will have one vpc already existing in every region which is referred as default vpc.
  
• Lets create vpc
  
  
  
  
  
  
  
  
• AWS networks by default will not have internet access i.e. ec2 instances created in this vpc cannot be accessed from outside and ec2 cannot access internet.
• All the resources within vpc can communicated with each other by default

Virtual Network in Azure

• Azure has a service called as Virtual Networks for creating and managing the private networks on Azure cloud
• Any resource has to be part of resource group.
• Refer Here for quick start.
  
• In Azure a subnet also belongs to a region i.e. two resources can be in two different zone but in same subnet.
  
• Azure virtual network by default has
  • internet connectivity
  • all the internal communications are enabled by default.

Acessing AWS

• AWS Can be accesed over
  • browser using console
  • Terminal using AWS CLI
  • Code using SDK
    

Accessing Azure

• Azure can be accesed over
  • browsers using Portal
  • Terminal using Azure CLI and Azure Powershell
  • Code using SDK