GCP Classroom notes 23/Aug/2024

VPC Network Peering

  • Allows private connectivity across two vpcs while keeping them adminstratively seperated.
  • Peered VPCs can be in the same or different projects or even different organizations
  • To configure VPC peering we need Compute Network Admin Role
  • As done in the class, we have peered two vpcs by following steps
    • create a vpc-a
    • create a vpc-b
    • ensure subnet cidr ranges are not colliding between two vpcs
    • Create a necessary firewall rules to check connectivity
    • create a vpc peering connection from vpc-a to vpc-b
    • also create a vpc peering connection from vpc-b to vpc-c
    • now test the private ip communicate between two vpcs
  • Key Considerations:
    • Non – overlapping cidr ranges
    • Transitve peering is not supported
    • Firewall rules: Peered networks do not automatically allow traffic between each other, you must configure the firewall rules

Hybrid Networking

  • We will try to understand how you can create hybrid cloud by connecting your on-premises environment to GCP
  • To understand Hybrid networking, we need to understand site to site vpns
    Preview
  • Now lets try to see the options available to setup hybrid connectivity between GCP vpc and on-premises
    Preview
  • Options
    • Cloud Interconnect
    • Cloud VPN
  • We also need to understand about Cloud Router

Cloud Router

  • When two networking environments are connected, they need a way to inform their peers about the local subnets and route propagation should be automatic (when we add/delete subnets), Generally for these situations Border Gateway Protocol (BGP) is used to exchange routing informations
  • Cloud Router is a service of GCP that speaks the BGP Protocol in Google Cloud.
  • This is managed by Google, highly available service that advertises routest to vpc subnets via Cloud Interconnect or Cloud VPN

Cloud VPN

  • Overview
    Preview
  • A VPN Gateway is a regional resource that uses IPsec tunnels with IKE encryption to establish a secure communication over the internet
  • It uses a pre-shared key to encrypt traffic
  • Cloud VPN comes with external IP address that will be used to create tunnels over a public network

Cloud Interconnect

  • Like VPN, Cloud interconnect also enables communication based on internal or private ip addresses between workloads that are on-prem and created via vpc
  • The difference between VPN and interconnect is that interconnect uses a dedicated physical connection and offers higher throughput
  • Refer Here for colocation facilities and Refer Here for locations table

Published
Categorized as Uncategorized Tagged

By continuous learner

devops & cloud enthusiastic learner

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Social Network Integration by Acurax Social Media Branding Company

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Visit Us On FacebookVisit Us On LinkedinVisit Us On Youtube