Scribd
Upload
60 views38 pages

Topology

Uploaded by

Mirna Attallah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
60 views38 pages

Topology

Uploaded by

Mirna Attallah
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

Google Cloud Networking

Services
Noha Bakry
Google Cloud Networking Overview
• Google Cloud networking is a comprehensive suite of networking
services to enable businesses to build, scale, and manage secure and
scalable network infrastructure in Google Cloud.
Google Cloud Networking Overview
• The network consists of:
• Region - Geographical location.
• Zones - Interconnected deployment centers within a region. Currently a region comprises
a minimum of three zones.
• Point of presence (PoP) - Connects public internet to Google Cloud. Provides services like
CDN, Media CDN.

Note : CDN can stand for content delivery network or content distribution
network.
[Link]
ork%20(CDN,network%20or%20content%20distribution%20network
.
Region VS Zones

• Resources that live in a zone are referred to as zonal resources.


• Virtual machine Instances and persistent disks live in a zone.
• To attach a persistent disk to a virtual machine instance, both resources must be in the same
zone. Similarly,
• if you want to assign a static IP address to an instance, the instance must be in the same region
as the static IP.
Google VPC
• Google Cloud VPC network is a foundational component of Google
Cloud's networking infrastructure.
• It allows you to create a logically isolated virtual network within the
Google Cloud, providing a private and secure environment for your
cloud resources.
• You can define your own IP address space, subnetworks, and routing
policies, giving you complete control over your network connectivity.
Key features of Google Cloud VPC
network:
• Private IP address space: Define your own private IP address range,
ensuring no overlap with other networks.
• Subnetwork: Divide your VPC into multiple subnets to organize and
segment your network resources.
• Customizable routing: Control how traffic flows within your VPC and
between VPCs.
• Firewall rules: Define firewall rules to filter incoming and outgoing
traffic, enhancing network security.
Example use cases of Google Cloud VPC
network:
• Hosting web applications and services: Create a VPC to isolate your web
applications from other resources and the public internet, enhancing security
and performance.
• Deploying microservices-based architectures: Utilize VPCs to segment
microservices and manage traffic flow between them, enabling scalability and
flexibility.
• Connecting on-premises networks: Establish secure connections between
your on-premises network and Google Cloud resources via Cloud VPN, or
Cloud Interconnect enabling hybrid cloud deployments.
• Creating a secure cloud environment for sensitive data: Using VPCs to isolate
and protect sensitive data from unauthorized access, ensuring data privacy
and compliance.
Test Your understanding
Test Your understanding
Test Your understanding
Google cloud Network services
Google Cloud network offers a suite of network services that empower users to
effectively control and optimize their network infrastructure. Some of these
include:
• Load Balancing: Distribute incoming traffic across multiple instances of an
application or service, ensuring high availability and scalability.
• Cloud DNS: Translate domain names into IP addresses, enabling users to access
websites and services seamlessly.
• Cloud CDN: Accelerate content delivery to users worldwide by caching content in
edge locations close to their devices.
• Cloud NAT: Enable instances within a private network to access the internet
without requiring public IP addresses, enhancing security and simplifying network
management.
Test Your understanding
Test Your understanding
Test Your understanding
Network connectivity
Google Cloud network connectivity solutions enable seamless connections
between on-premises networks, cloud resources, and other cloud providers.
These solutions include:
• Cloud VPN: Establish secure encrypted connections between on-premises
networks and VPCs, enabling hybrid cloud deployments.
• Cloud Interconnect: Provide high-bandwidth, low-latency connectivity between
on-premises networks and VPCs, ideal for mission-critical applications.
• Cross-Cloud Interconnect: Provides direct, high-bandwidth, low-latency
connectivity between Google Cloud and other cloud providers.
• Network Connectivity Center: Centralized logical hub for managing and
monitoring connection.
Test Your Understanding
Test Your Understanding
Network Security
Google Cloud network security solutions provide comprehensive protection against
network threats and vulnerabilities. These solutions include:
• Cloud Armor: Safeguard applications and websites against denial-of-service (DoS)
attacks, OWASP top 10 and other malicious traffic.
• Cloud IDS (Intrusion Detection System): Continuously monitor network traffic for
suspicious activity, enabling early detection of potential threats.
• Cloud Firewall: Define firewall rules to control incoming and outgoing traffic, preventing
unauthorized access and protecting against cyberattacks. These also provide advanced
capabilities such as Intrusion Prevention System (IPS) for Cloud Firewall Plus editions.

[Link]
[Link]
Test
Test
Cloud intelligence
Google Cloud Network Intelligence Center provides a comprehensive suite of tools for
monitoring, troubleshooting, and optimizing your network performance. These tools
include:
• Network Topology: Visualize the topology of your Virtual Private Cloud (VPC) networks
and their associated metrics, enabling you to identify and resolve connectivity issues.
• Connectivity Tests: Test network connectivity to and from your VPC network, ensuring
that your network is functioning properly and that your resources are accessible.
• Performance Dashboard: Monitor and visualize the performance of your Google Cloud
network and resources.
• Firewall Insights: Gain insights into firewall rules usage, identify misconfigurations, and
optimize your firewall rules to improve security and performance.
• Network Analyzer: Monitor network traffic and identify potential issues, such as high
latency, packet loss, and routing problems.
Test
Test
Network Service Tiers
Premium Tier:
• Global network with low latency: Leverage Google's high-performance global
network for global reach and consistent performance.
• High availability and scalability: Ensure continuous availability and seamless
scaling for mission-critical applications.
• Ideal for production workloads and demanding applications.
• Standard Tier:
• Regional network with cost-effectiveness: Utilize a regional network with lower
costs for less demanding workloads.
• Suitable for development, testing, and non-production environments.
• Choose Standard Tier for cost-sensitive scenarios.
Network Intelligence Center
• Is provided by google cloud to provides a single console for managing
Google Cloud network visibility, monitoring, and troubleshooting.
Network Intelligence Center Services
Network Topology Overview
• Network Topology is a visualization tool that shows the topology of
your network infrastructure.
• where the nodes and lines represent entities and connections in your
network.
How it Works?
• Network Topology collects real-time telemetry and configuration data
from Google's infrastructure to visualize your resources.
• It captures elements such as configuration information, metrics, and
logs to infer relationships between resources in a project or in
multiple projects.
• After collecting each element, Network Topology combines them to
generate a graph that represents your deployment.
Benefits
• View the topology of your deployments.
• You can use Network Topology graphs to understand your Google
Cloud infrastructure.
• Help you analyze the performance of your network..
• Use filters to help you highlight and focus on specific resources,
especially when you need to diagnose and troubleshoot issues.
• View cross-project metrics for network traffic.
• You can view insights for entities for further analysis and
troubleshooting.
Considerations
• You should consider the history that your network topology tool keep
track of it.
• Network Topology in google captures six weeks of history.
Resources and traffic
• A Network Topology graph shows your resources and traffic as entities
and connections.
• Network Topology aggregates related resources into hierarchical
entities, where each resource type has its own hierarchy.
• The following sections describe the resources (entities) and traffic
paths (connections) that Network Topology can graph.
Entities
• A base entity is the lowest level of a particular hierarchy and
represents a resource that can directly communicate with other
resources over a network, such as a VM instance or a GKE pod.
• GKE  Google Kubernetes Engine
VM Entities
GKE entities
Example
Example 2

You might also like