Showing posts with label Virtual Networks. Show all posts
Showing posts with label Virtual Networks. Show all posts
Cloud Based Virtual Networks
While discussing the implementation of cloud infrastructure we touched on the base of core infrastructure that will need to be provisioned in the cloud in order to begin your migration or greenfield cloud deployment. The core infrastructure required is cloud storage, compute resource and virtual networks. Today we will be going into virtual networks in more depth.
Virtual Networks
As previously discussed virtual networks are absolutely vital to understand in order to correctly provision and deploy cloud resources. These virtual networks are used to connect, segment and link your cloud based resources as well as on premises networks.
Virtual network segmentation is completed with the use of subnets. These subnets are used to seperate various cloud based networks using different IP ranges. These are seperate networks that can be used for different functions, for example the front end and back end tier of an application.
Another aspect to understand is the use of firewalls within these virtual networks. Traditionally a firewall is used on premises between the internal network and external network (internet). In cloud services a firewall is used in the same way but also internally, so you are able to secure internal as well as external networks and applications.
As mentioned above another incredibly important aspect of cloud based virtual networks is the ability to connect to your on premises environment. This is valuable in order to build and architect hybrid cloud solutions. This can be achieved by using direct ISP based links that bypass the public internet to keep things internally secure and fast or via VPN tunnels.
Cloud Platforms
There are some differences between the different cloud providers but basically cloud based virtual networks are quite similar and perform reasonably the same function. In Azure you get Virtual Networks which are the base of your cloud based network infrastructure and in Google Cloud Platform you get Virtual Private Cloud Networks (VPC's) both offer a few different features so its always important to read the relevant documentation and use a trial account to test for your specific requirements.
To sum up though you need to brush up on your general network skills (get out the Network+ manual) before planning your cloud based networks and I highly recommend some courses in the cloud platform you are looking into going with. There are literally loads of in depth free video courses available on any platform to learn the necessary skills.
Training
Please see below Coursera GCP and Pluralsight Azure on demand courses:
https://www.coursera.org/specializations/gcp-architecture
https://www.pluralsight.com/courses/planning-designing-microsoft-azure-network-solutions?twoid=e7d045ab-0691-4def-896a-8db6cb74790b&aid=7010a000001xDURAA2
Implementing Cloud Infrastructure
To break it down this is very comparable to on premises infrastructure as when looking to physical storage, physical servers, virtualisation, virtual networks and virtual machines. The cloud reduces the need have the physical infrastructure in place. You are able to utilise this on a pay per use model in any of the public cloud providers for example Google Cloud Platform or Microsoft Azure. You are charged for what you use which is great!
Virtual Networks
After activating your cloud subscription you can begin setting up your virtual network. This has different names depending on what provider you are using i.e in Microsoft Azure its called Virtual Networks and in Google Cloud Platform its called Virtual Private Cloud Networks (VPC's) Basically these are similar ways to perform network segmentation in the cloud based on virtualised networks. Subnets are used to segment these virtual networks or VPC's. You are also able to integrate load balancers and firewalls:
Within these virtual networks you can isolate specific services, i.e virtual machines, you can implement load balancers as well as connect networks from different regions togeather. You are also able to implement security with firewall's across these virtual networks both internally and externally. Another feature of virtual networks is the ability to connect them with your existing on premises networks. There are various methods available in order to achieve this as in a direct Interconnect (GCP) or Express Route (Azure) link from your site to the applicable cloud provider. Another way do to this is be using secure encrypted VPN tunnels:
Cloud Storage
Cloud Storage is absolutely critical as this is where all of your resources will be stored in the cloud. I have previously written about cloud storage if you would like to read further:
In the context of this article we will be referencing more towards storage of infrastructure like virtual machine files, virtual machine disks and general file storage. These will be the locations where your compute workloads will be stored when created. There are various different types of storage but for virtual machines you will look at options like HDD or SSD depending on workload. Google GCP has persistent disks and Azure has managed disks for VM's. http://www.ruckcloud.ml/2018/04/lets-talk-about-managed-disks.html
Compute
The compute layer is all about the computing resources that you will be utilising. This is based on virtual machines in one form or the other. You can spin up traditional VM's one at a time with a large selection of different operating systems from Windows to Linux. These are called IaaS (Infrastructure as a Service) VM's. You can also leverage batch operation with automating a large number VM creation to achieve a large processing job for example. These VM's can automatically scale up and down based on load and you are only charged when they are in use. With IaaS you have direct control and management of your VM's.
You are also able to make use of virtual machines in PaaS (Platform as a Service) where you can immediately spin up app's for computing needs without the need of managing IaaS VM's. This is very handy for developers that are not too concerned with managing VM's.
In this article I have touched on the core base infrastructure required with cloud computing. These areas all go into much more depth but sometimes its nice to get a simple overview of what they are and how they work. This is really essential to understand when first looking into the cloud to either build new services or migrate your existing infrastructure.
Further information on cloud infrastructure is available at:
Subscribe to:
Posts (Atom)
