GCPNET - Networking in Google Cloud Platform

I. Overview:

This 2-day instructor-led course gives participants a broad study of networking options on Google Cloud Platform. Through presentations, demonstrations, and hands-on labs, participants explore and deploy GCP networking technologies, such as Google Virtual Private Cloud (VPC) networks, subnets, firewalls; interconnection among networks; load balancing; Cloud DNS; Cloud CDN; Cloud NAT. The course will also cover common network design patterns and automated deployment using Deployment Manager or Terraform.

II. Duration: 2 days

III. Objectives

  • Configure Google VPC networks, subnets, and routers. Control administrative access to VPC objects.
  • Control network access to endpoints in VPCs.
  • Interconnect networks among GCP projects.
  • Interconnect networks among GCP VPC networks and on-premises or other-cloud networks.
  • Choose among GCP load balancer and proxy options and configure them.
  • Use Cloud CDN to reduce latency and save money.
  • Optimize network spend using Network Tiers.
  • Configure Cloud NAT or Private Google Access to provide instances without public IP addresses access to other services.
  • Deploy networks declaratively using Cloud Deployment Manager or Terraform.
  • Design networks to meet common customer requirements.
  • Configure monitoring and logging to troubleshoot networks problems.

IV. Intended Audience

  • Network engineers and Admins who are either using Google Cloud Platform or are planning to do so
  • Individuals who want to be exposed to software-defined networking solutions in the cloud

V. Prerequisites

  • Completed Google Cloud Platform Fundamentals: Core Infrastructure or have equivalent experience.
  • Prior understanding of the 7 layer OSI model.
  • Prior understanding of IPv4 addressing.
  • Prior experience with managing IPv4 routes.

VI.  Outline

Module 1: Google Cloud VPC Networking Fundamentals

  • Recall that networks belong to projects.
  • Explain the differences among default, auto, and custom networks.
  • Create networks and subnets.
  • Explain how IPv4 addresses are assigned to Compute Engine instances. Publish domain names using Google Cloud DNS.
  • Create Compute Engine instances with IP aliases.
  • Create Compute Engine instances with multiple virtual network interfaces.

Module 2: Controlling Access to VPC Networks

  • Outline how IAM policies affect VPC networks.
  • Control access to network resources using service accounts.
  • Control access to Compute Engine instances with tag-based firewall rules.

Module 3: Sharing Networks across Projects

  • Outline the overall workflow for configuring shared VPC.
  • Differentiate between the IAM roles that allow network resources to be managed.
  • Configure peering between unrelated VPC networks.
  • Recall when to use Shared VPC and when to use VPC Network Peering.

Module 4: Load Balancing

  • Recall the various load balancing services.
  • Configure Layer 7 HTTP(S) load balancing. Whitelist and blacklist IP traffic with Cloud Armor. Cache content with Cloud CDN.
  • Explain Layer 4 TCP or SSL proxy load balancing.
  • Explain regional network load balancing.
  • Configure internal load balancing.
  • Recall the choices for enabling IPv6 Internet connectivity for GCP load balancers.
  • Determine which GCP load balancer to use when.

Module 5: Hybrid Connectivity

  • Recall the GCP interconnect and peering services available to connect your infrastructure to GCP.
  • Explain Dedicated Interconnect and Partner Interconnect.
  • Describe the workflow for configuring a Dedicated Interconnect.
  • Build a connection over a VPN with Cloud Router.
  • Determine which GCP interconnect service to use when.
  • Explain Direct Peering and Partner Peering.
  • Determine which GCP peering service to use when.

Module 6: Networking Pricing and Billing

  • Recognize how networking features are charged for.
  • Use Network Service Tiers to optimize spend.
  • Determine which Network Service Tier to use when.
  • Recall that labels can be used to understand networking spend.

Module 7: Network Design and Deployment

  • Explain common network design patterns.
  • Configure Private Google Access to allow access to certain Google Cloud services from VM instances with only internal IP addresses.
  • Configure Cloud NAT to provide your instances without public IP addresses access to the internet.
  • Automate the deployment of networks using Deployment Manager or Terraform.
  • Launch networking solutions using Cloud Marketplace.

Module 8: Network Monitoring and Troubleshooting

  • Configure uptime checks, alerting policies and charts for your network services.

Use VPC Flow Logs to log and analyze network traffic behavior.

  • Học trực tuyến

  • Học tại Hồ Chí Minh

  • Học tại Hà Nội

Các khóa học khác