Cloud Computing – II

05201345
 Mod-1
• Networking in the Cloud Introduction to
Networking in the Cloud, Defining a Virtual
Private Cloud, Public and Private IP Address
Basics, Routes and Firewall Rules in the Cloud,
Multiple VPC Networks, Building Hybrid
Clouds, Different Options of Load Balancing.
 Cloud Networking
• Cloud Networking is a service or science in which a
company’s networking procedure is hosted on a public
or private cloud.
• Cloud Computing is source management in which more
than one computing resources share an identical
platform and customers are additionally enabled to get
entry to these resources to a specific extent.
• Cloud networking in a similar fashion shares networking
however it gives greater superior features and network
features in the cloud with interconnected servers set up
under cyberspace.
 What Is Cloud Networking?
• Cloud Networking refers to the infrastructure
and processes in the cloud computing
environment that are involved in connecting
and managing the network resources.
• It includes the design, deployment, and
optimization of networks facilitating
communication and data transfer between
various services hosted on cloud platforms.
 Cont.,

• It involves implementing virtualized

networking technologies, such as
virtual private clouds (VPCs), software-defined
networking (SDN), and load balancing, to
ensure reliable connectivity, efficient resource
utilization
Cloud Networking
 Cloud Networking Basics
• Virtualization: Usage of virtualized networking technologies for creating
virtual networks, subnets, and network interfaces, enablies flexible resource
allocation and isolation.
• Software-Defined Networking (SDN): It implements SDN principles for
central managing of networks and automate the network configurations
improving agility and scalability.
• Virtual Private Clouds (VPCs): VPCs facilitates in creating isolated network
environments within the cloud, allowing organizations to define their own IP
address ranges, subnets and route tables for enhancing security and control.
• Monitoring and Optimization:On usage of network monitoring tools and
performance optimization techniques it helps in monitor network traffic,
identify bottlenecks, and optimize resource utilization for improved
efficiency and cost-effectiveness.
• Load Balancing: Load Balancing helps in distributing incoming network
traffic across multiple servers or instances to ensure optimal performance,
scalability, and fault tolerance.
Virtual Private Cloud
 VPC
• A virtual private cloud (VPC) is a secure,
isolated private cloud hosted within a
public cloud. VPC customers can run code,
store data, host websites, and do anything
else they could do in an ordinary private
cloud, but the private cloud is hosted remotely
by a public cloud provider.
What is a public cloud?
What is a private cloud?
 Public cloud
• A public cloud is shared cloud infrastructure.
Multiple customers of the cloud vendor access
that same infrastructure, although their data
is not shared – just like every person in a
restaurant orders from the same kitchen, but
they get different dishes. Public cloud service
providers include AWS, Google Cloud
Platform, and Microsoft Azure, among others.
 Private cloud
• A private cloud, however, is single-tenant. A
private cloud is a cloud service that is
exclusively offered to one organization. A
virtual private cloud (VPC) is a private cloud
within a public cloud; no one else shares the
VPC with the VPC customer.
Public and Private IP Address Basic
 Routes and Firewall Rules in the Cloud

• Virtual Private Cloud (VPC) firewall rules apply to a

given project and network. If you want to apply
firewall rules to multiple VPC networks in an
organization, see Firewall policies. The rest of this
page covers VPC firewall rules only.
• VPC firewall rules let you allow or deny connections
to or from virtual machine (VM) instances in your
VPC network. Enabled VPC firewall rules are always
enforced, protecting your instances regardless of
their configuration and operating system, even if
they have not started up.
 Firewall rules in Google Cloud

• Google Cloud blocks or limits certain traffic. For more

information, see Blocked and limited traffic.
• Google Cloud always allows communication between a
VM instance and its corresponding metadata server
at 169.254.169.254. For more information, see
always allowed traffic.
• Every network has two implied firewall rules that
permit outgoing connections and block incoming
connections. Firewall rules that you create can override
these implied rules.
• The default network is pre-populated with firewall rules
that you can delete or modify.
 Fire wall Specifications
VPC firewall rules have the following characteristics:

• Each firewall rule applies to incoming (ingress) or outgoing (egress)

connections, not both. For more information, see
direction of connection.
• Firewall rules support IPv4 connections. IPv6 connections are also
supported in VPC networks that have IPv6 enabled. When specifying a
source or destination for an ingress or egress rule by address, you can
specify IPv4 or IPv6 addresses or blocks in CIDR notation.
• Each firewall rule can contain either IPv4 or IPv6 ranges, but not both.
• Each firewall rule's action is either allow or deny. The rule applies to
connections as long as it is enforced. For example, you can disable a
rule for troubleshooting purposes.
• When you create a firewall rule, you must select a VPC network.
While the rule is enforced at the instance level, its configuration is
associated with a VPC network. This means that you cannot share
firewall rules among VPC networks, including networks connected by
VPC Network Peering or by using Cloud VPN tunnels.
 Multiple VPC Networks

• Virtual Private Cloud (VPC) networks allow you to

maintain isolated environments within a larger
cloud structure, giving you granular control over
data protection, network access, and application
security.
• create several VPC networks and VM instances,
then test connectivity across networks.
Specifically, you create two custom mode
networks (managementnet and privatenet) with
firewall rules and VM instances as shown in this
network diagram:
Multiple VPC Networks | Google Cloud Skills B
oost
 Building Hybrid Clouds

• A hybrid cloud is a mixed computing

environment where applications are run using
a combination of computing, storage, and
services in different environments—public
clouds and private clouds, including on-
premises data centers or “edge” locations.
Hybrid cloud computing approaches are
widespread because almost no one today
relies entirely on a single public cloud.
 Hybrid cloud examples

• The most common hybrid cloud example is to

use public cloud with private cloud services
and on-premises infrastructure.
• A hybrid cloud could combine a public cloud
and a private cloud running on-premises or on
the edge. It could also combine a public cloud
with another public cloud (a.k.a., multicloud).
 How does a hybrid cloud work?

• Hybrid clouds work by combining the resources and

services from two or more separate computing
environments. Hybrid cloud architectures require
integration, orchestration, and coordination so you
can share, shift, and synchronize information
quickly.
• Strong hybrid cloud networking is critical for a
hybrid cloud deployment to function correctly.
Interconnectivity between environments is typically
established using a local area network (LAN), wide
area network (WAN), virtual private network (VPN),
and application programming interfaces (APIs).
What is a hybrid cloud approach used for?
• Modernize at your own pace. With a hybrid cloud you can migrate
applications to the cloud at the pace that makes sense for your business
and transform your technical infrastructure over time.
• Maintain regulatory compliance. Many industries have rules
surrounding where your app can operate. Hybrid can help you use
private and public clouds while adhering to any regulatory requirements.
• Running apps on-premises. You may have regulated applications that
need to remain on-premises or mainframe systems that are difficult to
move to the cloud.
• Running apps at remote edge locations. If you are operating in
industries that demand edge hybrid computing for low latency, such as
kiosks in retail or networks in telecom, a hybrid approach lets you run
select apps at the edge.
 Build A hybrid Cloud
• Assessment and Planning
• Integration and Connectivity
• Data Management
• Security and Compliance
• Monitoring and Management
• Application Modernization
• Training and Support
• Testing and Validation
• Scalability and Flexibility:
 Assessment and Planning

Evaluate Needs: Determine which workloads or

data are suitable for the cloud and which must
remain on-premises due to regulatory,
performance, or other constraints.
Cloud Provider Selection: Choose cloud
providers that meet your requirements,
considering factors like security, compliance,
pricing, and services offered.
 Integration and Connectivity

• Networking: Establish secure and reliable

connectivity between on-premises infrastructure
and the cloud. This often involves VPNs, direct
connections (e.g., AWS Direct Connect, Azure
ExpressRoute), or SD-WAN solutions.
• Identity and Access Management (IAM):
Implement unified IAM across both
environments to ensure consistent access
controls and security policies.
 Data Management

• Data Synchronization: Set up mechanisms to

synchronize data between on-premises
systems and the cloud, ensuring data
consistency and integrity.
• Backup and Recovery: Implement backup and
disaster recovery strategies that encompass
both on-premises and cloud-based resources.
 Security and Compliance

• Security Controls: Implement a unified

security framework that covers both on-
premises and cloud environments, including
encryption, firewalls, and monitoring.
• Compliance: Ensure compliance with relevant
regulations and standards, considering data
residency requirements and privacy laws.
 Monitoring and Management
• Unified Management Tools: Utilize tools that
provide a single pane of glass for managing
both on-premises and cloud resources.
• Monitoring and Optimization: Continuously
monitor performance and costs, optimizing
resource usage across hybrid environments.
 Application Modernization

• Cloud-native Development: Adapt

applications for cloud deployment where
feasible, leveraging cloud-native services for
scalability and agility.
• Containerization: Containerize applications
using technologies like Docker and Kubernetes
for consistent deployment across
environments.
 Training and Support

• Staff Training: Ensure IT teams are trained in

hybrid cloud technologies and best practices.
• Vendor Support: Establish support
agreements with cloud providers and other
vendors to address technical issues promptly.
 Testing and Validation

• Pilot Projects: Conduct pilot projects to

validate the hybrid cloud architecture before
full deployment.
• Performance Testing: Test the performance
and resilience of applications and data under
various scenarios.
 Scalability and Flexibility:

• Elasticity: Leverage the scalability of cloud

resources to handle fluctuating workloads
seamlessly.
• Hybrid Cloud Strategy: Develop a roadmap for
scaling the hybrid cloud environment based on
business growth and evolving technology trends.