SHYAM PANDEY's blog

VIRTUAL MACHINES AND NETWORKS IN CLOUD #GCPday6

SHYAM PANDEY's photo
SHYAM PANDEY
·

6 min read

Table of contents

Now we will explore how Google Compute Engine works with a focus on virtual networking.

VPC and Networking

\>>>Many users start with Google Cloud by defining their own virtual private cloud inside their first Google Cloud project or by starting with the default virtual private cloud. But they dont have idea about what is it. ? so let's see it.

what is a virtual private cloud(vpc)

virtual private cloud:- A virtual private cloud, or VPC, is a secure, individual, private cloud-computing model hosted within a public cloud – like Google Cloud, On a VPC, customers can run code, store data, host websites, and do anything else they could do in an ordinary private cloud, but this private cloud is hosted remotely by a public cloud provider.

\>>> VPCs combine the scalability and convenience of public cloud computing with the data isolation of private cloud computing.

\>>>VPC networks connect Google Cloud resources to each other and to the internet. This includes segmenting networks, using firewall rules to restrict access to instances, and creating static routes to forward traffic to specific destinations.

\>>>Google VPC networks are global. They can also have subnets, which is a segmented piece of the larger network, in any Google Cloud region worldwide.

\>>>Subnets can span the zones that make up a region. This architecture makes it easy to define network layouts with global scope. Resources can even be in different zones on the same subnet.

\>>>The size of a subnet can be increased by expanding the range of IP addresses allocated to it, and doing so won’t affect virtual machines that are already configured.

For example, let’s take a VPC with one network that currently has one subnet defined in Google Cloud’s us-east1 region. If the VPC has two Compute Engine VMs attached to it, it means they’re neighbors on the same subnet even though they’re in different zones.

COMPUTE ENGINE

Compute engine is an infrastructure as a service, or IaaS solution of the Google Cloud.

\>>> With Compute Engine, users can create and run virtual machines on Google infrastructure. There are no upfront investments, and thousands of virtual CPUs can run on a system that’s designed to be fast and to offer consistent performance.

\>>> Each virtual machine contains the power and functionality of a full-fledged operating system.

\>>>This means a virtual machine can be configured much like a physical server: by specifying the amount of CPU power and memory needed, the amount and type of storage needed, and the operating system.

\>>> A virtual machine instance can be created via the Google Cloud console, which is a web-based tool to manage Google Cloud projects and resources, the Google Cloud CLI, or the Compute Engine API.

\>>>The instance can run Linux and Windows Server images provided by Google or any customized versions of these images. You can also build and run images of other operating systems and flexibly reconfigure virtual machines.

\>>>A quick way to get started with Google Cloud is through the Cloud Marketplace, which offers solutions from both Google and third-party vendors. With these solutions, there’s no need to manually configure the software, virtual machine instances, storage, or network settings, although many of them can be modified before launch if that’s required.

\>>> Most software packages in Cloud Marketplace are available at no additional charge beyond the normal usage fees for Google Cloud resources. Some Cloud Marketplace images charge usage fees, particularly those published by third parties, with commercially licensed software, but they all show estimates of their monthly charges before they’re launched.

SPOT VM:

\>>>A Preemptible or Spot VM is different from an ordinary Compute Engine VM in only one respect: Compute Engine has permission to terminate a job if its resources are needed elsewhere. Although savings are possible with preemptible or spot VMs, you'll need to ensure that your job can be stopped and restarted.

\>>>Spot VMs differ from Preemptible VMs by offering more features. For example, preemptible VMs can only run for up to 24 hours at a time, but Spot VMs do not have a maximum runtime. However, the pricing is, currently the same for both.

\>>>In terms of storage, Compute Engine doesn’t require a particular option or machine type to get high throughput between processing and persistent disks.That’s the default, and it comes to you at no extra cost. And finally, you’ll only pay for what you need with custom machine types.

\>>>Compute Engine lets you choose the machine properties of your instances, like the number of virtual CPUs and the amount of memory, by using a set of predefined machine types or by creating your own custom machine types.

Scaling Virtual Machines

As we know that with Compute Engine, you can choose the most appropriate machine properties for your instances, like the number of virtual CPUs and the amount of memory, by using a set of predefined machine types, or by creating custom machine types.

\>>>To do this, Compute Engine has a feature called Autoscaling, where VMs can be added to or subtracted from an application based on load metrics.

\>>>>The other part of making that work is balancing the incoming traffic among the VMs. Google’s Virtual Private Cloud (VPC) supports several different kinds of load balancing.

\>>>With Compute Engine, you can in fact configure very large VMs, which are great for workloads such as in-memory databases and CPU-intensive analytics, but most Google Cloud customers start off with scaling out, not up.

\>>>The maximum number of CPUs per VM is tied to its “machine family” and is also constrained by the quota available to the user, which is zone-dependent.

Important VPC compatibilities

Some of the most important Virtual Private Cloud compatibility features aare discussed below.

\>>>Much like physical networks, VPCs have routing tables. VPC routing tables are built-in so you don’t have to provision or manage a router. They’re used to forward traffic from one instance to another within the same network, across subnetworks, or even between Google Cloud zones, without requiring an external IP address.

\>>>Another thing you don’t have to provision or manage for Google Cloud is a firewall. VPCs provide a global distributed firewall, which can be controlled to restrict access to instances through both incoming and outgoing traffic. Firewall rules can be defined through network tags on Compute Engine instances, which is really convenient.

\>>>For example, you can tag all your web servers with, say, “WEB,” and write a firewall rule saying that traffic on ports 80 or 443 is allowed into all VMs with the “WEB” tag, no matter what their IP address happens to be.

\>>> We know that VPCs belong to Google Cloud projects, but in case we have multiple Google Cloud projects in our organization and, the VPCs need to talk to each other. It can be achieved through VPC peering and IAM.

\>>>With VPC Peering, a relationship between two VPCs can be established to exchange traffic. Alternatively, to use the full power of Identity Access Management (IAM) to control who and what in one project can interact with a VPC in another, you can configure a Shared VPC.