Course overview
This two-day instructor-led class gives participants broad study of networking options on Google Cloud. Through a combination of presentations, demonstrations, and hands-on labs, participants explore and deploy Google Cloud networking technologies, such as Google Virtual Private Cloud (VPC) networks, subnets, firewalls; interconnection among networks; load balancing; Cloud DNS; Cloud CDN; Cloud NAT. The course will also cover common network design patterns and automated deployment using Deployment Manager or Terraform.
Learning outcomes
This course teaches participants the following skills:
- Configurer des réseaux, sous-réseaux et routeurs Google VPC
- Déployer des réseaux de façon déclarative à l’aide de Cloud Deployment Manager ou Terraform
- Créer des réseaux afin de répondre aux exigences communes des clients
- Configurer la surveillance et la journalisation afin de résoudre les problèmes réseau
- Contrôler l’accès administrateur aux objets VPC
- Contrôler l’accès réseau aux points de terminaison dans les VPC
- Interconnecter des réseaux entre des projets GCP
- Interconnecter des réseaux entre les réseaux VPC GCP et les réseaux sur site ou dans d’autres clouds
- Choisir et configurer les options d’équilibrage de charge et de proxy GCP
- Réduire la latence et réaliser des économies à l’aide de Cloud CDN
- Optimiser les dépenses associées au réseau à l’aide des niveaux de réseau
- Configurer Cloud NAT ou l’accès privé à Google pour autoriser des instances sans adresses IP publiques à accéder à d’autres services
Prerequisites
To get the most out of this course, participants should have:
- Avoir suivi le cours Architecting with Google Compute Engine ou un cours équivalent à la demande
- Connaissance et expérience pratique de GCP et du cloud computing
Target audience
This course is intended for the following participants:
This class is intended for network engineers and network admins that are either using Google Cloud or are planning to do so. The class is also for individuals that want to be exposed to software-defined networking solutions in the cloud.
Course Outline
The course includes presentations, demonstrations, and hands-on labs.
Module 1: Google Cloud VPC Networking Fundamentals
Recall that networks belong to projects. Explain the differences among default, auto, and custom networks. Create networks and subnets. Explain how IPv4 addresses are assigned to Compute Engine instances. Publish domain names using Google Cloud DNS. Create Compute Engine instances with IP aliases. Create Compute Engine instances with multiple virtual network.
Module 2: Controlling Access to VPC Networks
Outline how IAM policies affect VPC networks. Control access to network resources using service accounts. Control access to Compute Engine instances with tag-based firewall rules.
Module 3: Sharing Networks across Projects
Outline the overall workflow for configuring Shared VPC. Differentiate between the IAM roles that allow network resources to be managed. Configure peering between unrelated VPC Networks. Recall when to use Shared VPC and when to use VPC Network Peering.
Module 4: Load Balancing
Recall the various load balancing services. Configure Layer 7 HTTP(S) load balancing. Whitelist and blacklist IP traffic with Cloud Armor. Cache content with Cloud CDN. Explain Layer 4 TCP or SSL proxy load balancing. Explain regional network load balancing. Configure internal load balancing. Recall the choices for enabling IPv6 Internet connectivity for Google Cloud load balancers. Determine which Google Cloud load balancer to use when.
Module 5: Hybrid Connectivity
Recall the Google Cloud interconnect and peering services available to connect your infrastructure to Google Cloud. Explain Dedicated Interconnect and Partner Interconnect. Describe the workflow for configuring a Dedicated Interconnect. Build a connection over a VPN with Cloud Router. Determine which Google Cloud interconnect service to use when. Explain Direct Peering and Partner Peering. Determine which Google Cloud peering service to use when.
Module 6: Networking Pricing and Billing
Recognize how networking features are charged for. Use Network Service Tiers to optimize spend. Determine which Network Service Tier to use when. Recall that labels can be used to understand networking spend.
Module 7: Network Design and Deployment
Explain common network design patterns. Configure Private Google Access to allow access to certain Google Cloud services from VM instances with only internal IP addresses. Configure Cloud NAT to provide your instances without public IP addresses access to the internet. Automate the deployment of networks using Deployment Manager or Terraform. Launch networking solutions using Cloud Marketplace.
Module 8: Network Monitoring and Troubleshooting
Configure uptime checks, alerting policies and charts for your network services. Use VPC Flow Logs to log and analyze network traffic behavior.