Skip to content

Latest commit

 

History

History
547 lines (331 loc) · 20 KB

course_2_Essential_Cloud_Infrastructure__Foundation.md

File metadata and controls

547 lines (331 loc) · 20 KB

Essential Cloud Infrastructure: Foundation

In this module we introduce the Architecting with Google Compute Engine specialization.

This specialization is defined for cloud solution architects, DevOps engineers, and anyone who's interested in using GCP, to create new solutions or to integrate existing systems, application environments, and infrastructure with a focus on Compute Engine.

Content

Module 1: Introduction to GCP

In this module, we will provide you with an introduction to GCP by building on what you learned about the GCP infrastructure from the course introduction.

GCP infrastruture

GCP_services_continuum.png

Analogy of infrastructure and applications:

Analogy_infrastruture.png

4 parts covering the Cloud infrastructure:

  1. Foundation of essential infrastructure: the basic technologies.
  2. The Core Services: the building blocks of the essential infrastructure.'
  3. The Augmented infrastruture: the systems built on top of the essential infrastructure, for scaling and automation.
  4. The application infrastructure: consisted of containers and services specifically provided to make application development easy.

GCP_cloud_infrastructure_domains.png

Using GCP

Ways to interact with GCP

  1. The GCloud console (http:://console.cloud.google.com)
  2. The Google Cloud SDK to use gcloud in a terminal window
  3. CloudShell: a browser-based terminal environment for GCP, accessible from the GCP console.

3_ways_to_interact_with_GCP.png

Working with other client libraries:

GCP_client_libraries.png

Lab 1: Console and Cloud Shell

Projects

video

Lab 2: Infrastructure Preview (Jenkins with Cloud Deployment Manager in no time)

video

Module 2: Virtual Networks

In this module, we start by introducing Virtual Private Cloud (VPC) which is Google’s managed networking functionality for your Cloud Platform resources. Then we dissect networking into its fundamental components, which are:

Projects, networks, and subnetworks

video

Example_5_networks_and_interconnections.png

Example_5_networks_and_interconnections_regions_and_zones.png

Example_5_subnetworks_managing_resources.png

IP addresses

video

IP_addresses.png

External_IP_addresses_always_mapped_to_internal_IP_Addresses.png

In case of restart, the internal IP address may change, but the DNS system points to instances which keep the external IP address unchanged.

Routes and Firewall Rules

video

A route is a mapping of an IP range to a destination.

Network Billing

video

Lab 1: Virtual Networking

Compare and explore a complex GCP network structure.

  • you build a complex network topology

lab_network_diagram.png

  • you will launch VMs in varius network/sub-networks

lab_network_launch_VMs_in_various_networks.png

  • you will ping VMs accross the networks

lab_network_ping_various_part_of_network.png

lab. details

Common network designs

video

How these elements work together:

  • projects
  • networks
  • subnetworks
  • regions
  • zones

In short, they provide a rich set of:

  • alternatives for managing groups of resources with varying availability
  • and access control requirements.

So you can work globally or work at a very granular level if you want/need to.

Need of increased Availability

networking_availability.png

Globalization: Need of increased isolation against software/hardware failures

networking_globalization.png

Resources in differents regions/networks/projects & VPC Network Peering

  • Region/Network/Proect isolated services >>> preventing compromised of one part from spreading to other parts.
  • VPC Network Peering >>> Allows these services can still communicate over a private address space.

networking_globalization_different_subnets.png

Management Separation (different projects, within same zone)

VMs isolated into separate projects, but within the same zone, useful for Identity and Access Management.

You can assign different people to different roles (for management separation) for each project, limiting the access to the network they need access to.

networking_project_management.png

This allows granular access management per sub-project for a better access control,

But remember than a network can NOT span Projects... so the projects NEED to communicate via the internet!

Bastion host isolation

networking_bastion_host_isolation.png

NAT Gateway host isolation

Let's one network/project/"VM instance" to not access internet. Therefore this allows Instance 1 to communicate with another instance on a separate network via the gateway.

The two networks do not have to be in the same project for this design to work.

networking_NAT_gateway_host_isolation.png

Lab 2: Bastion Host

Removing the connection to the internet of a webserver meant to deliver services only to a corporate audience.

lab_network_bastion_host.png

lab notes

There are other security alternatives to provide routine administration access to web server like using Cloud VPN, which is covered in a later course of this specialization.

Module 3: Virtual Machines

intro video

In this module, we cover virtual machine instances, or VMs.

First we'll start with:

  • the basics of Compute Engine, followed by a quick little lab to get you more familiar with creating virtual machines.
  • Then, we’ll look at the different CPU and memory options that enable you to create different configurations.
  • Next, we will look at images and the different disk options available with Compute Engine.
  • After that, we will discuss very common Compute Engine actions that you might encounter in your day-to-day job.

This will be followed by an in-depth lab that explores many of the features and services covered in this module.

What's Compute Engine?

video

Compute_engine_in_GCP_Compute_spectrum.png

Compute_engine_what_it_is.png

Compute_engine_features.png

Compute options

Compute_engine_Compute_options.png

Disk (Storage) options

Compute_engine_Disk_options.png

Networking options

Compute_engine_Networking_options.png

Demo Compute Engine options

Pricing and discounts

video

Compute_engine_pricing.png

Compute_engine_pricing_VM_discounts.png

Example of cumulated usage for calculating "sustained-use" discounts:

Compute_engine_pricing_VM_discounts_example_of_cumulated_usage.png

VM access and lifecycle

video

Compute_engine_VM_access_Linux_Windows.png

VM lifecycle:

Compute_engine_VM_lifecycle.png

Changing VM's state from "running":

Compute_engine_VM_change_of_state_from_running.png

Compute_engine_VM_possible_auto_live_migration.png

Stopped VM (No charge):

Compute_engine_VM_stopped.png

Lab 1 Creating Virtual Machines

What are compute options (vCPY, Memory)?

video

Compute engine 3 options to create VMs:

Compute_engine_3_options_to_create_VMs.png

Compute engine 4 classes of VMs:

Compute_engine_4_classes_of_VMs.png

Compute engine 80% on preemptible VMs (24hours max):

Compute_engine_80%_on_preemptible_VMs.png

There exists ways to monitr and restart preemptible VMs even though this doesn't come as a default option.

Compute Engine (disk) images?

video

Compute_engine_disk_image.png

Compute_engine_disk_image_private_or_public.png

Compute Engine Disk options

video

Compute_engine_disk_image_boot_image.png

Persistent disks

  • bounded to their zone
  • dynamically resizable, even when running!

Compute_engine_disk_image_boot_image_persistent.png

Local SSD disks

  • data will survive a RESET
  • data will NOT survive a STOP or TERMINATE (because these disks can't be re-attached to a different VM)

RAM disk

fastest, for low needs in memory.

Summary

Compute_engine_disk_image_summary.png

Compute_engine_disk_max_disk_for_max_cores.png

Compute_engine_disk_differences_cloud_vs_physical_disks.png

common Compute Engine actions

video

Moving an instance to a new zone

Compute_engine_actions_moving_zones.png

Compute_engine_actions_moving_zones_automated.png

Snapshots

disk backup

Compute_engine_actions_snapshots_disk_backup.png

data migration between zones

Compute_engine_actions_snapshots_data_migration.png

change disk type (HDD <> SSD)

Compute_engine_actions_snapshots_change_disk_type.png

Safe snapshot preparation

Compute_engine_actions_safe_snapshots_preparation.png

Resize persistent disk

Compute_engine_actions_sresize_disk.png

Lab 2 Working with VM: setup a gaming application server

Build the infrastructure needed for production activities:

  • Backups
  • graceful shutdown/restart services

Lab notes & video lab review

Module 3 review

video

Resources/Articles