Hello !
I have just started with my cloud journey and so far have a fair understanding of what public,private and hybrid clouds are.However finding it a bit difficult to wrap my head around VPC. Any references to post/links would be appreciated as well !
Thanks !
Top comments (8)
When you create an account on AWS, or a project in GCP, you are automatically given a default vpc within their network.
The vpc is the network backbone that connects all of your cloud resources to each other, and eventually, to the outside Internet.
The easiest way to think about it is to treat it like a local network, or YOUR cloud, inside the aws or Google cloud.
In lots of cases, you will never need more than the default vpc. But sometimes you might.
Let's assume you have a couple compute resources (virtual machines, cloud functions, etc), and a couple databases to back them.
If you created these normally, they'll be on the default vpc and be more or less open to the outside internet (individual resources will apply some control to this as well, but for now we'll pretend they don't).
Now, you've decided that one of your servers and its database don't need to be available to the Internet. For security, you want to isolate them, and they only need to operate inside your cloud.
You have two options: you can manage networking settings for your VM and database separately using the specific tools for that resource, OR you can create a new VPC, make it not accessible to outside world, and attach your database and VM to that instead.
Now, your database and virtual machine can talk to each other, because from a network perspective, that's all either of them see. They are on a completely isolated network.
Essentially, you've created another cloud, inside your cloud, which is inside the aws or Google cloud.
Wow ! ππΌ Thanks a ton Brandin !! It is clear to me now. The way you explained how we have a default vpc and then moved to creating your own helped a lot in visualizing this together !
My pleasure!
docs.aws.amazon.com/vpc/latest/use...
In #explainlikeimfive terms, I'd say it's a bit like having a vacation timeshare. On one hand, it's meant to have all the amenities and the feeling of your own home, but on the other hand, you save money by sharing the cost with the other timeshare owners.
With vpc, it's a similar idea: You can access shared cloud infrastructure in a way that feels like part of your organization's private network.
If it works well, it means you won't need to manage your own data centre: You can more easily scale up/down what you're using based on your real-time computing needs. However, you still get the security and isolation that would be expected from a self-managed data centre.
The term "virtual" comes into play because the physical infrastructure you're using is shared with other customers of the cloud provider, but it's isolated in such a way that this sharing is not visible to the parties involved.
This overview of the different kinds of private clouds might be helpful: vmware.com/topics/glossary/content...
Many thanks for your reply ! :)) But I have difficulty in understanding how is this different from having a public cloud ? If we choose to have our instances in the public cloud, they come with their own isolation from other different tenants. Our data , instances are secured from the other customers who share resources by the same cloud provider. I will read up on the link which you have provided ! :D Thanks again.
I believe the distinction is simply that with vpc, you can customize the network (ip address range, subnets etc). Again, it is meant to feel as though you have your own network infrastructure in house or hosted privately at a data centre. You can even separate out publicly-facing servers, just as you would if this was your own IT infrastructure. I think the amazon vpc page may be helpful for reference: aws.amazon.com/vpc/.
Great ! I will go through the reference. Thank you :))