GCP Concepts including VPC Peering, GKE, IAM Services, and GAE.
The blog contains a brief on concepts of various services in GCP and detailed procedure of launching an Instance and VPC peering.
Why we need Cloud Services!!?
To run any program, we need an Operating System. And the operating system is also a collection of programs, a software that runs on the hardware. To run any program be it of DBMS servers, ML programs, web hosting maybe MS office, docker, Jenkins, etc., we basically need a hardware system and other resources.
The most crucial resource we need is the compute unit, the ram, and CPUs, and to store the OS program, we need memory i.e. HARD DISK. Today with a huge advancement in computing capabilities and computing requirements, the demand for resources has gone very high.
To battle this gap between computing requirement and resource availability, cloud computing has proven to be a blessing. Today one can launch an OS Instance in another continent, sitting in one continent.
There are many firms that provide cloud services and Google Cloud Platform is one of them. Google provides various services, manageable through a WebUI in the simplest way. Google has a private connection across the continents and is not dependent on any third party, hence being the safest cloud services.
Another powerful service that GCP provides in the GCLOUD shell, a command-line interface to work on various services.
— — — — —
How to launch an OS Instance !!??
Compute Engine >> VM Instances >> “Create Instances"Fill details as shown in the below image regarding the OS to be launched.
Also, a command-line statement is provided. In today's world for agility and automation, this statement will prove to be beneficial in integrating multiple tools and technologies like Jenkins Kubernetes, Docker, etc.
The OS launched will have both public and private IP, public one for client access. But before that, we need to know that there is a firewall service that functions for the security purposes of instance. Below is the firewall rule to allow the incoming traffic (ingress) for port 80 to let the instance work as a web server.
— — — —
VIRTUAL PRIVATE CLOUD
What is VPC !!?
In any organization, there are multiple labs and teams. Each lab consists of various servers, laptops, etc and every lab is connected using networking devices. Similar network setup is provided by google under NaaS (Networking as a Service). GCP will establish the entire setup from routers to IPs. This facility of establishing our entire premises on the cloud is Virtual Private Cloud. Here, the company is equivalent to network and labs are representing subnets. Any OS instance needs a lab to be launched. By default, any launched OS instance is part of the default lab in default VPC.
What’s VPC Peering !!?
Any OS instance launched is given two IPs, a private one and another is public IP to be used on the internet. From the internet, one can’t access using private IP. Also, the connection between multiple campuses of an organization (multiple VPCs) if made through public IP will not be secure. GCP provides a way to connect different VPCs through VPC peering. As shown in the figure below, VPCs will be able to connect using private IPs.
How to do VPC Peering !!?
We have already discussed how to launch an OS instance. We will create two VPCs (under different projects) in two different regions with one lab each. And then establish peering among them.
To create a VPC Network follow the given steps:
Navigation Menu >> VPC Network >> VPC Networks >> Create VPC Network.
Then fill in the details for both the project’s VPC as shown below.
Google sets up DHCP Server to allot IP address to every new instance. Also when a new VPC is created there are no firewall rules. Therefore, once Google completes all the configuration of the network, we will create firewall rules.
Create the firewall rule as explained earlier. Select “Allow all” in Protocols and ports.To launch an instance in the lab, enter into the project, select the option of creating VM Instances, and enter details.
Only change is the additional information to fill, to connect instance with a lab. Example is shown in following image.
To connect the two VPCs, we have to establish VPC peering in both projects.
Navigation Menu >> VPC Network >> VPC Network Peering >> Create Connection >> Create peering connection >> Continue.
- Give the name accordingly.
- Enter the VPC N/w you are in.
- Since we have to peer with VPC of another project, we will select the “In other project” option.
- Project ID and VPC name we want to connect with.
- Currently, the status of peering will be “Inactive”.
- We have to carry out the same steps in other VPC.
Once, in both the VPCs pairing is done without any error the status will be active.
To check the private connectivity, we will ping the dev-os using its private IP from the prod-os’ command prompt.
— — —
Individually launched instance on the cloud has to be managed manually. But there is a tool, Kubernetes that is a container-orchestration system that helps in managing the os instances simply whether it’s an accidentally deleted OS or to scale in or scale out of applications, rolling updates, and many other facilities.
Google also provides KaaS: Kubernetes as a Service, Google Kubernetes Engine (GKE) that helps in configuring pods and deployments, etc very easily. GKE working is explained in my next blog in detail.
On every project, multiple individuals at different hierarchical levels work together. The contribution of every member is different, and access to resources is at different levels. To handle this variety in roles of members, Google has provided IAM SERVICES (Identity and Access Management). By default, there are three roles including the owner, editor, and viewer. But we can also create custom roles in the GCP Platform. Below is a screenshot explaining how to add a member and assign a role.
Console >> IAM & Admin >> IAM >> +ADD
Another very important service that GCP provides is GAE Services. Considering an example of a developer, who wishes a platform or service to directly and immediately launch the app, then Google App Engine is the goto service for him/her.
GAE Platform supports various languages including Go, PHP, Java, Python, Node.js, .NET, and Ruby, and many others. It provides various facility to deploy applications
Console >> App Engine >> Dashboard >> "Get Started" 
— — —
THANK YOU !!
