Networking in Google Cloud

(2 days)

 

This 2-day instructor-led course builds on the networking concepts covered in the Architecting with Google Compute Engine course. Through presentations, demonstrations, and labs, participants explore and deploy Google Cloud networking technologies. These technologies include: Virtual Private Cloud (VPC) networks, subnets, and firewalls, Interconnection among networks, Load balancing, Cloud DNS, Cloud CDN, Cloud NAT. The course will also cover common network design patterns.

 

Objectives
  • Configure VPC networks, subnets, and routers, and control administrative access to VPC objects
  • Route traffic by using DNS traffic steering
  • Control access to VPC networks
  • Implement network connectivity between Google Cloud projects
  • Implement load balancing
  • Configure connectivity to Google Cloud VPC networks
  • Configure private connection options to provide access to external resources and services from internal networks
  • Identify the best Network Service Tier for your needs

Audience

This course is intended for the following participants:

  • Network engineers and administrators who use the Google Cloud console or are planning to do so
  • Individuals who want to be exposed to software-defined networking solutions in the cloud

Prerequisites

  • Having completed the Google Cloud Fundamentals: Core Infrastructure course or having equivalent experience
  • Having completed the Networking Fundamentals in Google Cloud quest or having equivalent experience
  • Prior understanding of the 7-layer OSI model
  • Prior understanding of IPv4 addressing
  • Prior experience with managing IPv4 routes

Course Outline

 

Module 1: VPC Networking Fundamentals

Topics

  • Overview of VPC networks
  • IPv6 addressing
  • Routes and route preferences
  • Bring your own IP (BYOIP)
  • Multiple network interfaces
  • Cloud DNS policies

Objectives

  • Create and configure VPC networks and subnets.
  • Create and configure multiple network interfaces.
  • Create and configure DNS policies.
  • Create VMs that have an IPv6 address.
  • Create Compute Engine instances with multiple virtual network interfaces.

Activities

  • 1 quiz
  • Lab: Working with Multiple VPC Networks
  • Lab: Traffic Steering using Geolocation Policy

Module 2: Controlling Access to VPC Networks

Topics

  • Identity and Access Management (IAM) roles
  • Policy constraints
  • Firewall rules

Objectives

  • Outline how IAM policies affect VPC network access.
  • Create and use service accounts to control access to network resources.
  • Control access to Compute Engine instances with tag-based firewall rules.

Activities

  • 1 quiz
  • Lab: Controlling Access to VPC Networks

Module 3: Sharing Networks Across Projects

Topics

  • Shared VPC
  • VPC Network Peering

Objectives

  • Describe the different ways to share VPC networks that are available in Google Cloud.
  • Recognize when to use Shared VPC and when to use VPC Network Peering.
  • Configure peering between unrelated VPC networks.

Activities

  • 1 quiz
  • Lab: Configuring VPC Network Peering

Module 4: Load Balancing

Topics

  • Load balancing overview
  • Hybrid load balancing
  • Traffic management
  • Internal TCP/UDP load balancers as next hops
  • Cloud CDN

Objectives

  • Create a load balancer.
  • Describe where you can use hybrid load balancing.
  • Describe the benefits of using an Internal TCP/UDP load balancer as an external next hop.
  • Enable and use Cloud CDN.
  • Configure traffic management.

Activities

  • 1 quiz
  • Lab: Configuring Traffic Management with a Load Balancer
  • Lab: Caching Cloud Storage with Cloud CD

Module 5: Hybrid Connectivity

Topics

  • Cloud Interconnect
  • Cloud VPN
  • Influencing best path selection
  • Network Connectivity Center

Objectives

  • Describe how Dedicated Interconnect and Partner Interconnect are used and what their differences are.
  • Determine which Cloud Interconnect product is best for a given use case.
  • Create a connection over a VPN with Cloud Router.
  • Describe how to use Network Connectivity Center to configure connectivity.

Activities

  • 1 quiz
  • Lab: Configuring Google Cloud HA VPN

Module 6: Private Connection Options

Topics

  • Private access overview
  • Private Google Access
  • Private Service Connect
  • Private services access
  • Cloud NAT

Objectives

  • Determine which private connection option is needed for a given use case.
  • Configure Private Google Access to allow access to Google Cloud services from VM instances with only internal IP addresses.
  • Describe Private Service Connect and its use cases.
  • Describe private service access and its use cases.
  • Configure Cloud NAT to provide your instances without public IP addresses access to the internet.

Activities

  • 1 quiz
  • Lab: Implement Private Google Access and Cloud NAT

Module 7: Network Billing and Pricing

Topics

  • Networking pricing
  • Network Service Tiers
  • Billing

Objectives

  • Recognize how networking features are billed.
  • Use Network Service Tiers to optimize spend.
  • Compare and contrast the Network Service Tiers.
  • Describe how labels are used to understand network spend.

Activities

  • 1 quiz
  • Lab: Optimizing Network spend with Network Tiers

Module 8: Network Monitoring and Troubleshooting

Topics

  • Monitoring
  • Logging

Objectives

  • Configure uptime checks, alerting policies, and charts for your network services.
  • Use VPC Flow Logs to log and analyze network traffic behavior.

Activities

  • 1 quiz
  • Lab: Resource Monitoring