Basics of Cloud Computing

📄 Table of Contents

  • 3 types of Cloud services
  • 3 types of Cloud
  • multi-region, region and zones in GCP
  • AWS Fundamentals
    — VPC (virtual private cloud)

  • Microsoft AZURE
  • Google Cloud Platform (GCP)

▬▬▬▬▬▬▬▬▬▬▬▬▬▬ ✦ ✦ ✦ ▬▬▬▬▬▬▬▬▬▬▬▬▬▬

◉ What is Cloud Computing?

It is the on-demand delivery of compute power, database, storage, application and other IT resources through a Cloud Service Provider via the Internet with the pay-as-you-go pricing mode.

◉ Characteristics of Cloud

  • On demand self service
  • Broad Network Access
  • Scalability
  • Resource Pooling
  • Measured Services

◉ 3 Popular Clouds in vogue (in order of popularity) are:

  1. AWS (Amazon Web Services)

2. Microsoft Azure (AZ-103, AZ-104)

3. Google Cloud Platform (GCP)

◉ Similarity among three Clouds

  • Billing happens on “Accounts” in AWS and “Subscription” in Microsoft Azure and “projects” in GCP.
  • Its EC2 in AWS, virtual Machine in Microsoft Azure and Compute Engine in GCP.
  • AWS uses the Nitro Hypervisor at backend, Microsoft Azure uses indigenous Hyper-V whereas GCP uses open source KVM Hypervisor at backend.

◉ AWS Fundamentals

AWS Architecture

EBS (elastic block storage)

  • is block level storage.
  • is broken into blocks and then stored as block
  • whenever we create an EC2 instance, it has EBS by default. So, it can be accessed via EC2 only. It cannot be accessed over the internet via http/https.

S3 (Simple storage device)

  • is object level storage
  • is a storage that can be accessed via the internet (http/https)
  • you cannot install OS on S3.
  • Data is stored in bucket. Max capacity of a bucket is 5TB. There cannot be a bucket inside other bucket.
  • You can have upto 100 buckets per account.

Read in detail for above @ https://medium.com/age-of-awareness/aws-fundamentals-beginners-guide-ffea402596fb

How to Retrieve Metadata of Amazon linux machine

curl http://169.254.169.254/latest/meta-data

  • VPC is region specific and not zone-specific meaning VPC is always created in a Region and not availability zones.
  • In one region maximum 5 VPCs and 200 subnets in 1 VPC can be created.
  • 5 Elastic IPs can be created in one Account.
  • While creating a VPC, DHCP, NACL & security group are automatically created .
  • Each Region has one VPC by default and each availability zone has 1 subnet by default. However, you can create your custom VPC or subnet as per your requirement.
  • ‘ping 8.8.8.8’ which is Google DNS server is the command to check if we are able to access the internet on the fly.
  • To create a VPC completely, you need to create a subnet, IGW (internet gateway), and Route Table in succession.

◉ Microsoft Azure

  • Azure SQL Database Services

◉ 3 Types of Cloud Services

  • IaaS, PaaS, SaaS — (Infrastructure, Platform, Software) as a service
  • VM is nothing but IaaS.

SaaS: Google Drive, Gmail

◉ 3 Types of Cloud

  • Public cloud → AWS, M/S Azure , GCP are all public clouds as anyone can use it via internet across the globe. It is like public transport.
  • Private cloud → more secure but at higher cost like a personal car but costly.
  • Hybrid cloud → combination of Public and private cloud.

◉ Multi-region, region, zones in GCP

GCP has 3 mutli-regions in namely US, Europe and Asia-pacific.

29 Regions in total as of today, and each region has 3 zones expect the first one IOWA(in US, which has 4 regions).

So, total zones is 29*3+1 = 88 zones across the globe.

◉ What is Organization,folder and project in Google cloud

While creating a Project, 3 things are mandatory namely project Id, project Name, projectNumber (12 digit). Lets say if you have created a projectName worked on it and then deleted, next time you can create a project with the same projectName but you will not be assigned the same projectId never in future.

Also, GCP assigns a projectNumber by itself. If you don’t like the projectNumber, you can edit it only once but only at the time of creation, Immutable (not modifiable) after that.

◉ How is GCP different from other Clouds:

  • Everytime you create a project in google cloud, you have to enable its API. this doesn’t happen in AWS and Microsoft Azure.
  • All the services that GCP provides is encrypted by default, this is NOT the case in others two. There you need to manually enable the encryption.

Google Cloud Platform (GCP)

Google Cloud Virtual Private Cloud (VPC) provides networking functionality to Compute Engine virtual machine (VM) instances, Kubernetes Engine containers, and App Engine flexible environment. In other words, without a VPC network you cannot create VM instances, containers, or App Engine applications. Therefore, each Google Cloud project has a default network to get you started.

You can think of a VPC network as similar to a physical network, except that it is virtualized within Google Cloud. A VPC network is a global resource that consists of a list of regional virtual subnetworks (subnets) in data centers, all connected by a global wide area network (WAN). VPC networks are logically isolated from each other in Google Cloud.

Each Google Cloud project has a default network with subnets, routes, and firewall rules.

Each Google Cloud project has a default network with subnets, routes, and firewall rules.

View the subnets

The default network has a subnet in each Google Cloud region.

  • In the Cloud Console, on the Navigation menu (
  • ), click VPC network > VPC networks.

Notice the default network with its subnets. Each subnet is associated with a Google Cloud region and a private RFC 1918 CIDR block for its internal IP addresses range and a gateway.

View the Firewall rules

Each VPC network implements a distributed virtual firewall that you can configure. Firewall rules allow you to control which packets are allowed to travel to which destinations. Every VPC network has two implied firewall rules that block all incoming connections and allow all outgoing connections.

  • In the left pane, click Firewall. Notice that there are 4 Ingress firewall rules for the default network:
  • default-allow-icmp
  • default-allow-rdp
  • default-allow-ssh
  • default-allow-internal

Note: These firewall rules allow ICMP, RDP, and SSH ingress traffic from anywhere (0.0.0.0/0) and all TCP, UDP, and ICMP traffic within the network (10.128.0.0/9). The Targets, Filters, Protocols/ports, and Action columns explain these rules.

  • You delete the default network and then you cannot create any VM instances without a VPC network.
  • You can SSH to VM because of the allow-ssh firewall rule, which allows incoming traffic from anywhere (0.0.0.0/0) for tcp:22. Once deleted you cannot even SSH.
  • You can ping test-vm’s internal IP because of the allow-custom firewall rule.
  • You can ping test-vm’s external IP because of the allow-icmp firewall rule.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Anil Kumar

Anil Kumar

Experience with Front-end Technologies and MERN / MEAN Stack. Working on all Major UI Frameworks like React, Angular.