Description
This 2-day instructor-led course gives participants a broad study of networking options on Google Cloud. Through presentations, demonstrations, and hands-on labs, participants explore and deploy Google Cloud networking technologies, such as Google Virtual Private Cloud (VPC) networks, subnets, firewalls; interconnection among networks; load balancing; Cloud DNS; Cloud CDN; Cloud NAT. The course will also cover common network design patterns and automated deployment using Deployment Manager or Terraform.
Who should attend
This course is intended for the following participants:
- Network Engineers and Network Admins who are either using Google Cloud Platform or planning to do so
- Individuals who want to be exposed to software-defined networking solutions in the cloud.
Certifications
This course is part of the following Certifications:
Google Cloud Certified Professional Cloud Network Engineer
Prerequisites
To get the most out of this course, participants should have:
Completed Google Cloud Fundamentals: Core Infrastructure (GCF-CI) or have equivalent experience
Clear understanding of the 7-layer OSI model
Clear understanding of IPv4 addressing
Prior experience with managing IPv4 routes
Course Objectives
This course teaches participants the following skills:
- Configure Google VPC networks, subnets, and routers
- Control administrative access to VPC objects
- Control network access to endpoints in VPCs
- Interconnect networks among Google Cloud projects
- Interconnect networks among Google Cloud VPC networks and on-premises or other-cloud networks
- Choose among Google Cloud load balancer and proxy options and configure them
- Use Cloud CDN to reduce latency and save money
- Optimize network spend using Network Tiers
- Configure Cloud NAT or Private Google
- Access to provide instances without public IP addresses access to other services
- Deploy networks declaratively using Cloud Deployment Manager or Terraform
- Design networks to meet common customer requirements
- Configure monitoring and logging to troubleshoot networks problems
Outline: Networking in Google Cloud Platform (NGCP)
Module 1
Google Cloud VPC Networking Fundamentals
Topics Covered:
- Recall that networks belong to projects
- Explain the differences among default, auto, and custom networks
- Create networks and subnets
- Explain how IPv4 addresses are assigned to Compute Engine instances
- Publish domain names using Google Cloud DNS
- Create Compute Engine instances with IP aliases
- Create Compute Engine instances with multiple virtual network interfaces
Module 2
Controlling Access to VPC Networks
Topics Covered:
- Outline how IAM policies affect VPC networks
- Control access to network resources using service accounts
- Control access to Compute Engine instances with tagbased firewall rules
Module 3
Sharing Networks across Projects
Topics Covered:
- Outline the overall workflow for configuring Shared VPC
- Differentiate between the IAM roles that allow network resources to be managed
- Configure peering between unrelated VPC Networks
- Recall when to use Shared VPC and when to use VPC Network Peering
Module 4 Load Balancing
Topics Covered:
- Recall the various load balancing services
- Configure Layer 7 HTTP(S) load balancing
- Whitelist and blacklist IP traffic with Cloud Armor
- Cache content with Cloud CDN
- Explain Layer 4 TCP or SSL proxy load balancing
- Explain regional network load balancing
- Configure internal load balancing
- Recall the choices for enabling IPv6 Internet connectivity for Google Cloud load balancers
- Determine which Google Cloud load balancer to use when
Module 5 Hybrid Connectivity
Topics Covered:
- Recall the Google Cloud interconnect and peering services available to connect your infrastructure to Google Cloud
- Explain Dedicated Interconnect and Partner Interconnect
- Describe the workflow for configuring a Dedicated Interconnect
- Build a connection over a VPN with Cloud Router
- Determine which Google Cloud interconnect service to use when
- Explain Direct Peering and Partner Peering
- Determine which Google Cloud peering service to use when
Module 6 Networking Pricing and Billing
Topics Covered:
- Recognize how networking features are charged for
- Use Network Service Tiers to optimize spend
- Determine which Network Service Tier to use when
- Recall that labels can be used to understand networking spend
Module 7 Network Design and Deployment
Topics Covered:
- Explain common network design patterns
- Configure Private Google Access to allow access to certain Google Cloud services from VM instances with only internal IP addresses
- Configure Cloud NAT to provide your instances without public IP addresses access to the internet
- Automate the deployment of networks using Deployment Manager or Terraform
- Launch networking solutions using Cloud Marketplace
Module 8 Network Monitoring and Troubleshooting
Topics Covered:
- Configure uptime checks, alerting policies and charts for your network services
- Use VPC Flow Logs to log and analyze network traffic behavior
