Configuring Kubernetes Clusters
Configuring Firewall Rules
The course is part of this learning path
This course guides you through the key steps to configure a Google Cloud Platform virtual private cloud (VPC), which allows you to connect your GCP services with one another securely.
After a brief introduction, the course begins with how to set up and configure VPCs, including VPC peering and shared VPC. You'll learn how to configure routes, set up cloud NAT (network address translation), and configure VPC-native clusters in Kubernetes, before rounding off the course by looking at VPC firewalls. The topics in this course are accompanied by demonstrations on the platform in order to show you how these concepts apply to real-world scenarios.
If you have any feedback, questions, or queries relating to this course, please feel free to contact us at firstname.lastname@example.org.
- Configure Google Cloud Platform VPC resources
- Configure VPC peering and API access
- Create shared VPCs
- Configure internal static and dynamic routing, as well as NAT
- Configure and maintain Google Kubernetes Engine clusters
- Configure and maintain VPC firewalls
This course is intended for:
- Individuals who want to learn more about Google Cloud networking, who may also have a background in cloud networking with other public cloud providers
- Individuals who simply want to widen their knowledge of cloud technology in general
To get the most from this course, you should already have experience in public cloud and networking as well as an understanding of GCP architecture.
Welcome to the next section of the GCP VPC course. And we're gonna be talking specifically today about cloud NAT, which means network address translation. What this feature allows you to do is set up any type of Compute Engine instance, or Kubernetes cluster that does not have an external IP address assigned to it to pick one for it used by Google.
So what that does is it allows you to use a different external IP address that's independent of the actual instance itself. So this is very handy from a security perspective where if you have instances or clusters that need to get out to the internet, but you don't want those direct instances exposed to the internet all the time.
So what you can do in this screen here, you can see I'm going, I've already created one called net-nat and once I click on it, you're gonna see the VPC network I've set it up on, along with the Cloud Router that was a provision for it.
Some other things to be aware of is that the setup to auto allocate IP addresses for the high availability and what all that means is that it's gonna give, Google's gonna set up, reserve rather, as many IP addresses as it needs to determine the best route for your traffic. And to show you what that looks like, when we go over here to the external IP addresses, you're gonna see all of these natted auto IPs that it's picked. And it can use any of these for your instances or Kubernetes clusters.
About the Author
Mark has many years of experience working with Google Cloud Platform and also holds eight GCP certifications.