Configuring Kubernetes Clusters
Configuring Firewall Rules
Please note: this course has been replaced with an updated version which can be found here.
This course guides you through the key steps to configure a Google Cloud Platform virtual private cloud (VPC), which allows you to connect your GCP services with one another securely.
After a brief introduction, the course begins with how to set up and configure VPCs, including VPC peering and shared VPC. You'll learn how to configure routes, set up cloud NAT (network address translation), and configure VPC-native clusters in Kubernetes, before rounding off the course by looking at VPC firewalls. The topics in this course are accompanied by demonstrations on the platform in order to show you how these concepts apply to real-world scenarios.
If you have any feedback, questions, or queries relating to this course, please feel free to contact us at firstname.lastname@example.org.
- Configure Google Cloud Platform VPC resources
- Configure VPC peering and API access
- Create shared VPCs
- Configure internal static and dynamic routing, as well as NAT
- Configure and maintain Google Kubernetes Engine clusters
- Configure and maintain VPC firewalls
This course is intended for:
- Individuals who want to learn more about Google Cloud networking, who may also have a background in cloud networking with other public cloud providers
- Individuals who simply want to widen their knowledge of cloud technology in general
To get the most from this course, you should already have experience in public cloud and networking as well as an understanding of GCP architecture.
Okay, the purpose of this video is to point out the differences between a private cluster, and a standard cluster, for Kubernetes, in regards to networking.
So, when you look at this first one on the screen here, the k8-cluster, it's actually set up as private, and there is a few ways you could tell. Number one, this endpoint that I chose is a private IP address, you're gonna see the master address range down here is chosen, you have a lot of other things, in regards of, of course, private, master authorize network policy and so forth. So, these are just extra features, that's been enabled.
And then when I go over to a normal standard cluster I've created, you'll see the endpoint is a public IP address, and then you'll also see down here at the bottom, the private cluster and master network policy, all those are disabled, so, those are some key things to look at, in regards to identifying when it's private or when it's just a standard cluster.
And then when I go over in the Compute Engine, you can also see the Compute Engine instances that get created, when you create a cluster, the k8-cluster that have, those are all, have internal IP addresses, where the standard ones have internal and external. And you'll notice too, those external ones could be different, you know, all three of these are vastly different.
And then when you look at the GKE-K8-cluster I've created, which is private, those internal IPs, are based upon a range that I choose for them as well. So, it gives you a lot more flexibility, when you doing private cluster, you have a lot more control, if you are in a big enterprise, you'll definitely be, you know, doing something like this most likely and yeah, that's gonna wrap up this video for a comparison between private cluster and a standard cluster.
Mark has many years of experience working with Google Cloud Platform and also holds eight GCP certifications.