-
Notifications
You must be signed in to change notification settings - Fork 15
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
b8d18d4
commit 400489f
Showing
2 changed files
with
105 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,101 @@ | ||
--- | ||
title: Virtual private clouds (VPCs) and VPC peering in Aiven | ||
sidebar_label: VPCs overview | ||
--- | ||
|
||
Virtual private clouds (VPCs) and VPC peering in Aiven provide enhanced security, | ||
flexibility, and control over resources allowing efficient traffic and access management | ||
and helping reduce network latency. | ||
|
||
## VCP | ||
|
||
A VPC is a logically isolated section of a cloud provider's network, which makes it a | ||
private network within a public cloud. It's a secure customizable network environment that | ||
you define and control to deploy and manage resources. | ||
|
||
### VPC characteristics | ||
|
||
- Isolation: Each VPC operates independently from other VPCs, ensuring secure separation. | ||
- Customizable IP Range: You can define your own IP address range (CIDR block). | ||
- Subnets: Divide the VPC into smaller sub-networks (subnets) for organizing resources | ||
based on availability zones or functional groups. | ||
- Network Control: Configure route tables, network gateways, and security settings. | ||
- Internet Connectivity: Control whether the VPC connects to the internet via Internet | ||
Gateways or remains isolated. | ||
- Security: Strong control over network traffic and isolation. | ||
- Flexibility: Custom network architecture tailored to your application's needs. | ||
- Scalability: Easily expand or modify the network as demand grows. | ||
|
||
### VPC components | ||
|
||
- Subnets: Smaller networks within the VPC. They can be public or private. | ||
- Route Tables: Define how network traffic is directed within the VPC. | ||
- Internet Gateway (IGW): Allows public traffic to access the internet. | ||
- NAT Gateway (Network Address Translation): Enables outbound internet access for private | ||
subnets. | ||
- Security Groups: Firewall rules to control inbound and outbound traffic for resources. | ||
- Network Access Control Lists (NACLs): Additional layer of security at the subnet level. | ||
- Peering Connections: Connect VPCs together for intercommunication. | ||
|
||
### VPC use cases | ||
|
||
- Hosting Applications: Deploying scalable web and database applications. | ||
- Hybrid Cloud Architecture: Connecting on-premises networks to the cloud securely. | ||
- Data Isolation: Keeping sensitive data within a private network. | ||
- Multi-tier Architecture: Separating application layers (web, app, database) within | ||
- distinct subnets. | ||
|
||
## VPC types | ||
|
||
The Aiven Platform allows creating and using two types of VPCs, which differ in scope: | ||
[project-wide VPCs](/docs/platform/concepts/vpcs#project-vpcs) and | ||
[organization-wide VPCs](/docs/platform/concepts/vpcs#organization-vpcs). | ||
|
||
### Project VPCs | ||
|
||
### Organization VPCs | ||
|
||
## VCP peering | ||
|
||
VPC peering is a networking connection between two VPCs. It allows private and direct | ||
communication between the VPCs with no traffic routing over the public internet. | ||
|
||
### VPC peering characteristics | ||
|
||
- Private communication: Private IP addresses used to comminicate | ||
- High performance: Low latency thanks traffic remaining on the cloud provider's network | ||
- Security: Reduced exposure to public networks without using internet gateways, VPNs, or | ||
NAT | ||
- Scalability: Connections supported across different accounts and regions, depending on a | ||
cloud privider | ||
|
||
### VPC peering use cases | ||
|
||
- Multi-tier applications: Secure connnection between VPCs hosting different application | ||
layers, such as web or database | ||
- Resource sharing: Secure sharing between VPCs hosting different resources, | ||
for example, datasets or APIs | ||
- Data isolation: Access control by using separate VPCs for different projects or teams in | ||
an organization | ||
|
||
## Learn more | ||
|
||
There are the following cloud-privider-specific articles you might want to read to have a | ||
full picture: | ||
|
||
- AWS | ||
- [How Amazon VPC works](https://docs.aws.amazon.com/vpc/latest/userguide/how-it-works.html]) | ||
- [VPC peering process, lifecycle, and limitations](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-basics.html) | ||
|
||
- Google Cloud | ||
- [VPC networks](https://cloud.google.com/vpc/docs/vpc) | ||
- [VPC Network Peering](https://cloud.google.com/vpc/docs/vpc-peering) | ||
|
||
- Azure | ||
- [What is Azure Virtual Network?](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview) | ||
- [Virtual network peering](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview) | ||
|
||
- UpCloud | ||
- [How to configure SDN Private networks](https://upcloud.com/docs/guides/configure-sdn-private-networks/) | ||
- [How to configure SDN Private networks using the UpCloud API](https://upcloud.com/docs/guides/configure-sdn-private-networks-upcloud-api/) | ||
- [How to configure network peering](https://upcloud.com/docs/guides/configure-network-peering/) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters