diff --git a/docs/platform/concepts/vpc-peering.md b/docs/platform/concepts/vpc-peering.md new file mode 100644 index 00000000..c0999a2a --- /dev/null +++ b/docs/platform/concepts/vpc-peering.md @@ -0,0 +1,43 @@ +--- +title: Virtual private cloud (VPC) peering in Aiven +sidebar_label: VPC peering +--- + +VPC peering supported on the Aiven Platform improves network connectivity and security. It +simplifies architecture, helps reduce network latency, and enhances resource sharing while +maintaining isolation and control. + +VPC peering is a networking connection between two VPCs. It allows private and direct +communication between the VPCs with no traffic routing over the public internet. + +### VPC peering characteristics + +- Private communication: Private IP addresses used to comminicate +- High performance: Low latency thanks traffic remaining on the cloud provider's network +- Security: Reduced exposure to public networks without using internet gateways, VPNs, or + NAT +- Scalability: Connections supported across different accounts and regions, depending on a + cloud privider + +### VPC peering use cases + +- Multi-tier applications: Secure connnection between VPCs hosting different application + layers, such as web or database +- Resource sharing: Secure sharing between VPCs hosting different resources, + for example, datasets or APIs +- Data isolation: Access control by using separate VPCs for different projects or teams in + an organization + +## Related pages + +- [Virtual private clouds (VPCs) in Aiven](/doc/platform/concepts/vpcs) + +## Learn more + +There are the following cloud-privider-specific articles you might want to read to have a +full picture: + +- AWS: [VPC peering process, lifecycle, and limitations](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-basics.html) +- Google Cloud: [VPC Network Peering](https://cloud.google.com/vpc/docs/vpc-peering) +- Azure: [Virtual network peering](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview) +- UpCloud: [How to configure network peering](https://upcloud.com/docs/guides/configure-network-peering/) diff --git a/docs/platform/concepts/vpcs.md b/docs/platform/concepts/vpcs.md new file mode 100644 index 00000000..d9fab29f --- /dev/null +++ b/docs/platform/concepts/vpcs.md @@ -0,0 +1,69 @@ +--- +title: Virtual private clouds (VPCs) and VPC peering in Aiven +sidebar_label: VPCs overview +--- + +Virtual private clouds (VPCs) supported on the Aiven Paltform provide enhanced security, +flexibility, and network control, allowing efficient traffic, resouce, and access management. + +A VPC is a logically isolated section of a cloud provider's network, which makes it a +private network within a public cloud. It's a secure customizable network environment that +you define and control to deploy and manage resources. + +### VPC characteristics + +- Isolation: Each VPC operates independently from other VPCs, ensuring secure separation. +- Customizable IP Range: You can define your own IP address range (CIDR block). +- Subnets: Divide the VPC into smaller sub-networks (subnets) for organizing resources + based on availability zones or functional groups. +- Network Control: Configure route tables, network gateways, and security settings. +- Internet Connectivity: Control whether the VPC connects to the internet via Internet + Gateways or remains isolated. +- Security: Strong control over network traffic and isolation. +- Flexibility: Custom network architecture tailored to your application's needs. +- Scalability: Easily expand or modify the network as demand grows. + +### VPC components + +- Subnets: Smaller networks within the VPC. They can be public or private. +- Route Tables: Define how network traffic is directed within the VPC. +- Internet Gateway (IGW): Allows public traffic to access the internet. +- NAT Gateway (Network Address Translation): Enables outbound internet access for private + subnets. +- Security Groups: Firewall rules to control inbound and outbound traffic for resources. +- Network Access Control Lists (NACLs): Additional layer of security at the subnet level. +- Peering Connections: Connect VPCs together for intercommunication. + +### VPC use cases + +- Hosting Applications: Deploying scalable web and database applications. +- Hybrid Cloud Architecture: Connecting on-premises networks to the cloud securely. +- Data Isolation: Keeping sensitive data within a private network. +- Multi-tier Architecture: Separating application layers (web, app, database) within +- distinct subnets. + +## VPC types + +The Aiven Platform allows creating and using two types of VPCs, which differ in scope: +[project-wide VPCs](/docs/platform/concepts/vpcs#project-vpcs) and +[organization-wide VPCs](/docs/platform/concepts/vpcs#organization-vpcs). + +### Project VPCs + +### Organization VPCs + +## Related pages + +- [Virtual private cloud (VPC) peering in Aiven](/doc/platform/concepts/vpc-peering) + +## Learn more + +There are the following cloud-privider-specific articles you might want to read to have a +full picture: + +- AWS: [How Amazon VPC works](https://docs.aws.amazon.com/vpc/latest/userguide/how-it-works.html]) +- Google Cloud: [VPC networks](https://cloud.google.com/vpc/docs/vpc) +- Azure: [What is Azure Virtual Network?](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview) +- UpCloud: + - [How to configure SDN Private networks](https://upcloud.com/docs/guides/configure-sdn-private-networks/) + - [How to configure SDN Private networks using the UpCloud API](https://upcloud.com/docs/guides/configure-sdn-private-networks-upcloud-api/) diff --git a/sidebars.ts b/sidebars.ts index 72d61508..a75f199d 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -251,7 +251,12 @@ const sidebars: SidebarsConfig = { { type: 'category', label: 'VPCs', + link: { + type:'doc', + id: 'platform/concepts/vpcs', + }, items: [ + 'platform/concept/vpc-peering', 'platform/howto/manage-vpc-peering', 'platform/howto/public-access-in-vpc', 'platform/howto/vpc-peering-gcp',