Skip to content

Commit

Permalink
vpc description draft
Browse files Browse the repository at this point in the history
  • Loading branch information
wojcik-dorota committed Nov 28, 2024
1 parent b8d18d4 commit efe0c04
Show file tree
Hide file tree
Showing 4 changed files with 119 additions and 0 deletions.
2 changes: 2 additions & 0 deletions .github/vale/styles/config/vocabularies/Aiven/accept.txt
Original file line number Diff line number Diff line change
Expand Up @@ -333,6 +333,8 @@ VMs
VNet
VPC/MS
VPCs?
VPN
VPNs
wget
Wireshark
Workbench
Expand Down
43 changes: 43 additions & 0 deletions docs/platform/concepts/vpc-peering.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
---
title: Virtual private cloud (VPC) peering in Aiven
sidebar_label: VPC peering
---

VPC peering supported on the Aiven Platform improves network connectivity and security. It
simplifies architecture, helps reduce network latency, and enhances resource sharing while
maintaining isolation and control.

VPC peering is a networking connection between two VPCs. It allows private and direct
communication between the VPCs with no traffic routing over the public internet.

### VPC peering characteristics

- Private communication: Private IP addresses used by VPCs to communicate
- High performance: Low latency thanks traffic remaining on the cloud provider's network
- Security: Reduced exposure to public networks without using internet gateways, VPNs, or
NAT
- Scalability: Connections supported across different accounts and regions, depending on a
cloud provider

### VPC peering use cases

- Multi-tier applications: Secure connnection between VPCs hosting different application
layers, such as web or database
- Resource sharing: Secure sharing between VPCs hosting different resources,
for example, datasets or APIs
- Data isolation: Access control by using separate VPCs for different projects or teams in
an organization

## Related pages

- [Virtual private clouds (VPCs) in Aiven](/doc/platform/concepts/vpcs)

## Learn more

There are the following cloud-provider-specific articles you might want to read to have a
full picture:

- AWS: [VPC peering process, lifecycle, and limitations](https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-basics.html)
- Google Cloud: [VPC Network Peering](https://cloud.google.com/vpc/docs/vpc-peering)
- Azure: [Virtual network peering](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-peering-overview)
- UpCloud: [How to configure network peering](https://upcloud.com/docs/guides/configure-network-peering/)
69 changes: 69 additions & 0 deletions docs/platform/concepts/vpcs.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
---
title: Virtual private clouds (VPCs) in Aiven
sidebar_label: VPCs overview
---

Virtual private clouds (VPCs) supported on the Aiven Platform provide enhanced security,
flexibility, and network control, allowing efficient traffic, resource, and access management.

A VPC is a logically isolated section of a cloud provider's network, which makes it a
private network within a public cloud. It's a secure customizable network environment that
you define and control to deploy and manage resources.

### VPC characteristics

- Isolation: Each VPC operates independently from other VPCs, ensuring secure separation.
- Customizable IP Range: You can define your own IP address range (CIDR block).
- Subnets: Divide the VPC into smaller sub-networks (subnets) for organizing resources
based on availability zones or functional groups.
- Network Control: Configure route tables, network gateways, and security settings.
- Internet Connectivity: Control whether the VPC connects to the internet via Internet
Gateways or remains isolated.
- Security: Strong control over network traffic and isolation.
- Flexibility: Custom network architecture tailored to your application's needs.
- Scalability: Expand or modify the network as demand grows.

### VPC components

- Subnets: Smaller networks within the VPC. They can be public or private.
- Route Tables: Define how network traffic is directed within the VPC.
- Internet Gateway (IGW): Allows public traffic to access the internet.
- NAT Gateway (Network Address Translation): Enables outbound internet access for private
subnets.
- Security Groups: Firewall rules to control inbound and outbound traffic for resources.
- Network Access Control Lists (NACLs): Additional layer of security at the subnet level.
- Peering Connections: Connect VPCs together for intercommunication.

### VPC use cases

- Hosting Applications: Deploying scalable web and database applications.
- Hybrid Cloud Architecture: Connecting on-premises networks to the cloud securely.
- Data Isolation: Keeping sensitive data within a private network.
- Multi-tier Architecture: Separating application layers (web, app, database) within
- distinct subnets.

## VPC types

The Aiven Platform allows creating and using two types of VPCs, which differ in scope:
[project-wide VPCs](/docs/platform/concepts/vpcs#project-vpcs) and
[organization-wide VPCs](/docs/platform/concepts/vpcs#organization-vpcs).

### Project VPCs

### Organization VPCs

## Related pages

- [Virtual private cloud (VPC) peering in Aiven](/doc/platform/concepts/vpc-peering)

## Learn more

There are the following cloud-provider-specific articles you might want to read to have a
full picture:

- AWS: [How Amazon VPC works](https://docs.aws.amazon.com/vpc/latest/userguide/how-it-works.html])
- Google Cloud: [VPC networks](https://cloud.google.com/vpc/docs/vpc)
- Azure: [What is Azure Virtual Network?](https://learn.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview)
- UpCloud:
- [How to configure SDN Private networks](https://upcloud.com/docs/guides/configure-sdn-private-networks/)
- [How to configure SDN Private networks using the UpCloud API](https://upcloud.com/docs/guides/configure-sdn-private-networks-upcloud-api/)
5 changes: 5 additions & 0 deletions sidebars.ts
Original file line number Diff line number Diff line change
Expand Up @@ -251,7 +251,12 @@ const sidebars: SidebarsConfig = {
{
type: 'category',
label: 'VPCs',
link: {
type:'doc',
id: 'platform/concepts/vpcs',
},
items: [
'platform/concepts/vpc-peering',
'platform/howto/manage-vpc-peering',
'platform/howto/public-access-in-vpc',
'platform/howto/vpc-peering-gcp',
Expand Down

0 comments on commit efe0c04

Please sign in to comment.