Learn about the broad variety of networking options on Google Cloud. This course uses lectures, demos, and hands-on labs to help you explore and deploy Google Cloud networking technologies, including Virtual Private Cloud (VPC) networks, subnets, and firewalls; interconnection among networks; load balancing; Cloud DNS; Cloud CDN; and Cloud NAT. You'll also learn about common network design patterns and automated deployment using Cloud Deployment Manager or Terraform.

What you'll learn

• Configure Google VPC networks, subnets, and routers
• Control administrative access to VPC objects
• Control network access to endpoints in VPCs
• Interconnect networks among Google Cloud projects
• Interconnect networks among Google Cloud VPC networks and on-premises or other-cloud networks
• Choose among Google Cloud load balancer and proxy options and configure them
• Use Cloud CDN to reduce latency and save money
• Optimize network spend using Network Tiers
• Configure Cloud NAT or Private Google Access to provide instances without public IP addresses access to other services
• Deploy networks declaratively using Cloud Deployment Manager or Terraform
• Design networks to meet common customer requirements
• Configure monitoring and logging to troubleshoot networks problems

Target Audience

• Network engineers and Admins who are either using Google Cloud or are planning to do so
• Individuals who want to be exposed to software-defined networking solutions in the cloud

Prerequisites

To get the most out of this course, participants should:

• Complete Google Cloud Fundamentals: Core Infrastructure or have equivalent experience
• Have prior understanding of the 7 layer OSI model
• Have prior understanding of IPv4 addressing
• Have prior experience with managing IPv4 routes

Products

• VPC Networking
• Cloud IAM
• Cloud Load Balancing
• Cloud Interconnect
• Cloud VPN
• Deployment Manager
• Cloud Monitoring
• Cloud Logging

Not covered

• Container networking

Course Modules

Module 1: Google Cloud VPC Networking Fundamentals

• Recall that networks belong to projects
• Explain the differences among default, auto, and custom networks
• Create networks and subnets
• Explain how IPv4 addresses are assigned to Compute Engine instances
• Publish domain names using Google Cloud DNS
• Create Compute Engine instances with IP aliases
• Create Compute Engine instances with multiple virtual networks

Module 2: Controlling Access to VPC Networks

• Outline how IAM policies affect VPC networks
• Control access to network resources using service accounts
• Control access to Compute Engine instances with tag-based firewall rules

Module 3: Sharing Networks Across Projects

• Outline the overall workflow for configuring Shared VPC
• Differentiate between the IAM roles that allow network resources to be managed
• Configure peering between unrelated VPC Networks
• Recall when to use Shared VPC and when to use VPC Network Peering

Module 4: Load Balancing

• Recall the various load balancing services
• Configure Layer 7 HTTP(S) load balancing
• Whitelist and blacklist IP traffic with Cloud Armor
• Cache content with Cloud CDN
• Explain Layer 4 TCP or SSL proxy load balancing
• Explain regional network load balancing
• Configure internal load balancing
• Recall the choices for enabling IPv6 Internet connectivity for Google Cloud load balancers
• Determine which Google Cloud load balancer to use In which situation

Module 5: Hybrid Connectivity

• Recall the Google Cloud interconnect and peering services available to connect your infrastructure to Google Cloud
• Explain Dedicated Interconnect and Partner Interconnect
• Describe the workflow for configuring a Dedicated Interconnect
• Build a connection over a VPN with Cloud Router
• Determine which Google Cloud interconnect service to use in which situation
• Explain Direct Peering and Partner Peering
• Determine which Google Cloud peering service to use in which situation

Module 6: Networking Pricing and Billing

• Recognize how networking features are charged
• Use Network Service Tiers to optimize spend
• Determine which Network Service Tier to use in which situation
• Recall that labels can be used to understand networking spend

Module 7: Network Design and Deployment

• Explain common network design patterns
• Configure Private Google Access to allow access to certain Google Cloud services from VM instances with only internal IP addresses
• Configure Cloud NAT to provide your instances without public IP addresses access to the internet
• Automate the deployment of networks using Deployment Manager or Terraform
• Launch networking solutions using Cloud Marketplace

Module 8: Network Monitoring and Troubleshooting

• Configure uptime checks, alerting policies and charts for your network services
• Use VPC Flow Logs to log and analyze network traffic behavior