 Show
This blog post will go through some quick tips including Q/A and related blog posts on the topics that we covered in the Google Cloud Architect (GCP) Day 2 Live Session which will help you gain a better understanding and make it easier for you to On our Day 2 Live Session of the Training Program, we covered the concepts of Virtual Machines, Compute Engine, Images and Snapshots, Virtual networks, VPC, subnets, routing, etc. > Virtual MachinesVirtual Machines in layman language can be understood as a digital version of the physical computer. It is a virtualized instance of a computer that can perform almost all the functions as that of a computer. They run on a physical machine and access computing resources from the software which is known as a hypervisor. >Google Compute EngineGoogle Compute Engine is a part of Google’s IaaS (Infrastructure as a Service) service that provides virtual machines (VMs). The said machines are configurable and scalable as per the user’s requirements. Check Out: How to learn GCP >Compute InstanceA virtual machine hosted on Google Compute Engine is known as a Compute Instance. An instance may be created in one of three ways:
A Compute Instance runs Operating System based on the system image used. This image can either be provided by Google or created by the user. Q1. What are Preemptible VM instances, and how are Preemptible instances different than normal instances? Ans: Preemptible instances are instances that you can create and run at a much lower price than normal instances, but might stop if Compute Engine requires access to those resources for other tasks. Q2. What are the advantages or benefits of using Compute Engine? Ans: Compute Engine offers better kernel-level control, encryption, and makes it easier to create and configure high-performance-based virtual machines that can easily and quickly scale to any size workload. Advantages include:
Q3: What is the Instance Lifecycle? Ans: A Compute Engine instance undergoes many states throughout its life. A VM Instance Lifecycle describes all these states – from the creation to the potential deletion. It is important to know about the lifecycle states, as certain actions can only be performed when the VM is in a certain state. For example, a VM can only be booted after necessary resources have been provisioned to it.
>Machine ConfigurationsMachine configurations are defined by the following terms:
Q4: What types of machines does GCP provide? Ans: Compute Engine provides various types of Virtual Machines based on the intended use case. The various options currently available are:
Compute-Optimized, Memory-Optimized, and Accelerator Optimized machines come in two types – custom and pre-configured. As evident from the name, custom can have the various aspects of the VM set by the user, while in pre-configured, one chooses from select options. > Storage Options in Compute EngineCompute Engine offers several types of storage options for your instances. Each of the following storage options has unique price and performance characteristics:
If you are not sure which option to use, the most common solution is to add a persistent disk to your instance. Q5: What is the difference between Local SSD and Standard Persistent Disk? Which one is better? Ans: Standard Persistent Disks and Local SSDs are two of the most common disk types used for storage in Compute Engine. Standard Persistent Disks store the data in standard HDDs (Hard Disk Drives), making them a cost-efficient and reliable form of storage. However, this results in them being slower. Local SSDs, on the other hand, overcome this by replacing the HDD with SSD (Solid State Drive). This results in much faster operation times and a higher rate of read/write. The downside of this is lesser flexibility, as they need to be located at the same physical location as the VM instance. Another thing to note is the higher cost per GB for storage. Q6: What happens to disk data when the instance is no longer running? Ans: The fate of the data depends on the type of disk used. In the case of a persistent disk, the data is retained even when the instance is stopped, shut down, or restarted. However, in the case of Local SSD being used, the data cannot be retained if the VM goes down for any reason. >Machine Images & SnapshotsGCE uses system images to create boot disks for the instances. Images contain a boot loader, operating system, and a root file system. Images can be of two types:
Snapshots are global resources that can create incremental backups of the data from persistent disks, so the data stored can be saved to a new disk in the same or a different project. Q7: What is the difference between image and snapshot? How to decide which one to use? Ans: A VM image stores the state and all contents of the Virtual Machine. Since that includes the operating system and disk information, an image can be used as a bootloader for the instances. In contrast, a snapshot only displays the contents of a persistent disk at a given instant of time. For this reason, snapshots are lighter (in size) as compared to images but don’t have enough information to acts as a bootloader. >External IPExternal IP of a Compute instance is used when the VM’s resources need to communicate with other resources or an external system via the internet. To ensure the security of the VM, the role of a firewall becomes important when establishing connections with external systems. Compute Engine supports two types of External IP Addresses:
Q8: What actions can be performed using Compute Engine? Ans: Apart from regular tasks, like uploading data to Compute Engine, there are several other tasks as well that GCE can do. Some of these are mentioned below:
Google Compute Engine is the only service from the top 3 cloud service providers that allows for live VM migrations. This means that the working of the machines is never interrupted, not even during maintenance. Q9: Can Compute Engine instance be configured through Command-Line? Ans: Yes, one can work on Compute Engine using both Console and Command Line Interface. The interaction via Cloud Shell is done by using the gcloud compute command family. For example, a new VM instance can be created by a single command gcloud compute instances create For those familiar with the various commands, using the Cloud Shell proves to be the simpler and quicker option. Q10: How are Compute Engine services billed? Ans: Charges in Compute Engine are levied for three main services:
> Virtual NetworksA virtual network is a medium for communication between various virtual machines and devices. Unlike physical networks, which make use of cables, Virtual Networking uses software to establish a connection. > Virtual Private CloudA virtual private cloud (VPC) is a secure, isolated private cloud hosted within a public cloud. Customers can run code, store data, host websites, etc which they could do in an ordinary private cloud, but the only difference is that that private cloud is hosted remotely by a public cloud provider. > Google Cloud VPC (GCP VPC)Google Cloud VPC provides networking functionality to Compute Engine VM instances, Google Kubernetes Engine clusters, and App Engine flexible environment. It provides networking for customers’ cloud-based resources and services that are global, scalable, and flexible. > VPC NetworksA VPC Network is a global resource that contains a list of regional virtual subnetworks in data centers, all connected by a global wide-area network A VPC provides the following:
> SubnetsEvery VPC network consists of one or more useful IP partitions, which are known as subnets. Each of these subnets is associated with a region. VPC networks don’t have any IP addresses of their own, these are defined for the subnets. Q11. Why do you use subnets? Ans: A subnet, or subnetwork, is a segmented piece of a larger network. More specifically, subnets are a logical partition of an IP network into multiple, smaller network segments. Organizations use them to sub-divide larger networks into smaller, more efficient subnetworks. One key goal of a subnet is to split a large network into a grouping of smaller, interconnected networks to help minimize traffic. This way, traffic doesn’t have to flow through unnecessary routes, increasing network speeds. Q12: Is it possible that two organizations can create a subnet with the same range under the same region? Ans: Yes, it is possible for two different organizations to have the same range of subnets. Similarly, even two different networks can have the same subnet range of IPs as well. > Types of VPC NetworksGoogle Cloud offers three types of VPC networks, determined by their subnet creation mode:
Q13. What is the difference between auto mode and default mode? Ans: Default mode VPC networks are created automatically when you initiate a project. On the other hand, auto mode networks need to be created manually. In auto mode, you can add more subnets by yourself, if needed – which is not possible in default mode. > IP AddressesResources such as VM instances and load balancers have IP addresses in Google Cloud which enables Google Cloud resources to communicate with other resources in Google Cloud, in on-premises networks, or on the public internet. > Types of IP AddressesGoogle Cloud uses the following labels to categorize IP addresses:
> RoutesRoutes define the paths that network traffic takes from a virtual machine (VM) instance to other destinations. These destinations can be inside your Google Cloud Virtual Private Cloud (VPC) network (for example, in another VM) or outside it. > Routing TableA route table contains a set of rules, called routes, that determine where network traffic from the subnet or gateway is directed.
> Dynamic RoutingThe dynamic routing mode of a VPC network determines which subnet routes the cloud routers of that network advertising. There are two types of dynamic routing:
> FirewallsA firewall is a network security device that monitors incoming and outgoing traffic, based on certain rules. Firewall rules manage traffic even if it is entirely within the network, including communication among VM instances. When you create a VPC firewall rule, a VPC network is specified along with a set of components that define what the rule does. The components enable you to target certain types of traffic, based on the traffic’s protocol, destination ports, sources, and destinations. Q14: Is firewall creation a way to secure the VPC network? Ans: Firewall rules control incoming and outgoing traffic, making it a way to secure the VPC network. Q15: Is there any provision to add a custom firewall rule (business specific) for custom mode? Ans: Firewall rules can be added to VPC networks in all modes – default, auto, and custom. Enabled firewall rules are always enforced, even if the associated operating system and configuration haven’t been started. Quiz Time (Sample Exam Questions)!With our Google Cloud Architect training program, we cover 200+ sample exam questions to help you prepare for the certification. Check out one of the questions and see if you can crack this… Ques: When creating firewall rules, what forms of segmentation can narrow which resources the rule is applied to? (Choose all that apply) A. Network range in source filters B. Zone C. Region D. Network Tags Comment your answer in the comment box. FeedbackWe always work on improving and being the best version of ourselves from the previous session hence constantly ask feedback from our attendees. Here’s the feedback that we received from our trainees who had attended the session… Related ReferencesNext Task For YouIf you are also interested and want to know more about the Google Professional Cloud Architect certification, register for our Free Class. |
When creating firewall rules what forms of segmentation of can narrow which resources the rule is applied to?
Pos Terkait
Copyright © 2024 ketiadaan Inc.
