Course Description

• • This two-day instructor-led class gives participants broad study of networking options on Google Cloud Platform. Through a combination of presentations, demonstrations, and hands-on labs, participants explore and deploy GCP networking technologies, such as Google Virtual Private Cloud (VPC) networks, subnets, firewalls; interconnection among networks; load balancing; Cloud DNS; Cloud CDN; Cloud NAT. The course will also cover common network design patterns and automated deployment using Deployment Manager or Terraform.

Objectives

• This course teaches participants the following skills:

• Understand how software containers work Understand the architecture of Kubernetes
• Understand the architecture of Google Cloud Platform Understand how pod networking works in Kubernetes Engine
• Create and manage Kubernetes Engine clusters using the GCP Console and gcloud/ kubectl commands Launch, roll back and expose jobs in Kubernetes
• Manage access control using Kubernetes RBAC and Google Cloud IAM Managing pod security policies and network policies Using Secrets and ConfigMaps to isolate security credentials and configuration artifacts
• Choose among and use Google Cloud Platform storage options: Google Cloud Storage, Google Cloud SQL, Google Cloud Bigtable, and Google Cloud Datastore

Audience

• This class is intended for network engineers and network admins that are either using Google Cloud Platform or are planning to do so. The class is also for individuals that want to be exposed to software-defined networking solutions in the cloud.

Prerequisites

• Familiarity with the Linux command line, web servers, and text editors.

Content

• This course teaches participants the following skills:

Module 1: Google Cloud VPC Networking Fundamentals

• Recall that networks belong to projects
• Explain the differences among default, auto, and custom networks
• Create networks and subnets
• Explain how IPv4 addresses are assigned to Compute Engine instances
• Publish domain names using Cloud DNS
• Create Compute Engine instances with IP aliases
• Create Compute Engine instances with multiple virtual network interfaces

Module 2: Controlling Access to VPC Networks

• Outline how IAM policies affect VPC networks
• Control access to network resources using service accounts
• Control access to Compute Engine instances with tag-based firewall rules

Module 3: Sharing Networks across Projects

• Outline the overall workflow for configuring shared VPC
• Differentiate between the IAM roles that allow network resources to be managed
• Configure peering between unrelated VPC networks
• Recall when to use shared VPC and when to use VPC peering

Module 4: Load Balancing

• Recall the various load balancing services
• Configure Layer 7 HTTP(S) load balancing
• Whitelist and blacklist IP traffic with Cloud Armor
• Cache content with Cloud CDN
• Configure internal load balancing
• Determine which GCP load balancer to use when

Module 5: Hybrid Connectivity

• Recall the GCP interconnect and peering services available to connect your infrastructure to GCP
• Explain Dedicated Interconnect and Partner Interconnect
• Describe the workflow for configuring a Dedicated Interconnect
• Build a connection over a VPN with Cloud Router
• Determine which GCP interconnect service to use when
• Explain Direct Peering and Partner Peering
• Determine which GCP peering service to use when

Module 6: Networking Pricing and Billing

• Recognize how networking features are charged for
• Use Network Service Tiers to optimize spend
• Determine which Network Service Tier to use when
• Recall that labels can be used to understand networking spend

Module 7: Network Design and Deployment

• Explain common network design patterns
• Automate the deployment of networks using Deployment Manager
• Launch networking solutions using Cloud Marketplace

Module 8: Network Monitoring and Troubleshooting

• Configure uptime checks, alerting policies, and charts for your network services
• Use VPC Flow Logs to log and analyze network traffic behavior