Create a network using virtual private clouds (VPCs) - Google Cloud Tutorial

- [Instructor] Google Cloud's virtual private networks also known as VPCs is a cloud service that allows you to create and manage your resources in a logically isolated virtual network. In simple terms, you can think of VPCs as a virtual version of a physical network that you may be familiar with on-premise. Therefore you can think of it as the same way you do a physical network but just made for cloud environments. VPCs are considered a global resource, meaning an instance with an IP address in any zone or region can communicate privately with each other within the same project, creating a global wide area network. Some benefits of Google Cloud VPCs are that they are flexible and scalable, meaning they allow you the ability to scale and control how your workloads connect both regionally and globally. Additionally, VPCs are shareable and provide isolation. Meaning you can build an entire virtual network for your organization, but still enforce isolation for teams that need it. Let's dive deeper into this topic and understand how to get started in creating your own virtual private cloud network. The following are some fundamental concepts to understand before setting up your VPC. The first is in order to create a VPC, you must first create a project. We discussed projects in an earlier video, but as a reminder, projects are a logical control for billing and organization within your environment. What's important to note about projects and VPCs is that each project you create has its own VPC which is isolated from the other projects in your environment. So if you were trying to create a separate environment for your production, testing and development applications, for example or perhaps you're dividing our projects by departments, you can be certain that resources within that project are isolated and contain its own virtual private network. Secondly, VPCs are made of subnets, which is a logical subdivision of an IP network. Subnets are a regional resource, meaning subnets can only span the same region it is created in. A subnet is defined by a range of IP addresses. For example, 192.168.0.15/24. The breakdown of subnetting, CIDR blocks and other concepts are outside of the scope of this course. But I highly encourage you to understand these networking principles in order to properly create a virtual private cloud within GCP. Next, traffic that flows to and from resources within your virtual private cloud is controlled by network firewall rules. It is important to note that firewall rules are placed on the instance you create. So traffic is logged and managed at the instance level. And lastly, in the whole VPCs is a logical isolation mechanism. VPC networks can be connected to other VPCs in a different project or organization by using VPC network peering. Network peering allows your internal resources to connect to other VPCs regardless if that resource is in the same project or organization. It has a great option if your organization has multiple networks, for example and need to have services communicate privately with one another. This is a high level overview of VPCs within Google Cloud including some foundational concepts you should understand before getting started on the platform. Next, we will deep dive into exploring firewall rules.