Google Cloud service centric Cross-Cloud Network — with demo
As organizations expand their footprint and begin to use multicloud and hybrid networks, network complexity becomes a major issue. Google Cloud understands that and in this blog we will explore how the service centric Cross-Cloud Network can help with these challenges.
Case of complexity
Network complexity is not a bad thing. In fact complexity and abstraction are commonly used to solve problems. Let’s say you have an isolated Google Cloud environment and you deploy your application and setup routing and everything works fine. As time goes by you connect your on-premises sites and you are able to connect and route traffic between both environments without issue.
Your company’s strategic goals change and you now start to bring on third party cloud environments and SaaS providers. Your development teams need to build services that connect between all these environments. At this point the level of toil can increase and become more complex for your admin teams.
Service-centric Cross-Cloud Network
Service-centric Cross-Cloud Network is a guided blueprint to designing your environment with several innovative services to handle distributed applications and support secure any to any connectivity between your environments.
A few of the benefits include:
- IP address management: It allows direct connectivity between services without the need for IP address coordination. e.g. You can connect services in different environments with the same IP address ranges.
- Isolation of deployments. How you choose to segment your environment will impact your design choice. You can choose to consolidate your environment, or deploy applications in separate projects and VPC to create control domains.
- Workload security: You can access native security options and also access third party DLP, NGFW and SSE options on your routed traffic.
- Simplification of complex routing configuration. Complex network peering, route adjustment and configurations become less common since these can be abstracted away with the use of Private Service Connect.
Considerations
In designing your service centric Cross-Cloud Network you would have to consider the following.
- Connectivity. What services you need to connect, where they exist and how the traffic should flow. Google services to support these include Cloud Interconnect, Network Connectivity Center, Cloud VPN.
- Security. Simplification of security management across environments. Security needed based on type of workload e.g. DLP. Services include Cloud NGFW, Third Party NGFW, Cloud Armor, Cloud DLP.
- Privacy. Control of who is connecting to your service depending on its nature. Private or public service.
Demo
The following demo looks at a scenario where you are using multiple cloud networks and need to access services in both environments.
Next steps
This area continues to rapidly evolve, so to learn more check out the following resources:
- Documentation: Cross-Cloud Network
- NEXT ’24 — How to design a service-centric cross-cloud network
- Architecture Center Doc: Cross-Cloud Network Architecture distributed apps
To find out more or share a thought? Please connect with me on Linkedin