Elastic Google Cloud Infrastructure Scaling and Automation

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

What are the Cloud Interconnect and Peering Services?

Layer 3: Direct Peering, Carrier Peering Layer 2: Dedicated Interconnect, Partner Interconnect

What is Cloud Router?

Manage routes from Cloud VPN tunnel using border gateway protocol or BGP. This routing method allows for routes to be updated and exchanged without changing the tunnel configuration.

Benefit of using VPC Peering

PC Network Peering does not incur the network latency, security, and cost drawbacks that are present when using external IP addresses or VPNs.

What are autoscaling policies based on?

CPU Utilization Load balancing capacity monitoring metrics Queue-based workload

What can the balancing mode be based on?

CPU Utilization or Request Per Second

What's an example of use case Cloud VPN does not support?

Client Computers needing to dial into a VPN using a Client VPN software

How do you add subnets to a GCP network?

Cloud Router can automatically propagate network configuration changes

Cloud VPN

Cloud VPN securely connects your on-premise network to your GCP VPC network through an IPSec VPN tunnel. Traffic traveling between the two networks is encrypted by one VPN gateway. Then decrypted by the other VPN gateway. This protects your data as it travels over the public internet.

What is an Internet NEG?

Contains a single endpoint that is hosted outside of Google Cloud. This endpoint is specified by host name, FQDN colon port or IP port.

What is a Zonal NEG?

Contains one or more endpoints that can be Compute Engine VMs or services running on the VMs. Each endpoint is specified by either an IP address or an IP colon port combination.

How can you monitor the utilization of an instance group?

Graphs are presented when you click on a virtual machine, you can also set up alerts

What is Direct Peering?

With this connection, you will be able to exchange internet traffic between your network and Google's at one of the Googles broad reaching edge network locations.

What happens when a managed instance group requires more compute resources?

managed instance groups can scale automatically to the number of instances in the group

What is GCP HTTPs Load Balancing?

provides global load balancing for HTTPS requests destined for your instances. This means that your applications are available to your customers at a single any cast IP address, which simplifies your DNS setup.

What is a common use case for using a backend bucket and backend service?

send requests for genomic content such as data to a backend service, and send requests for static content such as images to a backend bucket.

What are examples of what MIGs can be used for?

stateless serving or batch workloads, like a website front end or image processing or stateful applications such as databases and legacy applications

What does a balancing mode in a backend service do?

tells the load balancing system how to determine when the backend is at full usage. If older backends for the backend service in a region are at the full usage, new requests are automatically routed to the nearest region that can still handle requests.

What are the 7 layers of the OSI model?

Physical Layer Data Link Layer Network Layer Transport Layer Session Layer Presentation Layer Application Layer

What is a serverless NEG?

Points to Cloud Run App Engine, Cloud function services residing in the same region as the NEG. These don not contain endpoints

What is a Hybrid Connectivity NEG?

Points to traffic director services running outside of Google Cloud.

What is defined with an MIG health check?

Protocol Port Health Criteria

What happens if an instance in a MIG is stopped, or deleted by an unintended action?

The managed instance group automatically recreates the instance so it can resume its processing tasks. The recreated instance uses the same name and the same instance template as the previous instance.

When might you want to consider using a Partner Interconnect?

When you are nowhere near one of the supported co-location facilities to use a Dedicated Interconnect

When do you want to use a Global Load Balancer?

When your users and instances are globally distributed, your users need access to the same application and content and you want to provide access using a single anycast iP address

What does Direct Peering require you to have?

A connection with a GCP Edge Pop

What is HA VPN?

A high availability Cloud VPN solution that lets you securely connect your on-premises network to your Virtual Private Cloud (VPC) network through an IPsec VPN connection in a single region.

What is an anycast IP address?

A network addressing and routing method that attributes a single IP address to multiple servers in a network.

What is a URL Map?

A set of Google Cloud configuration resources that direct requests for URLs to backend services or backend buckets.

What is an SSL Certificate Resource?

Contains the SSL certificate information. Only used with load balancing proxies such as a target HTTP(S) proxy or target SSL proxy

What is the Internal HTTPs load balancer?

A proxy based regional layer seven load balancer that enables you to run and scale your services behind a private load balancing iP address that is accessible only in the load balancers region, in your VPC network.

What does the regional network load balancer leverage?

Maglev, which is a large distributed software system

What ports are HTTPS request load balanced on?

Port 443

What ports are HTTP request load balanced on?

Ports 80 or 8080

What setting does a capacity setting interact with in the backend service?

The balancing mode setting

Where are load balancing request generally routed

The closest instance with sufficient capacity

When are peering services useful?

When you require access to Google and Google cloud properties

What are dynamic routes configured with?

Dynamic Routes are configured with Cloud Router

What is a Partner Interconnect?

It provides connectivity between your on-premises network and your VPC network through a supported service provider. This is useful if your data center is in the physical location that cannot reach a Dedicated Interconnect co-location facility or if your data needs don't warrant a Dedicated Interconnect.

How does a health check work?

It pulls instances attached to the backend service at configured intervals. Instances that pass the health check are allowed to receive new requests. Unhealthy instances are not sent requests until they are healthy again.

What is a Global forwarding rule?

It routes traffic by IP address, port, and protocol to a load balancing configuration consisting of a target proxy, and URL map.

What is a Dedicated Interconnect in GCP?

This provides direct physical connections between your on-premise network and Google's network. This enables you to transfer large amount of data between networks, which can be more cost-effective than purchasing additional bandwidth over the public Internet.

What are use cases for network endpoint groups?

-Deploying services in containers. -Distribute traffic in a granular fashion -Use as backends for some load balancers and with traffic director

What are the Global Load Balancers?

-HTTP(S) -SSL Proxy -TCP Proxy

What does the backend service contain?

-Health check -Session Affinity -Time out setting -One or more backends (instance group, balancing mode, capacity scaler)

What are the Regional Load Balancers?

-Internal TCP/UDP -Network TCP/UDP -Internal HTTP(S)

Differences between HTTP and HTTP(s) load balancers

-Use HTTPs vs HTTP proxy -HTTPs requires at least one signed SSL Certificate -HTTPs supports the QUIC Transport Layer Protocol -Client SSL sessions terminate at the load balancer

What two categories can load balancers be put in?

1. Global 2. Regional

What are the 4 types of NEGs

1. Zonal 2. Internet 3. Serverless 4. Hybrid Connectivity

What is the throughput capacity of an IP Sec VPN Tunnel?

1.5 Gbps applies to the public internet, 3 Gbps applies to a direct peering link

How many SSL Certificates can be configured with target proxy for HTTPs load balancing?

10

What is the throughput capacity of Direct Peering?

10 Gbps

What is the throughput capacity of a Dedicated Interconnect?

10 Gbps per link

What is the throughput capacity of a Partner Interconnect?

50 Mbps to 10 Gbps, depending on service provider

How many Dedicated Interconnect Links can you have?

8

Dedicated Interconnects and Partner Interconnects can be configured to meet which SLAs

99.9 % and 99.99%, 3 9's, 4 9's

What SLA does Cloud VPN provide for availability?

99.9%

How does a VPN Tunnel work?

A VPN tunnel connects your VPN gateways and serves as the virtual medium through which encrypted traffic is passed. In order to create a connection between two VPN gateways you must establish two VPN tunnels. Each tunnel defines the connection from the perspective of its gateway and traffic can only pass when the pair of tunnels established.

What is a managed instance group?

A collection of identical VM instances that you control as a single entity using an instance template.

What is the throughput capacity of Carrier Peering?

This will depend on the service provider

How do you set up BGP in a VPNC network?

To set up BGP an additional IP address has to be assigned to each end of the VPN tunnel. These two IP addresses must be link-local IP addresses. Belonging to the IP address range 169.254.0.0/16. These addresses are not part of IP address space of either network and are used exclusively for establishing a BGP session.

True/False A Cloud VPN Gateway is a regional resource that uses a regional IP address

True

True/False Cloud VPN Supports both Dynamic and Static routes

True

True/False Cloud VPN supports both IKEv1 and IKEv2 Ciphers

True

True/False Cloud VPN uses the public internet, though it is encrypted

True

True/False HTTPs load balancing balances both HTTP and HTTPs traffic across multiple instances and regions

True

True/False MIGs can be single zone or multi-zone

True

True/False VPC Peering connections need to be created from both sides

True

True/False With MIG you can create a health check to determine which instances are healthy and should receive traffic

True

True/False Your on-premise VPN gateway can be a physical device in your data center or a physical or software based VPN offering in another Cloud providers network.

True

What do you first need to create a managed instance group?

An instance template

What version protocols does HTTPS load balancing support?

IPV4 and IPV6

What is the time out setting in a backend service?

This is the amount of time the backend service will wait on the backend before considering the request a failure.

What does VPC Peering allow?

Allows private RFC 1918 connectivity across two VPC networks, regardless of whether they belong to the same project, or the same organization.

What gateway do you need to configure on-prem to connect to a Cloud VPN gateway?

An On-Premises Gateway

What do Internal TCP/UDP Load Balancer leverage?

Andromeda which is GCP's software defined network virtualization stack

What is a proxy server?

Any machine that translates traffic between networks or protocols

What is the maximum transmission unit for your on-premise VPN Gateway?

It cannot be greater than 1,460 bytes

What is the BGP Protocol?

Border Gateway Protocol. It enables the internet to exchange routing information between autonomous systems (AS). As networks interact with each other, they need a way to communicate. This is accomplished through peering.

How does Direct Peering work?

Exchanging BGP route between Google and peering entity. After a direct peering connection is in place, you can use it to reach all the Google services, including the full suite of Google cloud platform products. Unlike dedicated interconnect, Direct Peering does not have an SLA.

What type of IP address do the Cloud VPN Gateway and On-Premise VPN Gateway have?

External IP Address

True/False You can use a Share VPC across two different organizations

False

True/False You should use Dedicated Interconnect if you want to connect to multiple clouds

False

What is an example of cross region load balancing?

If there are no health instances or capacity in an EMEA region, traffic is forwarded to a US region

What is Carrier Peering?

If you require access to Google public infrastructure and cannot satisfy Google's peering requirements, you can connect with a Carrier Peering partner. Work directly with your service provider to get the connection you need and to understand the partners requirements. There is no SLA.w

Where must your network physically meet to use Dedicated Interconnect?

In a supported co-location facility

What are GCP Layer 3 Connections?

These connections provide access to G Suite services, YouTube and Google Cloud APIs using public IP addresses.

What are GCP Layer 2 Connections?

These connections use a VLAN that pipes directly into your GCP environment, providing connectivity to internal IP addresses in the RFC 1918 address space.

What do Global Load Balancers leverage?

These load balancers leveraged the Google front ends, which are software defined distributed systems that sit in Google's point of presence, and are distributed globally.

What do backend buckets allow you to do?

They allow you to use Google Cloud storage buckets with HTTP(S) load balancing.

What do Zonal and Internet NEGs do?

They define how endpoints should be reached, whether they are reachable and where they are located.

How do you set up projects with a Shared VPC?

You designate a project as a host project, and attach one or more other service projects to it.

What do you need at least one of to use HTTPs

You must create at least one SSL Certificate used by the target proxy

What do you need in order to use the Dedicated Interconnect?

You need to provision a cross-connect between the Google network and your own router in a common co-location facility. To exchange routes between the networks, you configure a BGP session over the Interconnect between the Cloud router and the on-premise router. This will allow user traffic from the on-premises network to reach GCP resources on the VPC network and vice-versa.

What do you need in order to use a Partner Interconnect?

You work with a supported service provider to connect your VPC and on-premise networks.

What is a network endpoint group?

a configuration object that specifies a group of backend endpoints or services. A common use case for this configuration is deploying services in containers. You can also distribute traffic in a granular fashion to applications running on your backend instances. You can use NEGs as backends for some load balancers and with traffic director

What is a session affinity?

a feature available on load balancers that allows all subsequent traffic and requests from an initial client session to be passed to the same server in the pool

What is head of line blocking?

a performance-limiting phenomenon that occurs when a line of packets is held up by the first packet

What is a Shared VPC?

allows an organization to connect resources from multiple projects to a common VPC network. This allows the resources to communicate with each other securely, and efficiently using internal IPs from that network

What is the QUIC transport layer protocol?

allows for faster client connection initiation, eliminates head of line blocking and multiplexed streams, and supports connection migration when a client's IP address changes.

What is stream multiplexing?

allows multiple independent logical streams to all share a common underlying transport medium.


Set pelajaran terkait

sociology chapter 9, Sociology 101: Chapter 14, Essentials of Sociology Chapter 1, Essentials of Sociology Chapter 3, Essentials of Sociology Chapter 2, Essentials of Sociology Chapter 4, Essentials of Sociology Chapter 5, Essentials of Sociology Cha...

View Set

Network Security, Firewalls, and VPNs | Chapter One - "Fundamentals of Network Security" | Assessment Questions #1 - #20

View Set

Ch 33 Obstetrics and Neonatal Care (Course 5 OB/Pediatrics)

View Set

해커스 토익 왕기초 RC 24 DAYS - DAY2

View Set

Business Process Improvement Exam #2

View Set