Recently, I worked on a project on which we need to access privately to CloudSQL instance (PostgreSQL instance in our case). In this article, we will explore two options to do so. However, you can use the same technique for other types of CloudSQL (SQL Server or MySQL).
By default, a single filestore instance cannot be shared across multiple pods in GCP. However, there is a technique that can help you enable this functionality by using an external NFS provisioner. The latter separates the PVC of each application by using a subdirectory.
In this article, we will explore the process of establishing a connection to a virtual machine situated within a private subnet without a public IP address. This method significantly enhances security by eliminating the need to expose the virtual machine to the open Internet.
In this part, we will delve into the process of connecting to private instances using Visual Studio Code with Remote-SSH extension.
In this article, we walk through how to create a Kubernetes cluster on a cloud provider (AKS, GKE) using Terraform. Next, we deploy this cluster through a CI/CD pipeline (Azure DevOps Pipeline and Github Action).
On the first project, we deploy our cluster to AKS through Azure DevOps pipeline.
On the second project, we will use Github action as our CI/CD and we will create a GKE cluster.
The choice of tool is indicatif. You can choose which one which is the best fit for your case/business.
[Read More]In this article, we will walk through how provisioning a local Kubernetes cluster (single node or multiple nodes).
The next part will guide you to provision a Kubernetes cluster on cloud (Azure or GCP).
[Read More]In the previous article (part 2), we talk about the Site-to-Site VPN with active/passive configuration.
Now, we configure our Site-to-Site VPN with active/active configuration using BGP (Border Gateway Protocol).
In the end, we will take a quick look at Azure ExpressRoute.
In the previous article (part 1), we talk about the Point-to-Site VPN. It’s great when you want to connect to Azure from your local computer.
In the real world, you may want to connect your entire on-premises networks to Azure or connect multiple virtual networks in Azure together. In this case, you may consider using the Site-to-Site VPN or the Vnet-to-Vnet connection.
Part 3 (S2S VPN with High Availability) available here.
[Read More]A virtual private network (VPN) is a type of private interconnected network.
VPNs are typically deployed to connect two or more trusted private networks to one another over an untrusted network (over the Internet).
Traffic is encrypted while traveling over the untrusted network to prevent eavesdropping or other attacks.
You may consider three types of gateway below when designing your hybrid network:
In this first part, we will discuss the Point-to-Site VPN.
Part 2 (Site-to-Site VPN) available here.
[Read More]In this article, we discuss an important part of GCP: IAM or Identity and Access Management.
Before going into details, let’s take a quick look at IAM Hierarchy.
As you can see, IAM includes some basic objects at each level: organization, folders, projects and resources. GCP allows you to set IAM policies at any of these levels.
Understanding these IAM objects and how to set IAM at the corresponding level will help you to design your solution following Google’s recommended best practices.
[Read More]