Thursday, March 28, 2024
GCP Juara GCP VPC

Networking 101

101

“Networking 101”

Pengantar

Di lab praktis ini, Anda akan mempelajari cara melakukan tugas jaringan dasar di Google Cloud (termasuk instance Compute Engine) dan perbedaan Google Cloud dengan penyiapan lokal

Konsep Jaringan Google Cloud

Di Google Cloud Platform, jaringan menyediakan koneksi data masuk dan keluar dari resource cloud Anda (kebanyakan instance Compute Engine). Mengamankan Jaringan Anda sangat penting untuk mengamankan data Anda dan mengontrol akses ke sumber daya Anda.

Praktikum

Task 1. Review the default network

  • Click Navigation menu > VPC network.
  • Klik Navigation menu > VPC network > Firewall.
  • Klik Navigation menu > VPC network > Routes.

Task 2. Creating a custom network

Saat menetapkan rentang subjaringan secara manual, Anda terlebih dahulu membuat jaringan subjaringan khusus, lalu membuat subjaringan yang Anda inginkan dalam suatu wilayah. Anda tidak harus langsung menentukan subnetwork untuk semua region, atau bahkan sama sekali, tetapi Anda tidak dapat membuat instance di region yang tidak memiliki subnetwork yang ditentukan.

Task 3. Create custom network with the console

  • Klik Navigation menu > VPC network.
  • Klik Create VPC network
  • Isi field
name : taw-custom-network
Subnet name: subnet-us-central
Region: us-central1
IP address range: 10.0.0.0/16
  • Tambahkan 2 subnet lain
subnet-europe-west, europe-west1, 10.1.0.0/16
subnet-asia-east, asia-east1, 10.2.0.0/16

Task 4. Create custom network with Cloud Shell

  • Masuk ke cloud shell
gcloud compute networks create taw-custom-network --subnet-mode custom
  • Buat Subnet
gcloud compute networks subnets create subnet-us-central \
   --network taw-custom-network \
   --region us-central1 \
   --range 10.0.0.0/16
  • Buat Subnet dengan prefix
gcloud compute networks subnets create subnet-europe-west \
   --network taw-custom-network \
   --region europe-west1 \
   --range 10.1.0.0/16
  • Buat subnet asia-east
gcloud compute networks subnets create subnet-asia-east \
   --network taw-custom-network \
   --region asia-east1 \
   --range 10.2.0.0/16
  • Cek list network
gcloud compute networks subnets list \
   --network taw-custom-network

Task 5. Adding firewall rules

Baca Juga :  Creating and Alerting on Logs-based Metrics

Add firewall rules through the Console

  • Buka VPC networks -> Klik taw-custom-networking
  • Klik Firewall Rules -> Add Firewall Rules
  • Tambahkan info berikut :
  • Klik Create

Add firewall rules using Cloud Shell

  • Buka Cloud shell
gcloud compute firewall-rules create nw101-allow-http \
--allow tcp:80 --network taw-custom-network --source-ranges 0.0.0.0/0 \
--target-tags http

Create additional firewall rules

ICMP

gcloud compute firewall-rules create "nw101-allow-icmp" --allow icmp --network "taw-custom-network" --target-tags rules
  • Internal comunnication
gcloud compute firewall-rules create "nw101-allow-internal" --allow tcp:0-65535,udp:0-65535,icmp --network "taw-custom-network" --source-ranges "10.0.0.0/16","10.2.0.0/16","10.1.0.0/16"
gcloud compute firewall-rules create "nw101-allow-ssh" --allow tcp:22 --network "taw-custom-network" --target-tags "ssh"

gcloud compute firewall-rules create “nw101-allow-rdp” –allow tcp:3389 –network “taw-custom-network”

  • Review

Task 6. Connecting to your lab VMs and checking latency

Creating a VM in each zone

  • us-central1
gcloud compute instances create us-test-01 \
--subnet subnet-us-central \
--zone us-central1-a \
--tags ssh,http,rules
      • europe-west1
      gcloud compute instances create europe-test-01 \
      --subnet subnet-europe-west \
      --zone europe-west1-b \
      --tags ssh,http,rules
      
      gcloud compute instances create asia-test-01 \
      --subnet subnet-asia-east \
      --zone asia-east1-a \
      --tags ssh,http,rules

      Test dari VM

      ping -c 3 <europe-test-01-external-ip-address>

      Task 7. Traceroute and Performance testing

      • login SSH ke VM us-test-01 dan europe-test-01
      • install traceroute
      us-test-01 VM and europe-test-01
      • test
      traceroute www.icann.org

      Task 8. Use iperf to test performance

      • SSH ke europe-test-01
      • install traceroute
      sudo apt-get update
      sudo apt-get -y install traceroute mtr tcpdump iperf whois host dnsutils siege
      • test iperf
      iperf -s
      
      # test dari yg uerope
      iperf -c us-test-01.us-central1-a #run in client mode, connection to eu1-vm

      Penutup

      Sahabat Blog Learning & Doing demikianlah penjelasan mengenai Networking 101. Semoga Bermanfaat . Sampai ketemu lagi di postingan berikut nya.

      (Visited 81 times, 1 visits today)

      Similar Posts