Читать книгу CompTIA Cloud+ Study Guide - Ben Piper, David Higby Clinton - Страница 70

Cloud providers also virtualize and pool network resources. If you're not familiar with the details of networking, what happens behind the scenes can be a bit difficult to grasp, so we'll start in familiar territory.

The term network is a loaded term because its meaning varies with context. Generally, a network is the infrastructure that allows communication between computing resources, such as two servers or an end user and a server. That much you already know, but here's where it gets complicated. In the cloud, there are two different levels of networking:

 The Underlay The underlying network (or underlay) consists of the physical network infrastructure that the cloud provider completely manages. This is transparent to you, and you have no visibility into it whatsoever.

 The Overlay The cloud provider allows customers to create and manage virtual networks that run atop the provider's underlying network. These are sometimes called overlay networks or virtual private clouds (VPCs). Virtual networks are what you'll actually work with and connect your cloud resources to. In simple terms, a VPC is a private, software-defined network that exists in the cloud.

A virtual network consists of, at a minimum, a block of private IP addresses to be assigned to VMs and other network resources, such as DNS and DHCP servers. A virtual network can span multiple physical hosts—a VM running on one host can communicate with another VM running on a different host, as if they were on the same subnet. Naturally, you can connect a virtual network to an external network such as the Internet or a corporate network via a VPN.

It's important to understand that networking in the cloud operates quite differently than what you'll find in a traditional data center. In a data center, a VM's virtual network interface card (vNIC) typically connects to a virtual switch (vSwitch) that's associated with one or more physical network interfaces on the host. Each VM can be connected to a different virtual LAN (VLAN) for traffic segmentation. In this virtual switching paradigm, configuring VM networks is a mostly manual task, so the network configuration remains relatively fixed. Without getting into too many details, this inflexibility is due to the limitations of Ethernet. Additionally, such networks are limited to a maximum of about 1 million devices, which is more than enough for a data center but woefully lacking for a cloud provider that may need to support hundreds of millions of VMs.

If you have an application that depends on Ethernet broadcast functionality, it probably won't work in the cloud. Ethernet broadcasts pose a hindrance to scalability in the cloud, so cloud providers generally don't support them.

When you create a virtual network in the cloud, the cloud provider's orchestration platform handles the details of the behind-the-scenes connectivity. For example, suppose that you're running two VMs connected to the same virtual network. These VMs may be on different physical hosts and even in different geographic locations, but they can still communicate. The important point here is that you don't need to know anything about the underlying network infrastructure. All you have to do is to create and configure a virtual network and connect your resources to it, and you're good to go. Just as the provider's proprietary orchestration software automatically picks what server to run your VMs on, so too it dynamically handles connectivity among devices on your virtual networks. This is another example of that “minimal management effort or service provider interaction” qualification that defines cloud computing.