Blog

Welcome back to my blog.
Now one key component of the AWS architecture which is under our control or under control of the admins or the customer to say properly is the Virtual Private Cloud or also known as the VPC. So think of a VPC as a network within a network, So if you think of a global network or AWS is having its global network where different machines and different servers are connected.Well what they have given is a specific thing for us which is called a what virtual private cloud.

So what exactly is a VPC?

A VPC is a virtual network which is actually dedicated to your AWS account, As I say it's dedicated so no other account can actually access your specific VPC which is the virtual private cloud.
It is a logically isolated from other virtual networks in the cloud, so let's say if you have different AWS cloud accounts and all these cloud accounts would have their specific VPCs  and they would be like default VPCs and you can actually create your own VPCs as we will see in the in the figures. It is for you,So nobody from outside can actually access it until you actually allow it. So it's a virtual private cloud. You can launch AWS resources such as Amazon EC2 instances into your VPC.

It is actually recommended that if you have to create any resource let's say you are creating an EC2 machine you are creating an RDS Oracle database then it's always advisable that you first create your own VPC. It is kind of you are marking your boundary that this is my boundary and in this boundary or in this area I will be creating my different resources or services and that's what is the recommendation from Amazon as well.

So a VPC is nothing but a CIDR block of addresses so a CIDR block of addresses is something like this 10.0.0.0/16.

So all we are specifying here is we are specifying a range of IP addresses so you don't give a specific IP address but when you create a VPC you create a range of IP addresses. Now if somebody is giving slash 16 then it means that you have to do a calculation which is 32-16=16 , and two to the power 16 is 65536. So if you are using this notation then it means that you are specifying somewhere around 65536 IP addresses in this range.

So as it says it is just IP address range for the VPC. Now the thing is that if you talk about any network any network would be having subnets in it. It would have its own security groups and it would have routing tables and same is the case with the VPC.

So when you create a VPC a lot of resources are created in the backend or you can actually create yourselves as well which are mainly the subnets the security groups and different routing tables.

OK now I said subnets.So the thing is that normally we say that you can either create a public subnet or a private subnet so public subnet as the name suggests public, public means which is accessible to the outside world.

Now the things like if you'd like to you how to create a web server or you have to create an EC2 machine which is having your load balancers then this is something that you would put in a public subnet , you would never put a database server or an Oracle database server in a public subnet, You don't want your database over to be publicly accessible over the Internet. So anything that you want publicly accessible would the internet always keep it in the public subnet.

Then we have a private subnet private subnet as a name just private private something which is accessible to you which is not accessible to the outside world.

So private subnet is for the resources that won't be connected to the Internet things like a database server let's you create an EC2 machine or you created an RDS instance running Oracle database then you would always keep it in a private subnet.

So now if I try to explain you this figure a bit if you see this is our AWS region as we saw Region is nothing but a geographical area inside the region.We have actually created a VPC so this is VPC which is our private network and it is actually given by a to CIDR notation which is 10.0.0/16 as I said /16 indicates up to 65536 addresses inside your VPC you create two subnets, one is subnet 1 and the other is subnet 2 and here you can see that they are actually created in the availability zones like you have a availability zone a & availability zone B.  The subnets you have are pointing to 10.0.0.0/24 & 10.0.1.0/24 .

So don't get confused it's a very very simple thing all it is showing you is that you have a region the AWS Region inside the Region you create a VPC inside that VPC we create our subnets we created 2 subnets subnet 1 subnet 2 we just divided over resources some EC2 machines in subnet 1 and some EC2 machines in subnet 2 and some are in say as in this AZ A and AZ B and then you have the other key components of a network which is in the routing table.

In the next post I'll actually show you a very simple VPC example wherein we will create our own VPC so we will be designing the entire thing if it looks complicated you will try to make it really simplified and we'll create a basic VPC and show how the different resources get created.
 

Happy Learning !!!

DB Alchemist Academy

You may explore our E-Learning Page to have an insight into our High Rated Courses on Udemy