ποΈ Building Your Own City in the Cloud
Imagine youβre a kid who wants to build the coolest city ever using toy blocks. But instead of plastic blocks, youβre using internet magic to create a city where computer programs can live, talk to each other, and connect to the outside world!
This is exactly what Network Architecture in cloud computing is all about. Letβs explore how to build your very own cloud city!
π° Virtual Private Cloud (VPC): Your Private Kingdom
What Is It?
Think of a VPC as your own private playground thatβs fenced off from everyone elseβs playgrounds. Even though youβre in a huge park (the cloud), your area is just for you!
Simple Example:
- The cloud is like a giant shopping mall
- Your VPC is like renting your own store inside that mall
- You decide who can come in and what happens inside
- Other stores canβt peek into yours!
Why It Matters
Without a VPC, your computers would be out in the open where anyone could bother them. With a VPC, you create a safe, private space.
graph TD A[βοΈ The Big Cloud] --> B[π Your VPC] A --> C[π Someone Else's VPC] A --> D[π Another VPC] B --> E[Your Safe Computers] C --> F[Their Computers]
π’ CIDR Notation: Naming Your Neighborhoods
What Is It?
CIDR (say it like βciderβ π) is a special way to write addresses for groups of houses in your cloud city.
Think of it like this: Instead of writing down every single house address, you write ONE address that covers a whole neighborhood!
The Magic Numbers
A CIDR looks like this: 10.0.0.0/16
| Part | What It Means |
|---|---|
10.0.0.0 |
Starting address |
/16 |
How BIG the neighborhood is |
The smaller the number after /, the BIGGER the neighborhood!
| CIDR | Size | Like⦠|
|---|---|---|
/8 |
16 million addresses | π A whole country! |
/16 |
65,536 addresses | ποΈ A big city |
/24 |
256 addresses | ποΈ One neighborhood |
/28 |
16 addresses | π A small street |
Real Example
Your VPC: 10.0.0.0/16
β
This means you have addresses from
10.0.0.0 to 10.0.255.255
β
That's 65,536 possible addresses!
𧱠Subnets: Dividing Your City into Neighborhoods
What Is It?
A Subnet is like dividing your big city into smaller neighborhoods. Each neighborhood has its own rules and purposes!
Simple Example:
- Your VPC city =
10.0.0.0/16(the whole city) - Web Server Neighborhood =
10.0.1.0/24(256 houses) - Database Neighborhood =
10.0.2.0/24(256 houses) - Office Neighborhood =
10.0.3.0/24(256 houses)
Why Split Things Up?
- Organization - Know where everything is
- Safety - Keep dangerous things separate
- Control - Different rules for different areas
graph TD A[ποΈ VPC: 10.0.0.0/16] --> B[π Public Subnet<br>10.0.1.0/24] A --> C[π Private Subnet<br>10.0.2.0/24] A --> D[πΎ Database Subnet<br>10.0.3.0/24]
π Public vs Private Subnets: Front Yard vs Backyard
Public Subnet: The Front Yard
A public subnet is like your front yard - anyone walking by can see it!
- β Has a path to the internet
- β Computers here get public addresses
- β Good for: Websites, apps users visit
Private Subnet: The Backyard
A private subnet is like your backyard - hidden behind a fence!
- π No direct path to the internet
- π Computers here have private addresses only
- π Good for: Databases, secret stuff
Real Life Example
| What | Where | Why |
|---|---|---|
| Website | Public Subnet | People need to visit it! |
| Database | Private Subnet | Keep passwords safe! |
| Admin Tools | Private Subnet | Only staff should access |
graph LR A[π Internet] --> B[π Public Subnet] B --> C[π Private Subnet] C -.->|β Can't reach directly| A
πΊοΈ Route Tables: The Cityβs Road Map
What Is It?
A Route Table is like a map that tells traffic where to go. It says βIf you want to go HERE, use THIS road!β
How It Works
Think of it like directions:
- Want to go to the bakery? Take Main Street!
- Want to go to school? Take Oak Avenue!
- Want to go ANYWHERE else? Take the highway!
Example Route Table
| Destination | Where to Go | Meaning |
|---|---|---|
10.0.0.0/16 |
Local | Stay in the VPC |
0.0.0.0/0 |
Internet Gateway | Go to the internet |
0.0.0.0/0 means βeverywhere elseβ - itβs the default route!
graph TD A[π¦ Data Packet] --> B{Where to go?} B -->|10.0.x.x| C[Stay in VPC] B -->|Anywhere else| D[Internet Gateway]
πͺ Internet Gateway: The Main Door
What Is It?
An Internet Gateway is like the main door of your city that connects to the outside world!
Simple Example:
- Your VPC is a shopping mall
- The Internet Gateway is the main entrance
- Without it, no one from outside can come in
- And no one inside can go out!
Key Points
- β Only ONE per VPC
- β Allows two-way traffic (in AND out)
- β Free to use!
- β Attach it to public subnets
graph LR A[π The Internet] <-->|πͺ| B[Internet Gateway] B <--> C[π Public Subnet] C <--> D[π₯οΈ Your Web Server]
π‘οΈ NAT Gateway: The Secret Messenger
What Is It?
A NAT Gateway (Network Address Translation) is like a secret messenger who can go outside to get things, but nobody outside knows where they really came from!
Why Do We Need It?
Private subnets canβt reach the internet directly. But sometimes computers in private subnets need to:
- Download software updates
- Get the current time
- Fetch data from websites
The NAT Gateway helps with this!
How It Works
- Computer in private subnet: βI need updates!β
- NAT Gateway: βIβll get them for you!β
- NAT Gateway goes to internet (using its public address)
- Gets the updates
- Brings them back to the private computer
- Outside world never sees the private computer!
graph LR A[π Private Server] --> B[π‘οΈ NAT Gateway] B --> C[πͺ Internet Gateway] C --> D[π Internet] D -.->|β Can't reach| A
Public vs Private: The Key Difference
| Type | Can REACH internet? | Can BE reached? |
|---|---|---|
| Public Subnet | β Yes | β Yes |
| Private + NAT | β Yes | β No |
| Private alone | β No | β No |
π Elastic IP Addresses: Your Permanent Phone Number
What Is It?
An Elastic IP is like having a permanent phone number that you can move to any phone!
Normally, cloud computers get new addresses when they restart (like getting a new phone number every day - confusing!). Elastic IPs solve this.
Why It Matters
Without Elastic IP:
- Server restarts β New address β Users canβt find you!
With Elastic IP:
- Server restarts β Same address β Users always find you!
Key Rules
| Rule | Details |
|---|---|
| Cost | Free while attached to running computer |
| Cost | π° Costs money if NOT attached! |
| Limit | 5 per region (can request more) |
| Portability | Move between computers instantly |
Real Example
Your Website: www.awesome.com
DNS points to: 54.123.45.67 (your Elastic IP)
Server crashes? No problem!
1. Launch new server
2. Attach same Elastic IP
3. Users still reach you!
π― Putting It All Together
Letβs build a complete cloud city!
graph TD subgraph VPC[ποΈ VPC: 10.0.0.0/16] subgraph Public[π Public Subnet: 10.0.1.0/24] WEB[π₯οΈ Web Server<br>Elastic IP: 54.x.x.x] NAT[π‘οΈ NAT Gateway] end subgraph Private[π Private Subnet: 10.0.2.0/24] DB[πΎ Database] APP[π± App Server] end end INET[π Internet] <--> IGW[πͺ Internet Gateway] IGW <--> WEB IGW <--> NAT NAT --> DB NAT --> APP
The Complete Picture
| Component | Address | Purpose |
|---|---|---|
| VPC | 10.0.0.0/16 | Your private kingdom |
| Public Subnet | 10.0.1.0/24 | Front-facing services |
| Private Subnet | 10.0.2.0/24 | Protected resources |
| Internet Gateway | - | Main door to internet |
| NAT Gateway | In public subnet | Lets private talk out |
| Web Server | Elastic IP | Users visit here |
| Database | Private IP only | Safe from attacks |
π Quick Recap
| Concept | One-Line Summary |
|---|---|
| VPC | Your private fenced playground in the cloud |
| CIDR | A short way to write many addresses at once |
| Subnet | Neighborhoods inside your city |
| Public Subnet | Front yard - visible to everyone |
| Private Subnet | Backyard - hidden from outsiders |
| Route Table | The road map showing where traffic goes |
| Internet Gateway | Main door connecting to the world |
| NAT Gateway | Secret messenger for private subnets |
| Elastic IP | Permanent phone number for your server |
π‘ Remember This!
Building a cloud network is like building a city:
- Start with your VPC (the city boundaries)
- Divide into subnets (neighborhoods)
- Add an Internet Gateway (the main door)
- Add a NAT Gateway (for private areas to reach out)
- Use Elastic IPs (permanent addresses for important things)
- Configure Route Tables (the road signs)
Youβre now ready to be a Cloud City Architect! ποΈβοΈ