Designing a Virtual Network for a Startup
W e live in a world where everything is readily available to us. It is not required to create whole system to perform a particular task.Because once the job is done, what will you do with the whole infrastructure ?. You might be thinking that why I am writing this Gyan in the virtual network Blog. But there is a reason for which I should tell you this Gyan before starting the actual content.
Where all of it began
Let’s start with beginning of this whole thing, So I have a very enthusiastic friend called Jolly. Being in IT, and having friends such a rare thing :( . OK focus on the problem !!. So he wants to start a website that will provide some services to the users. For that he wants to build a capable infrastructure that will be able to handle to traffic.But he doesn’t have enough funds for building and maintaining this whole thing. He came up with this problem to me and I told the same Gyan that I have been talking since the start of this blog and I designed the virtual infrastructure for his dream project and successfully implemented the website.
You will say oh no !! I just broke the secrete, it is not fair. But will we understand how I helped Jolly to become Jolly literally :)
You must have the question that why I used the term “Virtual” here and what it actually means. OK let’s dive into it.
Virtual Infrastructure
A virtual infrastructure is a software-based IT infrastructure being hosted on another physical infrastructure and meant to be distributed as a service as in cloud computing’s infrastructure as a service (IaaS) delivery model. It provides organisations, particularly smaller ones that cannot afford to build their own physical infrastructure, access to enterprise-grade technology such as servers and other applications.
It simply means that we are renting cloud service that will allow us use the facilities such as computing, networking and data storage. Here in this scenario we are renting the resources from AWS.i.e. (Amazon Web Services).
Computing Part (Brain of application)
Let’s Start with the computing part, we want secure, resizable compute capacity in the cloud.So what is the solution for that ?. Amazon EC2 is the perfect match.
It is a simple web service interface that allows us to obtain and configure computing capacity with minimal friction. It provides the complete control of your computing resources and lets us run it on Amazon’s proven computing environment.
Amazon EC2 reduces the time required to obtain and boot new server instances (called Amazon EC2 instances) to minutes, allowing us to quickly scale capacity, both up and down, as our computing requirements change. Amazon EC2 changes the economics of computing by allowing us to pay only for capacity that we actually use.
OK we got the computing power, But is that it ?
As said above, by this wise man “One Does not simply setup only EC2 instance and expect our application to work”. It requires whole lot of things like storage services, proper networking capabilities. So How we are achieving that ? We definitely not doing like the below picture.
Storage Part
Let’s dig into storage part, We definitely require storage for our application. Amazon S3 satisfies our need.
Amazon S3 has a simple web services interface that we can use to store and retrieve any amount of data, at any time.It gives us access to the same highly scalable, reliable, fast, inexpensive data storage infrastructure that Amazon uses to run its own global network of web sites.
Database Part
Apart from that,we require relational database to store our clients credentials such as usernames, password.Then we can use Amazon RDS (Relational Database Service)
It is a web service that makes it easier to set up, operate, and scale a relational database in the AWS Cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.
Ok !! All of this is done. We got computing capacity,data storage, databases for our application. Then what is the next important factor that we should consider. It is the proper networking infrastructure.
Network Part
So Let’s Start with the network part, here what is our requirement we want our own private section were we can control and provision our resources on. Here VPC (Virtual Private Cloud) by AWS is the best match for our requirement.
Amazon Virtual Private Cloud (Amazon VPC) enables us to launch AWS resources into a virtual network that we’ve defined. This virtual network closely resembles a traditional network that we’d operate in our own data center, with the benefits of using the scalable infrastructure of AWS.
Public/Private Resources
Our Requirement doesn’t fulfil at this point we want some of our resources to be public i.e. they should be accessible by the internet. Those resources can be our application’s interface.At the same time we want some of our resources to be accessible to us only. Those resources can be data storage facilities, databases. So How to achieve that level of separation of resources?
As you can see in the above diagram, we can fulfil our requirement by using the concepts of private and public subnet.
AWS provides two features that we will use to increase security in our VPC: security groups and network ACLs. Security groups will control inbound and outbound traffic for our instances, and network ACLs will control inbound and outbound traffic for our subnets.
We also use a route table and internet gateway for connectivity. Route Table contains a set of rules, called routes, that are used to determine where network traffic from our subnet or gateway is directed and Internet Gateway allows communication between our VPC and the internet.
Emergency Control (Backup)
Our Network got created. What do you think is that it? Definitely not..We want a backup for our infrastructure, so that in any case our application should be in running state. Furthermore we want the backup infrastructure to be located at physically distinct place so that it can be more robust to any problem. How to achieve that ?? Let’s solve this issue.
We have created a backup infrastructure in different availability zone of AWS.An availability zone is basically a logical data center in a region available for use by any AWS customer. Each zone in a region has redundant and separate power, networking and connectivity.
Finally !!!!! We are at End Game. We created a virtualized network for our friend Jolly. So he need not be worried about the physical servers,databases and networking. All of that is created within a virtual private cloud. We just have to maintain this whole infrastructure. You can see happiness on Jolly’s face in the below picture. ;)
Those are some of the aspects of virtual network from my side, there are many more things. If you know any other aspects, do let me know in the comments. Any Suggestions regarding this post are welcome.