Using Sticky Bits When investigating the Linux directory tree, there are going to be certain file types that are going to require special attention from you. Sometimes a user may just want to be aware that these special files exist and how they’re handled because they’re going to deviate from what is expected based on what has been previously covered in the other videos we’ve talked about. For example, a user could delete a file without having write permission to it. Now this may seem like a bug after all…

Setting Ownership Linux is a multiuser operating system like we’ve talked about before now, because of this we have lots of users accessing the same system so how does a user secure their files against unwanted access by those other users? Well. Linux handles these tasks through two types of features. When you’re dealing with files and directories, this is known as ownership and permission. Every file has an associate, owner or account with that file or directory it’s linked to. It as well as its associated group. Now, in…

VPC Network Peering Another way to connect networks across Google cloud platform is by using Vpc network peering. This can be used to connect networks which are in different projects as well as in different organizations. Vpc Network Peering differs very significantly in a structural way from shared Vpc. The main logical differences are the networks that are peered are administered illustratively separate, they have their own firewall rules and policies and can be administered separately. And the second point of difference is that you can peer networks from different…

Dedicated Interconnect Direct and Carrier Peering We saw earlier that there are three ways to interconnect your on premise network with a VPC on the Google Cloud platform. The first of these was the VPN, which can be used with or without cloud routers. The second is the dedicated interconnect, as opposed to a VPN. A dedicated interconnect does not use a tunnel over the Internet. Instead, it is a direct physical connection between Google’s network and your on premise network. The two networks that have been connected using a…

Cloud Router In order to avoid static routes, where you have to update the routing tables on your VPN in order to learn new networks, you will often use VPNs with cloud routers. The cloud router can be used to dynamically exchange route information between VPCs that you have on the Google Cloud platform and your on premise network. In addition to VPCs, Google also has a legacy network setup, which we’ll see briefly at the end of this section. Cloud routers work with both legacy networks as well as…

Lab: Bastion Host In this demo we will first create an application web server which will represent a service supplied to employees of a company. We will then prevent access from this web server out to the Internet by placing a firewall in between. Finally, we will create a maintenance server, also called a bastion host, which will be able to access this web server and we would test the connectivity to that server. We start off by provisioning a virtual machine which will represent our web server. So we…

Lab: Working with Firewalls In this demo we will be studying Firewalls and we will see how their configuration can affect communication between instances in a network. Let us start off by creating a new virtual network. So we navigate to the Vpc network section and click to create a new Vpc network which we call Learn Vpc. We choose to create our subnets manually in custom mode. Our first subnet is for our web server which we create in the US East region. We enter a cider block. Our…

Routes We’ve spoken about traffic moving through a network and how it requires routes to be configured on the network before packets can go from source to destination. We’ll now talk about routes. A route is nothing but a mapping. It’s a mapping of an IP range to a destination. Routes are what tell the Vpc network where to send packets which are designed for particular IP address. Routes basically allow a packet from its source to get to its destination. Let’s say traffic emanates from a particular virtual machine…

IP Addresses We’ll now talk about IP addresses, how they work, and their specific characteristics on the Gcp. IP addresses can be assigned to specific resources such as virtual machines. Every virtual machine has an internal IP address. This is automatically assigned to the VM. You can also specifically pick an internal IP address for your VM, but typically you just take the one that is automatically assigned. Now this internal IP address depends on the subnet to that which that VM belongs and has to be drawn from that…

VPCs And Subnets In this section, we learn about virtual private clouds in the Google Cloud Platform and how we can connect different VPCs together. VPCs are just another name for networks that we create on cloud platforms. Just as AWS and Azure, the Google Cloud Platform also has its own Vpc set up with its own quirks. The Google Google Cloud Platform’s Virtual Private Cloud provides networking functionality to compute engine virtual machine instances, the Kubernetes engine, containers and App engine flexible Environment just like everything else on the…