Skip to content

Instantly share code, notes, and snippets.

View thesaravanakumar's full-sized avatar
〽️
When You Help Someone You Help Everyone

Saravana Kumar thesaravanakumar

〽️
When You Help Someone You Help Everyone
106 followers · 3 following
View GitHub Profile
@thesaravanakumar
thesaravanakumar / golang.md
Created January 15, 2025 21:55
Golang notes

Golang (GO)

  • A statically typed (declare variable of type or inferred) compiled high-level general purpose programming language. (C for 21'st centuary)
  • popular choice for high performance server-side applications.
  • It is the language that built tools like docker, kubernetes, cockroach db, dgraph
  • It was designed at Google by Robert Griesemer, Rob Pike, and Ken Thompson.
  • It is often referred to as Golang to avoid ambiguity and because of its former domain name, golang.org, but its proper name is Go.

Go was designed at Google in 2007 to improve programming productivity in an era of multicore, networked machines and large codebases. The designers wanted to address criticisms of other languages in use at Google, but keep their useful characteristics:

  • Static typing and run-time efficiency (like C)
@thesaravanakumar
thesaravanakumar / ppt.md
Last active January 14, 2025 17:18
ppt for FBS/EU IT audiance

Network Endpoint Groups

Abstraction layer that enables container native load balancing

  • Load Balancers can not identify pods in a node (VM) it only identifies instance group or nodes. So this is where NEGs comes in. NEGs are integrated with the Kubernetes ingress controller running on GCP
  • A network endpoint group (NEG) is a configuration object that specifies a group of backend endpoints or services. A common use case for this configuration is deploying services in containers. You can also distribute traffic in a granular fashion to applications running on your backend instances.

Types of NEGs

  • Zonal NEG - One or more internal IP address endpoints that resolve to either VM or Pods.
  • Internet NEG - A single internet-routable endpoint that is hosted outside of Google Cloud.
  • Serverless NEG - A single endpoint within Google's network that resolves to an App Engine, Cloud Functions, API Gateway, or Cloud Run service.
  • Hybrid connectivity NEG - One or more endpoints
@thesaravanakumar
thesaravanakumar / terraform_cheatsheet.md
Last active November 10, 2022 16:09
basic commands and cheats for terraform

Terraform Commands

There are a couple of commands to check the Terraform’s built-in command-line documentation:

  • terraform
  • terraform -h
  • terraform --help

The resulting help page will have the main commands at the top, followed by the less common or more complex commands below.

@thesaravanakumar
thesaravanakumar / psc_neg_apigee.md
Last active November 10, 2022 14:53
short overview of psc, neg and apigee

Private Service Connect (service-centric approach)

Private Service Connect allows private consumption of services across VPC networks that belong to different groups, teams, projects, or organizations. You can publish and consume services using IP addresses that you define and that are internal to your VPC network.

  • Secure: Traffic stays on Google's backbone
  • Simple & performant: Just need an endpoint, and get line-rate performance
  • Agile: Focus on the service; unburden network teams
@thesaravanakumar
thesaravanakumar / vpc_peering.md
Last active November 10, 2022 14:59
Short overview for vpc peering (GCP)

VPC Network Peering

Google Cloud VPC Network Peering allows internal IP address connectivity across two VPC networks regardless of whether they belong to the same project or the same organization. Traffic stays within Google's network and doesn't traverse the public internet.

VPC Network Peering gives you several advantages over using external IP addresses or VPNs to connect networks, including:

  • Network Latency
  • Network Security
  • Network Cost
@thesaravanakumar
thesaravanakumar / shared_vpc.md
Last active October 12, 2022 05:53
Short overview for shared_vpc (GCP)

Shared VPC (software-defined networking on top of Google's Andromeda)

Allows an organization to connect resources from multiple projects to a common VPC network, so that they can communicate with each other securely and efficiently using internal IPs from that network. When you use Shared VPC, you designate a project as a host project and attach one or more other service projects to it. The VPC networks in the host project are called Shared VPC networks. Eligible resources from service projects can use subnets in the Shared VPC network.

  • Traffic stays on google's private network and benefits from its security reliability and low latency currently
  • GCP lets you expand an existing subnet without affecting any existing VM's IP address, and with zero downtime.
  • Organization account is needed.
  • Compute Engine API shoul
@thesaravanakumar
thesaravanakumar / cloud_vpn.md
Last active January 14, 2025 17:17
Short overview for cloud vpn (GCP)

Cloud VPN (site to site)

image

Cloud VPN securely connects your peer network to your VPC network through an IPsec VPN connection. Traffic traveling between the two networks is encrypted and decrypted by VPN gateway.

Features

  • useful for low-volume data connections
  • 99.9% SLA (availability)
  • supports
@thesaravanakumar
thesaravanakumar / vpc_connector.md
Last active November 10, 2022 14:47
Short overview for serverless vpc-connector (GCP)

Serverless VPC Access

Connect directly to your VPC network from serverless environments such as Cloud Run, App Engine, or Cloud Functions. Configuring Serverless VPC Access allows your serverless environment to send requests to your VPC network using internal DNS and internal IP addresses

There are two main benefits to using Serverless VPC Access:

  • Requests sent to your VPC network are never exposed to the internet.
  • Communication through Serverless VPC Access can have less latency compared to the internet.

Private Google Access (sending over internal IP)

@thesaravanakumar
thesaravanakumar / firewall-cloud_armor.md
Last active August 5, 2025 03:01
Short overview for firewall and cloud armor (GCP)

Firewall

  • Firewall rules let you allow or deny traffic to and from your VM instances based on a configuration you specify.
  • While firewall rules are defined at the network level, connections are allowed or denied on a per-instance basis. You can think of the VPC firewall rules as existing not only between your instances and other networks, but also between individual instances within the same network
  • It is Global like a VPC.
  • Existing between instances within same network and instances and other network.
  • Each VPC network acts as a distributed firewall -> by default it will handle filtering traffic.

Ex - Applying firewall rules to tagged instances (connections are allowed at per instance basis)

@thesaravanakumar
thesaravanakumar / cloud_router.md
Last active November 10, 2022 12:01
Short overview for cloud-router (GCP)

Cloud Router Overview

(Routes the data between networks)

  • Cloud Router is a fully distributed and managed service that programs custom dynamic routes and scales with the network traffic.
  • Works with both legacy networks and VPC networks.
  • A service that works over Cloud VPN or Interconnect connections to provide dynamic routing by using the Border Gateway Protocol (BGP) for the VPC networks.

Border Gateway Protocol

  • It uses BGP ( shortest path between networks) when it comes to bgp it uses a link local ip (starts with 169.)