Om's Brain

8 Networking for Cloud

3 min read

🌐 Networking Fundamentals (Explained via App Growth)

1️⃣ IP Address

  • Unique identifier for every device on a network
  • Like a house address 🏠
  • Required so other devices know where to send data
  • Unique identifier for every device on a network
  • Like a house address 🏠
  • Required so other devices know **where to send data

2️⃣ DNS (Domain Name System)

  • Converts human-friendly names → IP addresses

  • Example:
    travelbody.com → 203.0.113.10

  • Like contacts in your phone 📱

3️⃣ Ports

  • Multiple apps on one server need different entry points
  • Ports range: 1 – 65535
  • Common ports:
    • 80 → HTTP
    • 443 → HTTPS
    • 3306 → MySQL
    • 9090 → Custom service
  • Analogy:
    IP = Building, Port = Apartment number 🏢

4️⃣ Network Segmentation (Subnets)

  • Split network into isolated sections for security
  • Examples:
    • Public subnet → Frontend
    • Private subnet → App servers
    • Isolated subnet → Databases
  • Reduces blast radius in case of attack 🔐

5️⃣ Routing

  • Controls how traffic moves between subnets
  • Acts like GPS for network packets 🧭
  • Required for communication across segments

6️⃣ Firewalls

  • Control what traffic is allowed
  • Types:
    • Host firewall → Protects a single server
    • Network firewall → Filters traffic between subnets
  • Example rule:
    • DB accepts traffic only on port 3306 from app subnet
  • Security is always layered 🛡️

7️⃣ Private vs Public IP

  • Private IPs:
    • Used inside network
    • Not reachable from internet
  • Public IPs:
    • Reachable from anywhere
    • Limited & costly

8️⃣ NAT (Network Address Translation)

  • Allows private servers to access the internet
  • Many private IPs → 1 public IP
  • Prevents direct inbound access 🚫
  • Analogy: Office receptionist ☎️

☁️ Networking in the Cloud

9️⃣ VPC (Virtual Private Cloud)

  • Isolated virtual network in cloud
  • Same concepts:
    • IPs, subnets, routing, firewalls, NAT
  • Think: Your own floor in a building 🏢

🔟 Cloud Networking Components

  • Internet Gateway → Public internet access
  • Route Tables → Traffic directions
  • NAT Gateway → Internet access for private subnets
  • Security Groups → Cloud firewalls

📦 Containers & Networking

1️⃣1️⃣ Containers (Docker)

  • Package app + runtime + dependencies
  • Solves “works on my machine” problem ✔
  • Portable & consistent

1️⃣2️⃣ Docker Networking

  • Bridge Network:
    • Containers communicate using names
    • Exists on single host
  • Port Mapping:
    • Host port → Container port
    • Example: 8080 → 9090
  • Similar to NAT concept

1️⃣3️⃣ Overlay Network

  • Connects containers across multiple hosts
  • Makes containers appear on same network

☸️ Kubernetes Networking

1️⃣4️⃣ Pods

  • Smallest deployable unit
  • One or more containers
  • Each pod gets its own IP
  • Pods are ephemeral (temporary)

1️⃣5️⃣ Services

  • Provide stable IP + DNS
  • Load-balance traffic to pods
  • Pods can come & go — service stays 🔁
  • Example: database-service

1️⃣6️⃣ Ingress

  • Entry point for external traffic 🌍
  • Routes requests based on:
    • Domain
    • Path
  • Example:
    • / → Web service
    • /api/booking → Booking service
    • /api/payment → Payment service

🧠 Core Networking Takeaways

📌 5 Foundational Concepts

  1. IP Address – Identity
  2. DNS – Name resolution
  3. Ports – Application routing
  4. Subnets + Routing – Segmentation & flow
  5. Firewalls + NAT – Security & controlled internet access

✔ Concepts stay the same across:

  • Physical servers
  • Cloud (AWS VPC)
  • Docker
  • Kubernetes

💡 Tools change, principles don’t

If you want, I can:

  • Convert this into Obsidian markdown
  • Create a cheat sheet / table
  • Map this directly to AWS services (VPC, SG, NACL, ALB, EKS)

Mindmap

Graph View