Virtual Private Cloud (vpc)
What is VPC ?
A virtual private cloud (VPC) is a secure, isolated private cloud hosted within a public cloud. VPC customers can run code, store data, host websites, and do anything else they could do in an ordinary private cloud, but the private cloud is hosted remotely by a public cloud provider. (Not all private clouds are hosted in this fashion.) VPCs combine the scalability and convenience of public cloud computing with the data isolation of private cloud computing.
Imagine a public cloud as a crowded restaurant, and a virtual private cloud as a reserved table in that crowded restaurant. Even though the restaurant is full of people, a table with a "Reserved" sign on it can only be accessed by the party who made the reservation. Similarly, a public cloud is crowded with various cloud customers accessing computing resources – but a VPC reserves some of those resources for use by only one customer.
Before fully understanding a VPC, an understanding of both public and private cloud architectures is needed.
Public Cloud
A public cloud is shared cloud infrastructure. Multiple customers of the cloud vendor access that same infrastructure, although their data is not shared – just like every person in a restaurant orders from the same kitchen, but they get different dishes. Public cloud service providers include AWS, Google Cloud Platform, and Microsoft Azure, among others. Services can include databases, firewalls, load balancers, management tools and other platform as a service (PaaS) or software as a service (SaaS) elements.
Private Cloud
Private clouds are a type of cloud computing that delivers similar advantages to a public cloud, but through a proprietary architecture. A private cloud, however, is single-tenant. A private cloud is a cloud service that is exclusively offered to one organization. A virtual private cloud (VPC) is a private cloud within a public cloud; no one else shares the VPC with the VPC customer.
VPCs are a public cloud offering that lets an organization establish its own private cloud-like computing environment on shared public cloud infrastructure. A VPC runs on shared infrastructure like a public cloud does but isolates customers from each other. VPC resources are then reserved for use for each specific customer. The isolation creates a private and more secure public cloud.
The terms private cloud and virtual private cloud are sometimes used incorrectly as synonyms. There is a distinct difference -- in a traditional, on-premises private cloud model, an enterprise's internal IT department acts as a service provider and the individual business units act as tenants.
How is a VPC isolated within a public cloud?
A VPC isolates computing resources from the other computing resources available in the public cloud. The key technologies for isolating a VPC from the rest of the public cloud are:
Subnets: A subnet is a range of IP addresses within a network that are reserved so that they're not available to everyone within the network, essentially dividing part of the network for private use. In a VPC these are private IP addresses that are not accessible via the public Internet, unlike typical IP addresses, which are publicly visible.
VLAN: A LAN is a local area network, or a group of computing devices that are all connected to each other without the use of the Internet. VLANs are a logical overlay network that groups together devices that share a physical LAN and isolates the traffic for each group. In a VPC, a VLAN divides the network for private use.
VPN: A virtual private network (VPN) uses encryption to create a private network over the top of a public network. VPN traffic passes through publicly shared Internet infrastructure – routers, switches, etc. – but the traffic is scrambled and not visible to anyone.
Advantages of Virtual Private Cloud VPC
Scalability: Because a VPC is hosted by a public cloud provider, customers can add more computing resources on demand.
Agility: Control the size of your virtual network and deploy cloud resources whenever your business needs them. You can scale these resources dynamically and in real-time.
Easy hybrid cloud deployment: It's relatively simple to connect a VPC to a public cloud or to on-premises infrastructure via the VPN. VPCs are enabling a hybrid cloud deployment. An organization can use a VPC as an extension of its own data center without dealing with the complexities of building an on-premises private cloud.
Better performance: Cloud-hosted websites and applications typically perform better than those hosted on local on-premises servers.
Better security: The public cloud providers that offer VPCs often have more resources for updating and maintaining the infrastructure, especially for small and mid-market businesses. For large enterprises or any companies that face extremely tight data security regulations, this is less of an advantage.
Availability. Availability is provided by redundancy and an architecture that supports fault-tolerant availability zones.
Affordability: VPC customers can take advantage of the public cloud’s cost-effectiveness, such as saving on hardware costs, labor times, and other resources.
Virtual private cloud providers
Most leading public infrastructure as a service (IaaS) providers provide a VPC, including, for example, Amazon Web Services (AWS), IBM and Google.
