This section will investigate how you can create a hybrid cloud by connecting your on-premises environment to Google. Note that similar mechanisms will allow you to build multi-cloud architectures by connecting your resources in another cloud with Google Cloud.
When two networking environments are connected, they need a way to inform their peers about their local subnets. Furthermore, route propagation should be automatic, as new subnets can be added or old ones can be deleted at any time. Google Cloud uses the Border Gateway Protocol (BGP) protocol to exchange routing information with on-premises (or another cloud) devices.
Cloud Router is the service that speaks the BGP protocol in Google Cloud. It is a Google-managed, highly available service that advertises routes to VPC subnets via either Interconnect or VPN connection toward an on-premises site (or to other clouds). Cloud Router is a regional resource and belongs to a VPC. It uses a unique private or public Autonomous System Number (ASN) for BGP identification.
In the Hybrid connectivity section, there is a Cloud routers creation page. To create a new Cloud Router instance, you must provide its name, ASN number, the region where it will be configured, and the VPC where it will reside. Additionally, you need to select how it will advertise the routes of its VPC. See the following figure for reference:
Figure 9.17 – Creating a Cloud Router instance that advertises all visible VPC subnets
There are two types of routes that Cloud Router can advertise:
- Default route advertisement: This is where Cloud Router dynamically advertises all subnet routes created in a VPC. If a VPC uses regional routing mode, Cloud Router will advertise only subnets from its region. Alternatively, if a VPC uses global routing mode, Cloud Router will advertise subnets from all regions.
- Custom route advertisement: This is where you can select which routes Cloud Router advertises. For example, this option can be used to advertise only a subset of local subnets or subnets outside a VPC.
In addition to being a BGP speaker, Cloud Router is also used as a control plane for a Cloud NAT service. Cloud NAT is a managed, regional service that allows workloads such as Compute Engine VMs and GKE to create outbound internet connections without the need for a public IP.