Learning Library

← Back to Library

IBM Cloud VPC Architecture Overview

4m • Unknown Channel • devops • tutorial • intermediate • Watch on YouTube ↗

Key Points

IBM Cloud’s Virtual Private Cloud (VPC) lets you create isolated logical networks that you can build, modify, tear down, and deploy workloads into, delivering agility, security, isolation, performance, and scalability.
A VPC is anchored in a Multizone Region (MZR) composed of at least three fault‑tolerant zones, each of which can host multiple subnets to define private IP address ranges and enable network segmentation.
Security Groups act as network firewalls within the VPC, allowing you to define inbound and outbound allow/deny rules to protect your cloud deployments.
Connectivity options include a public gateway with optional floating IPs for internet access, and private links via VPN as a Service or Direct Link circuits to extend on‑premises networks or connect to other VPCs.
IBM Cloud provides Load Balancing as a Service—supporting HTTP/HTTPS with SSL offload and TCP—to improve application availability and performance before handing the VPC over to development teams.

Sections

00:00:00 IBM Cloud VPC Overview - Ryan Sumner explains IBM Cloud's Virtual Private Cloud, detailing its agility, security, and scalability benefits while outlining core components like multizone regions and subnet-based network isolation for deploying workloads.

Full Transcript

# IBM Cloud VPC Architecture Overview **Source:** [https://www.youtube.com/watch?v=KIjP0dDHu5w](https://www.youtube.com/watch?v=KIjP0dDHu5w) **Duration:** 00:04:05 ## Summary - IBM Cloud’s Virtual Private Cloud (VPC) lets you create isolated logical networks that you can build, modify, tear down, and deploy workloads into, delivering agility, security, isolation, performance, and scalability. - A VPC is anchored in a Multizone Region (MZR) composed of at least three fault‑tolerant zones, each of which can host multiple subnets to define private IP address ranges and enable network segmentation. - Security Groups act as network firewalls within the VPC, allowing you to define inbound and outbound allow/deny rules to protect your cloud deployments. - Connectivity options include a public gateway with optional floating IPs for internet access, and private links via VPN as a Service or Direct Link circuits to extend on‑premises networks or connect to other VPCs. - IBM Cloud provides Load Balancing as a Service—supporting HTTP/HTTPS with SSL offload and TCP—to improve application availability and performance before handing the VPC over to development teams. ## Sections - [00:00:00](https://www.youtube.com/watch?v=KIjP0dDHu5w&t=0s) **IBM Cloud VPC Overview** - Ryan Sumner explains IBM Cloud's Virtual Private Cloud, detailing its agility, security, and scalability benefits while outlining core components like multizone regions and subnet-based network isolation for deploying workloads. ## Full Transcript

0:00Hi, I'm Ryan Sumner and I'm with the IBM Cloud team. 0:02So, you're interested in VPC? 0:04Well today I'm going to tell you how IBM does VPC. 0:08Virtual Private Cloud, or VPC, 0:11allows the user of the cloud environment 0:13to define Virtual Private Networks, 0:15manipulate them, control them, tear them down, recreate them, 0:19and then deploy workloads into those definitions. 0:23So, why does that really matter to you? 0:26Why does it matter to the rest of the business? 0:28Well, agility, security, isolation, 0:32performance, scalability - I could go on and on. 0:35But first I want to take you through the building blocks that have 0:38broken out into a few key areas to help you understand truly what it is. 0:43The first building block is all about the core components that make up VPC. 0:47VPC is an isolated logical network that you create, 0:51but the first thing that defines it is where it's located. 0:54In IBM Cloud we call this location a Multizone Region, 0:59or an MZR. 1:01A Multizone Region consists of at least three zones that are 1:05completely fault tolerant locations within that region that have absolutely 1:09no dependence on the other zone and allow you to deploy your applications in 1:15a resilient fashion. A VPC also defines at a high level the IP addresses that 1:22will be used for private communication within that VPC, again across that 1:28region. These IP addresses are further used and broken down by allowing you to 1:34create one or more subnets within each zone. So, now you're starting to build an 1:39IP network. You have complete control over this, create one subnet for a flat 1:44network, or introduce segmentation with multiple subnets again in each zone. The 1:51next building block provides a component to allow you to secure your cloud 1:55deployments. Security Groups are a network function that allows you to 1:59create rules that will either allow or deny network communication in, out, and 2:05around the VPC. Now, that we've created our VPC and we've secured it, we need to 2:11get connectivity to it. IBM Cloud provides both public and 2:15private access and different components to provide connectivity for each of them. 2:19For internet or public access, we provide public gateway, that's your outbound 2:24access. We also provide a floating IP that you can tie to any of the cloud 2:29resources that you've deployed in your VPC, providing both inbound and outbound 2:34public access. For private connectivity, we provide VPN as a Service, or 2:41traditional direct link private circuits. This is so you can extend your 2:46enterprise into the IBM Cloud, or you can even connect your VPC to another VPC, 2:51or an outside resource. We're getting close to deploying our workload in VPC 2:56but first let's talk about what network functions exist to help us with 3:00acceleration and availability. IBM Cloud provides a Load Balancing as a Service, 3:05which is an application load balancer capable of both HTTP, HTTPS with SSL offload 3:11and traditional TCP load balancing. Now, that we've built our VPC we've 3:16secured it and we have connectivity in and out of it, we can hand it over to our 3:20application teams to deploy their workloads. IBM Cloud VPC is enabled 3:24today for virtual machines, deploy customizable infrastructure, or 3:28Kubernetes for those containerized workloads. There are other capabilities 3:32in VPC that provides security like encrypt a block storage, or flexibility 3:36like image import, and much more. I hope all these building blocks help you 3:41understand the value and benefits that IBM Cloud VPC brings to you in your 3:48public cloud journey. Thank you. If you have any questions please drop us a line 3:53below. If you want to see more videos like this in the future please like and 3:57subscribe and don't forget you can always get started on the cloud at no 4:01cost by signing up for a free IBM Cloud account.