No business achieves growth without scaling. You might think scaling is unimportant initially, but you never know when the company will expand significantly. When the time comes, how quickly you can meet custom needs determines your position in the race.
Scaling is the reason we opt for the cloud. If we fail to plan properly, it could consume time and effort, or in the worst case, jeopardize the entire business. Take an example of Friendster, surpassed by other social networking platform, due to significant scalability issues.
Let’s understand the different components that help scale the architecture.
VPC Peering
VPC peering helps connect two VPCs bidirectionally and at a significantly low cost between VPCs. it does not support transitive routing. For example, if you make VPC peering between VPC a and VPC b, and VPC b and VPC c we cannot send traffic from VPC a to VPC c.
Each VPC requires its own connection if we wish to establish any kind of coupling with the on-premises infrastructure.
AWS will not charge for data transfer through VPC peering in the same availability zone. However, we will be charged for cross-zone and cross-region data transfers.
VPC peering is ideal for communicating between resources in another VPC, if the VPC count is less than 10. Connecting too many VPC with peering will result the complex networking design and hard to manage.
Transit Gateway
We can connect all VPCs within a region using the highly available and fully managed Transit Gateway. If we wish to establish a connection with on-premises infrastructure, we just have to connect to a transit gateway. Not only can we connect all VPCs, but all VPCs can communicate with each other.
Additionally, Using Transit Gateway peering, we can connect cross-region VPCs. By sharing the Transit Gateway using RAM, we can connect VPCs across multiple accounts within the same region.
To control routing between VPCs using Transit Gateway, we can create dynamic routing using Transit Gateway Policies Table.
We can connect all the VPCs using a single transit gateway within the region. To minimize the risk of misconfiguration, we can use multiple transit gateways.
Private Endpoints
Private Endpoints are helps to transfer the data between VPC and AWS resourcs in the private network. They are network Interface inside the VPC, They works by discovering aws service by DNS route to the private IP of the interface.
These endpoint are not highly avaible, these will be deploy to single AZ and creates DNS endpoint for the aws services like s3, apigateway and these DNS can be regional specific or zonal. We can even create a endpoint to ec2 instances as a target to loadbalancer in another vpc.
Conclution
AWS PrivateLink when we want to set a unidirectional traffic from one or more consumers from the VPC with aws services. creating the private network between the aws services and VPC without sending the traffic to public. We can use it even when there is a ip conflicts between client and server.
When we want to scale the network and estblsh the bidirection traffic, and creating the hybrid architeture where we use VPC peering and trasit gateways.
