Span Your Distributed Application Using THG Hosting Private Network Services
Anton Karneliuk, Network Manager at THG Hosting, answers the question, “How does THG Hosting support distributed applications through our private network?” Read more below…
Microservices are the de-facto architecture for all modern applications. In a nutshell, this means that the application that delivers a service to your customers consists of multiple small pieces (also called microservices) all interconnected using a network, either private or public. In this article, we will look at how the private and public network options vary, as well as which you should utilize for your application delivery.
For example, the visual below depicts this architecture at a high level:
There are multiple options for how the microservices can be created. However, the most popular and widely used services rely on Linux containers (e.g. Docker containers or any other engine). At a high level, we can distinguish the stand-alone operation mode in Docker where each server hosts the containers individually from any other.
This method is not very reliable and, therefore, is not often used in production-grade applications. There is also an orchestrated mode where multiple servers are spanned using overlay networks (e.g. VXLAN or MPLSoGRE) and operate as a single platform under the control of Docker Swarm or Kubernetes.
See a sample visualization of such a setup in the following graphic:
Even if your application does not rely on Linux containers, there is still a high probability that there are different servers acting as front-end and back-end parts of the application.
In these cases, you need reliable high-speed network connectivity between your servers within or between data centers to provide worldwide services. THG Hosting data centers are perfectly equipped to provide services both within a single location or between various data center locations.
Our data centers feature two physically isolated networks to serve public and private traffic, as shown in the topology below:
Per our definition, the public network is the internet connectivity to your servers used by web traffic to reach your service.
Alternatively, the private network service is connectivity between your servers without internet access via our dedicated virtual network.
Obviously, you can use the public network service to communicate between your servers as well. However, there are several aspects as to why the private network service can better serve this purpose including bandwidth, security, and flexibility.
Learn more about how network choice impacts below crucial elements:
The public network helps you serve your customers. However, if you share the same interface for both for the customer-serving traffic and the application interconnectivity traffic, then you could effectively serve fewer customers when compared to using dedicated network interfaces for both public and private services. Rather than share bandwidth for both services, you can dedicate public network bandwidth to customers while reserving the private network to connect your applications and servers within and between data center locations.
The public network is a shared media as part of the World Wide Web. Given that the internet is a global business platform, there are also many risks associated including cybercrimes, cyberattacks, malware, etc. To protect your business, you need security rules configured on your servers to only allow traffic to travel towards your applications. If you use the public network to connect various parts of your applications, you will need to adapt your security rules to allow both customer-facing traffic and traffic between applications. However, this action creates additional attack vectors on your infrastructure.
Using the private network service to interconnect your servers allows you to have stricter security rules in the public network connectivity. You can achieve this additional level of protection by focusing on building edge security without affecting communication between various aspects of your application. THG Hosting can help you create a virtual network between your servers, where your traffic is separated from private traffic without the possibility of traffic leaking between you and other entities.
On the public network, you can only use public IP addresses (either your own or leased from us), but it is important to remember that public IP addresses are fairly limited in supply and can be quite expensive. Alternatively, on the private network, you can use as many IP addresses (including both IPv4 and IPv6 addresses) as you need on a per-server basis. Easily create any logic of connectivity as necessary between the various parts of your application.
Build a Robust Framework
The combination of the elements above allows you to build a robust framework for your applications by leveraging our private network service. Talk to our expert sales team to learn more.