KEMBAR78
GCP Network | PDF | Ip Address | Internet Protocol Suite
Scribd
Upload
172 views109 pages

GCP Network

Uploaded by

Aashutosh Mahajan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
172 views109 pages

GCP Network

Uploaded by

Aashutosh Mahajan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 109

GCP

Google Cloud
Professional
Network Engineer

© ANKIT MISTRY – GOOGLE CLOUD


Google Certified
Professional Cloud Network
Engineer

© ANKIT MISTRY – GOOGLE CLOUD


Professional Network Engineer
 Pay attention for 5 minutes, before we dive in.

 Challenging certification, and course is long so have patience.

 Good to have basic IT skill & GCP basics

 Basics of compute engine

 Learn by Doing

© ANKIT MISTRY – GOOGLE CLOUD


GCP certifications

https://cloud.google.com/certification/cloud-network-engineer

© ANKIT MISTRY – GOOGLE CLOUD


Cloud Cost for this course
 $0 – for GCP account

 GCP Free trial

 $300 for next 3 months https://cloud.google.com/free

 Length: Two hours

 Registration fee: $200 (plus tax where applicable)

 Languages: English, Japanese, Spanish.

 Exam format: Multiple choice and multiple select,

© ANKIT MISTRY – GOOGLE CLOUD


GCP Network
Engineering
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Udemy Tips
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


GCP Basics
 Google Cloud Overview
 Create GCP Account
 GCP Console Walkthrough
 GCP Regions & Zones
 Creating GCP Project
 Google Cloud Shell

© ANKIT MISTRY – GOOGLE CLOUD


Networking Basics
 What is Network
 IP Address & CIDR ranges
 RFC 1918 standard

© ANKIT MISTRY – GOOGLE CLOUD


Network

© ANKIT MISTRY – GOOGLE CLOUD


Home Network

© ANKIT MISTRY – GOOGLE CLOUD


IP address
 32 Bit representation
 IPV4 - 4 number
 4 Billion address can be represented
49.36.84.16
 Advanced – IPV6
 many more IP can be represented – 2^128
 Your machine IP : https://api.ipify.org/

Ref : https://cidr.xyz/
© ANKIT MISTRY – GOOGLE CLOUD
CIDR notation
Classless Inter-Domain Routing 123.52.36.0
123.52.36.1

123.52.36.47 123.52.36.2
123.52.36.3
123.52.36.4
123.52.36.5 123.52.36.0 24
123.52.36.6
123.52.36.7
123.52.36.8
123.52.36.9 123.52.36.0/24

123.52.36.10
123.52.36.11

@ ANKIT MISTRY – GOOGLE CLOUD


CIDR notation
123.52.36.0
123.52.36.0/24 123.52.36.1
123.52.36.2
123.52.36.3
123.52.36.4
||
||
||
||
||
123.52.36.254
123.52.36.255
CIDR Notation

123.52.36.0/28 28 bits are fixed 4 bits are variable Total IP address – 24 = 16

123.52.36.0/31 31 bits are fixed 1 bit is variable Total IP address – 21 = 2

0.0.0.0/32 32 bits are fixed 0 bits are variable Total IP address – 20 = 1

0.0.0.0/0 0 bits are fixed 32 bits are variable Total IP address – 232
= 4,294,967,296

@ ANKIT MISTRY – GOOGLE CLOUD


RFC 1918
Standard for Private IP addressing

Class Internal Address Range CIDR Prefix

A 10.0.0.0 – 10.255.255.255 10.0.0.0/8

B 172.16.0.0 – 172.31.255.255 172.16.0.0/12

C 192.168.0.0 – 192.168.255.255 192.168.0.0/16

© ANKIT MISTRY – GOOGLE CLOUD


VPC & Subnets
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


VPC - Subnetworks
 No Network -> No Cloud  Network contain subnets

 Virtual version of a physical network  Subnets are used for segregate resources

 Networks are part of projects  Subnets has IP ranges

 It’s Global resources  Expressed as CIDR notation

 Does not belong to any Region  VPC must have minimum one subnet

 Placeholder to keep your resources  Subnet belongs to one single region in GCP

 Max 5 VPC per project

 No IP Assigned to VPC
© ANKIT MISTRY – GOOGLE CLOUD
VPC - Subnetworks
VPC

Subnet-1 Subnet-2

DB

© ANKIT MISTRY – GOOGLE CLOUD


Default VPC
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Skip Default Network Creation
Org Policy
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Create VM with Default VPC
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Avoid Default VPC
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Avoid Default VPC
 Lots of unnecessary subnets
 Same name – confusion
 Broad ranges in IP address
 Can not delete subnet
 Default Firewall rules are broad
 Can not go beyond /16

© ANKIT MISTRY – GOOGLE CLOUD


Reserved IP Address in Subnet

https://cloud.google.com/vpc/docs/subnets#ipv4-ranges

© ANKIT MISTRY – GOOGLE CLOUD


Types of VPC

Default Auto Custom

• Created when compute • With Auto mode, Default • No Subnet automatically


engine API enabled VPC can be created created
• Every project has default • Fixed subnetwork ranges • Subnet creation manual
VPC per region • Custom IP range allocation
• There is one subnet per • Can expand from /20 to • No necessary to create
regions /16 subnet in each region
• Default firewall can be
added easily.

© ANKIT MISTRY – GOOGLE CLOUD


Create Default Network - Auto
Mode
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Create Custom VPC
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Create VM with Custom VPC
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Add More Subnets
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


[Hands-on] Reserved IP
Address in Subnet
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


© ANKIT MISTRY – GOOGLE CLOUD
VM - to - VM
Communication
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Common Protocol
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


SSH, ICMP & http Protocol
 SSH - Secure Shell Protocol – Port 22
 network communication protocol that enables two computers to communicate

 ICMP – Internet Control Message Protocol - Ping


 To diagnose network communication issues

 Http – Hypertext transfer Protocol – Port 80

 Http is used to transfer hypertext such as web pages

© ANKIT MISTRY – GOOGLE CLOUD


Firewall
VPC
F
Subnet-1
I Subnet-2

R
INTERNET
E
W
A
L DB

© ANKIT MISTRY – GOOGLE CLOUD


Firewall rules
 Firewall rules control incoming or outgoing traffic to an instance.

 Trust nothing by default

 Some default rule :


 Allow all outgoing traffic - egress
 Deny all incoming traffic - ingress

 Rule has priority number : (0-65535)


 Lower the number higher priority

 Common port/protocol
 22 – SSH, 3389 - RDP
 ICMP – ping
 80 - HTTP/HTTPS

@ ANKIT MISTRY – GOOGLE CLOUD


Create First Firewall rule
(Allow All Traffic)
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Test Firewall Rule
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


VM to VM Communication
 2 VM Communication in Same Zone (Same VPC)

 2 VM Communication in Different Zone of Same Region (Same VPC)

 2 VM Communication in Different Region (Same VPC)

 2 VM Communication in Different VPC

@ ANKIT MISTRY – GOOGLE CLOUD


© ANKIT MISTRY – GOOGLE CLOUD
VPC network Peering
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


VPC peering
 No central management

 VPC Managed by individual project team & VPC - 1 VPC - 2

control all ingress egress traffic

 Use case
 Project 1 (Ecommerce App) wants to
communicate to Project 2 (ML Services App)
for Some services like Sentiment Analysis

@ ANKIT MISTRY – GOOGLE CLOUD


VPC peering

Org1 Org2

Project 1 Project 2 Project 3 Project 4

VPC1 VPC3 VPC5 VPC7

VPC2 VPC4 VPC6 VPC8

@ ANKIT MISTRY – GOOGLE CLOUD


[Hands-on] VPC
Network Peering
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


© ANKIT MISTRY – GOOGLE CLOUD
Centralized VPC
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Shared VPC
 Host Project - Shared VPC Org

 Multiple Service Project


Project - 1 Project - 2
 Central management of VPC

 Large organization use shared VPC

 Max Host project – 100

 Max Service Project – up to 100

 Shared VPC is only available for projects within


an organization node only

@ ANKIT MISTRY – GOOGLE CLOUD


[Hands-on]
Shared VPC Demo

BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


[Hands-on] Shared VPC Demo
 HostProject
 my-vpc

 ServiceP1

 ServiceP2

 Share my-vpc from HostProject to Service Project

@ ANKIT MISTRY – GOOGLE CLOUD


© ANKIT MISTRY – GOOGLE CLOUD
Firewall
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Firewall Config

@ ANKIT MISTRY – GOOGLE CLOUD


Based on IP ranges
 Create 4 VM

 Destination : 2 VM from Above

 Source :
 Allow Your local machine
 Allow from Cloud Shell Only
 Allow whole internet
 Allow from specific Range in Subnet

@ ANKIT MISTRY – GOOGLE CLOUD


Based on Tags
 Allow Specific IP to Target Tags
 Create 4 VM : vm1, vm2, vm3, vm4
 Source – Local, Cloud Shell
 Destination – vm1 tagged, vm2 tagged

 Allow from Source Tags to Specific IP


 Create Another 4 VM : vm5, vm6, vm7, vm8
 Source – Tagged from Machine
 Destination – vm5 (IP), vm6 (IP)

@ ANKIT MISTRY – GOOGLE CLOUD


Based on Service Account
 4 Virtual Machine

 Allow from Specific Service Account to Target IP ALL


 Source : 2 VM having Specific SA
 Destination : All machine in Network
 Allow Your local machine, Cloud Shell Only, whole internet, Specific Range in Subnet

 Allow from Source Tags to Specific SA


 Source : 2 VM having Tagged
 Destination : 2 VM having SA

@ ANKIT MISTRY – GOOGLE CLOUD


Explore Default Routing Rules
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Expand Subnet Ranges
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


© ANKIT MISTRY – GOOGLE CLOUD
Configure Private
Access
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Private Access
 Private Google Access
 Private Service Access
 Serverless VPC Access

@ ANKIT MISTRY – GOOGLE CLOUD


Private Google Access

Access to GCS without External IP Address + Google API & Services

With Internal IP Only

Google API
&
Services

@ ANKIT MISTRY – GOOGLE CLOUD


Private Service Access
Access to Cloud SQL, Memory Store with Private IP VPC

Internal IP
Private Service Access

@ ANKIT MISTRY – GOOGLE CLOUD


Serverless VPC Access
Connect directly to your Virtual Private Cloud network from serverless VPC
environments such as Cloud Run, App Engine, or Cloud Functions

Internal IP
Serverless VPC Access

@ ANKIT MISTRY – GOOGLE CLOUD


© ANKIT MISTRY – GOOGLE CLOUD
Cloud IAP
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


IAP
 Identity aware proxy
 IAP provides a single point of control for managing user access to web applications and cloud resources.
 Manage Http & SSH based resources
 Demo1
 SSH with just Private IP address
 Protect Compute Engine SSH Resources, Assign secured tunnel user role
 Demo2
 Secure Google App engine http resources
 Assign web app user role
 Demo3
 Firewall rule - allow SSH to VM(Private IP only) just from browser

@ ANKIT MISTRY – GOOGLE CLOUD


© ANKIT MISTRY – GOOGLE CLOUD
Configure IP address
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Types of IP
 Internal IP - Private IP – access from Private Network inside GCP

IP  External IP – Public IP - Access from anywhere on internet


 Ephemeral IP are temporal, once we restart resource, new IP will
be assigned.
Internal IP External IP
 Static – Permeant IP – Can be assigned from one resource to
another resources.

Ephemeral Ephemeral  Pricing – will be discussed later


 Reserved IP addresses in IPv4 subnet ranges
 https://cloud.google.com/vpc/docs/subnets
Static Static

@ ANKIT MISTRY – GOOGLE CLOUD


IP Pricing
 There is no charge for static or ephemeral internal IP addresses.
 For external IP address
 https://cloud.google.com/vpc/network-pricing

@ ANKIT MISTRY – GOOGLE CLOUD


Multiple NIC
 How can you deploy multiple app with different IP on same VM
 Multiple NIC can be attached with Compute Engine
 Each NIC is like One VPC
 Max 8 NIC can be attached
 Disadvantage : overhead to maintain multiple VPC
 Demo

@ ANKIT MISTRY – GOOGLE CLOUD


Alias IP & Secondary IP ranges
 Subnet Can have secondary IP apart from Primary ranges
 Ranges of IP address can be attached with Compute engine, Kubernetes as Alias IP
 Not like Multiple VPC, In Single VPC All IP exist
 No need to maintain Multiple VPC
 Demo
 Create VM with Multiple Range of IPs

@ ANKIT MISTRY – GOOGLE CLOUD


Alias IP in GKE
 Demo
 Create Public GKE Cluster
 Private GKE Cluster with Alias IP assignment for Control Plane, Pods, Services

@ ANKIT MISTRY – GOOGLE CLOUD


GCP Hybrid
Connectivity
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


GCP Hybrid Connectivity
Hybrid
Connectivity
Products

Cloud VPN – Cloud Peering with


IPSEC Interconnect Google

Connect your datacenter network with GCP network


Dedicated
Direct
Interconnect

Partner
Carrier
Interconnect

https://pixabay.com/photos/datacenter-bigdata-computer-science-2803200/
© ANKIT MISTRY – GOOGLE CLOUD
Cloud VPN
 A virtual private network lets you securely connect your Google Compute Engine resources to your own private network.

 Cloud VPN securely connects your peer network to your Virtual Private Cloud (VPC) network through an IPsec VPN

 It works between
 Google cloud & datacenter
 Google cloud & other public cloud (AWS)

 If you want to quickly setup connectivity, Cloud VPN is good choice.

 Traffic is encrypted by one VPN gateway and then decrypted by the other VPN gateway.

 Traffic travelled over public internet

 Single Cloud VPN tunnel can support up to 3 Gbps bandwidth

 VPC Peering is not transitive in nature. Cloud VPN is transitive.

© ANKIT MISTRY – GOOGLE CLOUD


Cloud VPN

© ANKIT MISTRY – GOOGLE CLOUD


Cloud VPN Demo
 Total 3 Demo

 Follow all 3 demo in sequence My First Project : Project1 GCP Network : Project2
 Demo – 1
 GCP to On-premise Setup is difficult
mfp-vpc gcp-nw-vpc
============ ================
 GCP to GCP
 Route based policy sub-us : 10.0.0.0/24 sub-sg : 192.168.0.0/24
allow ssh, icmp allow ssh, icmp
static-us vm-sg
vm-us static-sg
tunnel + gateway creation tunnel + gateway creation

© ANKIT MISTRY – GOOGLE CLOUD


Cloud VPN Demo
 Demo – 2 (Static routing)
 Add New Subnet
 Create New VM & Test Connectivity with Old VM
 Manual Route

 Demo – 3 (Dynamic Routing)


 Dynamic Routing – based on BGP
 Create Cloud Router on both side
 Create another subnet in same region and check advertisement done or not.

 Demo – 4
 Create subnet in other region and check advertisement done or not.

© ANKIT MISTRY – GOOGLE CLOUD


Cloud Router
 Cloud Router is a fully distributed and managed Google Cloud service that uses the Border Gateway
Protocol (BGP) to advertise IP address ranges
 Router detect all changes and create new optimal routes – like Google Maps

 It makes intelligent decision and exchange information in network

 Discovery of remote networks

 Ability to find a new best path if the current path is no longer available

© ANKIT MISTRY – GOOGLE CLOUD


Cloud Router

© ANKIT MISTRY – GOOGLE CLOUD


Static vs Dynamic Routing

Static Routing Dynamic Routing


Manual update require Update routes based on BGP (border gateway protocol)

Downtime – when tunnel deleted No Downtime

No Standardization BGP
Static routes are great for stable networks that don’t
Dynamic routes updates automatically
change

© ANKIT MISTRY – GOOGLE CLOUD


Cloud NAT
 NAT – network address translation

 How can you (sudo apt update) with just internal IP address from GKE Private Cluster

 How to access
 GCS services
 Cloud SQL, Vertex AI, memory store
 sudo apt update
 Reach anywhere on internet

 Cloud NAT is the solution which allows VM to connect internet without External IP

 Cloud NAT is bind to VPC – Region.

 Hands-on Cloud NAT Demo

© ANKIT MISTRY – GOOGLE CLOUD


Cloud Interconnect
 Extend your on premises VPC to GCP network

 highly available, low latency connection


 Cloud VPN use Public internet.

 Access resource with Internal IP address only

 Require time for initial setup

 Once setup, it works with very low latency &


with Internal IP address

 No encryption while traffic travelled

© ANKIT MISTRY – GOOGLE CLOUD


Create Cloud
Interconnect Request
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Dedicated vs partner Cloud
Interconnect

Dedicated Interconnect Partner Interconnect


No Encryption No Encryption

SLA : Your Datacenter & Google VPC SLA : Your Datacenter & Google VPC

Pricing is high Pricing is lower than dedicated

Bandwidth : 10 Gbps to 200 Gbps Bandwidth : 50 Mbps to 10 Gbps

No Service Provider require Service Provider require

Internal IP communication Internal IP communication

© ANKIT MISTRY – GOOGLE CLOUD


Cloud Peering
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Cloud Load balancer
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Load balancer
 A load balancer distributes user traffic
across multiple instances of your
applications.

 By spreading the load, load balancing


reduces the risk that your applications
experience performance issues

© ANKIT MISTRY – GOOGLE CLOUD


Cloud Load balancer
 Cloud Load Balancing is a fully distributed
 Software-defined managed GCP service.
 It isn't hardware-based, so you don't need to manage a physical load balancing infrastructure.
 Health check
 route traffic to only healthy instance
 maintain minimum number of instances
 Auto scaling based on traffic
 High availability
 Single anycast IP

© ANKIT MISTRY – GOOGLE CLOUD


Global vs Regional
Load balancer
 Use global load balancing when your backends are distributed across multiple regions.

 You can provide access by using a single anycast IP address.

 Use regional load balancing when your backends are in one region, and you only require IPv4.

© ANKIT MISTRY – GOOGLE CLOUD


Internal vs External LB
 External load balancers distribute traffic coming from the internet to your Google Cloud Virtual
Private Cloud (VPC) network. Global load balancing requires that you use the Premium Tier of
Network Service Tiers. For regional load balancing, you can use Standard Tier.

 Internal load balancers distribute traffic to instances inside of Google Cloud.

© ANKIT MISTRY – GOOGLE CLOUD


Types of Load balancer

https://cloud.google.com/load-balancing/docs/load-balancing-overview#tech-load-balancing

© ANKIT MISTRY – GOOGLE CLOUD


Layer 4 vs Layer 7 LB
 Layer 4 – TCP/UDP load balancer
Layer 7 (Http/Https/SMTP)
 Distributes traffic based on IP and Port
 Not much intelligent Layer 6 – Presentation Layer

 TCP – Transmission control protocol Layer 5 – session Layer


 Reliability is high
Layer 4 (Transport – TCP/UDP)
 UDP – User datagram Protocol
Layer 3 (network Layer - IP)
 Performance is good
Layer 2 – Datalink Layer
 Layer 7 – Http/https load balancer
 Use Data in a packet to distribute traffic Layer 1 – Physical Layer

 Smarter load balancer


 Most application communicate at layer 7

© ANKIT MISTRY – GOOGLE CLOUD


Choosing Load balancer

© ANKIT MISTRY – GOOGLE CLOUD


[Hands-on]
Cloud Load Balancer
 http/https based load balancing
 4 Host and path rules
 hostname/*  Cloud run
 Cloud DNS Setup
 hostname/dynamic1/*  Instance Group (MIG)
 hostname/dynamic2/*  Instance Group (UMIG)
 hostname/static-images/*  GCS Bucket - images

 Front ends
 Http
 Https (With Certificate)

© ANKIT MISTRY – GOOGLE CLOUD


Cloud DNS
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Cloud DNS
 DNS – Address book for internet

 www.google.com --------- 74.125.29.101

 Highly Scalable, Reliable and Managed Domain Name System (DNS) service on GCP infrastructure

 100% SLA

 Manage millions of DNS zones and records

 Cloud DNS
 Public Zone
 Private Zone

 [Hands-on] Cloud DNS – setup for Cloud load balancer

© ANKIT MISTRY – GOOGLE CLOUD


Private Cloud DNS
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Cloud CDN
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Cloud CDN
 Content delivery network

 Fast, reliable web and video content delivery with global scale and reach.

© ANKIT MISTRY – GOOGLE CLOUD


Cloud CDN – cache hit miss

https://cloud.google.com/cdn/docs/locations

© ANKIT MISTRY – GOOGLE CLOUD


[Hands-on] Cloud CDN
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


Cloud Armor
 Network security Product

 Web application firewall (WAF) + DDos attack prevention

 Works for Layer 3 to layer 7

 Intelligent filtering – Not just IP/Port


 lots of custom rule can be created at L3 – L7

 ML-based Adaptive Filtering

 Works with Cloud Load balancer

 Need to have Org Node


 can not work with no organization

© ANKIT MISTRY – GOOGLE CLOUD


[Hands-on] Cloud Armor
 Create VM – nginx installed
 Create Unmanaged instance group from VM
 Create Load balancer with Unmanaged IG as backend
 Cloud Armor
 Create Policy & add rule (attached with load balancer)
 Rule Default – Deny all
 Rule 1 : Allow All
 Rule 2 : Allow from Cloud Shell, not from Local machine
 Rule 3 : Allow from Local Machine, not from Cloud Shell
 Create extra path : /goodpath/*, /badpath/*
 Rule 4 : Create custom expression
 Allow & Deny based on Path expression
© ANKIT MISTRY – GOOGLE CLOUD
Network Service Tiers
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


VPC Flow Logs
BY ANKIT MISTRY

© ANKIT MISTRY – GOOGLE CLOUD


THANK YOU

© ANKIT MISTRY – GOOGLE CLOUD

You might also like