There is no doubt that AWS is a steep learning curve, the barrier of entry is high (unless you want to get started quickly with AWS LightSail 👇🏼)
Either way, learning about a VPC can be mind boggling, especially when you are an AWS newbie!
So let's start with what you don't need to know, at least not for a while.
Things that you don't need to know yet.
- Multiple VPC's
- VPC Peering
- Multiple subnets in a VPC
- Public and private subnets
Now, let's just focus on trying to understand what a VPC actually is, at least logically.
First an introduction on how AWS actually allows you to host your own compute instances on the same hardware without everyone being to able to see everyone else's stuff.
If you have come this far, no doubt you know what virtualisation is right? The ability for a single host computer (like your laptop or desktop) to run more that one operating system at the same time. I am simplifying it somewhat here but if you were an 80's gamer, there are emulators our there that allow you to run a ZX Spectrum or a Commodore 64 on your desktop PC or even your phone!
AWS is a similar concept, there is an underlying operating system (in AWS's case this is Linux with a built in open-source hypervisor called Xen) the Xen hypervisor enables the host OS (linux) to share the hosts computer resources (CPU, Disk, RAM) with other guest operating systems such as Windows Server and other Linux operating systems.
So why does virtualisation even exist?
Virtualisation is like a school bus. Before the school bus was invented, every parent used their own car to drive their kid to school, using extra gas and resources—putting all of the kids into one vehicle wasn’t an option.
One day, the school bus was introduced, exposing the inefficiency of every parent driving their kid to school separately. By using the school bus, parents could use less gas and fewer vehicles, all while transporting more kids.
Hence virtualisation enables more efficient use of host hardware by enabling multiple guest operating systems to use it. If you fancy delving a little bit deeper on hypervisors, have a read of this wiki article that goes way back to the mainframe days. AWS aren't doing anything new here:
A hypervisor is a kind of emulator; it is computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine. The hypervisor presents the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems. Multiple instances of a variety of operating systems may share the virtualized hardware resources: for example, Linux, Windows, and macOS instances can all run on a single physical x86 machine. This contrasts with operating-system–level virtualization, where all instances must share a single kernel, though the guest operating systems can differ in user space, such as different Linux distributions with the same kernel.
Anyway, back to our AWS VPC.
Based on what I have told you already, can you imagine hundreds of thousands of hosts in a data centre, all sharing their resources through the open-source Xen hypervisor to millions of guest virtual machines? Chaos right? You need something in place that would allow you to share the same hardware as everyone else but at the same time, provide isolation between you and all the other customers running their services in AWS. That is where a VPC comes in!
A VPC is your own personal Virtual Private Cloud. Everything that you build in there is personal to you and is inaccessible by anyone else (unless you want others to access it). In theory you could create a VPC, install an instance of Windows Server or Linux in it and only you would ever have access to that instance, it would be pretty useless, but you get the picture.
So think of a VPC as your first point of isolation within AWS, like your own personal bucket of compute, storage and networking, but with no holes and once you begin to learn more about customising your first VPC you'll then being to learn about the ip address allocation that you specify and then some of the rules you can setup to allow inbound and outbound traffic.
When you setup an AWS VPC for the first time, there is a nice wizard that allows you to specify subnet ranges for private and public networks so that you can place Internet facing services in the public section of your VPC and data tiers in the private section. Then you can place services in 'Availability Zones' which are basically different data centre locations within a geographic region, all available within your VPC! This means that you can split some public facing web services (within your VPC) across multiple physical locations to ensure they stay online during a location outage (a very rare event).
So that's a very basic overview of an AWS VPC. If you want to learn more, take a look at some of the further learning resources below:
A nice slide intro:
Have a listen to this Podcast for basic AWS network fundamentals
VPC fundamentals from YouTube:
You can also check out Hiroko Nishimura's excellent AWS for newbies course on LinkedIn learning here