In this document I discuss the design options for ingress traffic to an Aviatrix managed GCP cloud networking. Design Requirements Provide secure and centralized ingress, egress, and east-west for applications running on Google Cloud Integrate with Palo Alto Next General Firewalls for advanced security services Provide application owners capability to deploy their own objects such but not restricted to L4-L7 Load Balancers Solution should be high-available and scalable Provide visibility and analytics Proposed Design The Aviatrix proposed design is show in the diagram below: Applications are deployed into their own spoke VPCs. HTTP(S) or TCP LB(s) is created for use … Continue reading Centralized Ingress with Aviatrix on GCP