Architecture for Cloud Volumes Service

Cloud Volumes Service for Google Cloud uses the Google Cloud Private Services Access framework.

In this framework, you can connect to the Cloud Volumes Service from your VPCs by using private (RFC 1918) addresses. This framework uses Service Networking and VPC peering constructs similar to other Google Cloud services like Cloud SQL.

This design provides enhanced security and complete isolation between tenants, and the setup requires no manual intervention.

The following diagram shows the high-level flow of elements in the service's control plane (top) and data plane (bottom).

Control plane and data plane

For details, see Setting up private services access for Cloud Volumes Service.

The following diagram shows the typical architecture of Cloud Volumes Service when combined with a shared VPC topology in Google Cloud. This architecture enables multiple service projects to access the Cloud Volumes resources provisioned in the host project.

Control plane and data plane architecture