Book Image

Google Cloud Platform for Architects

By : Vitthal Srinivasan, Loonycorn , Judy Raj
Book Image

Google Cloud Platform for Architects

By: Vitthal Srinivasan, Loonycorn , Judy Raj

Overview of this book

Using a public cloud platform was considered risky a decade ago, and unconventional even just a few years ago. Today, however, use of the public cloud is completely mainstream - the norm, rather than the exception. Several leading technology firms, including Google, have built sophisticated cloud platforms, and are locked in a fierce competition for market share. The main goal of this book is to enable you to get the best out of the GCP, and to use it with confidence and competence. You will learn why cloud architectures take the forms that they do, and this will help you become a skilled high-level cloud architect. You will also learn how individual cloud services are configured and used, so that you are never intimidated at having to build it yourself. You will also learn the right way and the right situation in which to use the important GCP services. By the end of this book, you will be able to make the most out of Google Cloud Platform design.

Related Content you might be interested in

Current Title:

Small book image
Google Cloud Platform for Architects
Vitthal Srinivasan | Loonycorn | Judy Raj
Jun, 2018 | 372 pages
Small book image
Google Cloud Platform for Developers
Steven Porter | Ted Hunter
Jul, 2018 | 506 pages
Small book image
Google Cloud Platform Administration
Ranjit Singh Thakurratan
Sep, 2018 | 230 pages
Small book image
Professional Cloud Architect Google Cloud Certification Guide
Konrad Clapa | Brian Gerrard
Dec, 2021 | 664 pages
Table of Contents (19 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
The Case for Cloud Computing
The Case for Cloud Computing
Genesis
Why Google Cloud Platform (GCP)?
Autoscaling and autohealing
Capital expenditure (CAPEX) versus operating expenses (OPEX)
Career implications
Summary
2
Introduction to Google Cloud Platform
Introduction to Google Cloud Platform
Global, regional, and zonal resources
Accessing the Google Cloud Platform
Projects and billing
Setting up a GCP account
Using the Cloud Shell
Summary
3
Compute Choices – VMs and the Google Compute Engine
Compute Choices – VMs and the Google Compute Engine
Google Compute Engine – GCE
Persistent disks and local SSDs – block storage for GCE
More on working with GCE VMs
Modifying GCE VMs
Summary
4
GKE, App Engine, and Cloud Functions
GKE, App Engine, and Cloud Functions
GKE
Creating a Kubernetes cluster and deploying a WordPress container
Using the features of GKE
Google App Engine – flexible
Google App Engine – standard
Summary
5
Google Cloud Storage – Fishing in a Bucket
Google Cloud Storage – Fishing in a Bucket
Knowing when (and when not) to use GCS
Serving Static Content with GCS Buckets
Storage classes–Regional, multi-regional, nearline, and coldline
Working with GCS buckets
Creating buckets
Transferring data in and out of buckets
Use case – Object Versioning
Use case – object life cycle policies
Use case – restricting access with both ACLs and IAM
Use case – signed and timed URLs
Use case – reacting to object changes
Use case – using customer supplied encryption keys
Use case – auto-syncing folders
Use case – mounting GCS using gcsfuse
Use case – offline ingestion options
Summary
6
Relational Databases
Relational Databases
Relational databases, SQL, and schemas
GCP Cloud SQL
Use case – managing replicas
Use case – managing certificates
Use case – operating Cloud SQL through VM instances
Automatic backup and restore
Cloud Spanner
Summary
7
NoSQL Databases
NoSQL Databases
NoSQL databases
Cloud Bigtable
Creating and operating an HBase table using Cloud Bigtable
Scaling GCP Cloud BigTable
The Google Cloud Datastore
Comparison with traditional databases
Working with Datastore
Full indexing and perfect index
Summary
8
BigQuery
BigQuery
Underlying data representation of BigQuery
BigQuery public datasets
Legacy versus standard SQL
Working with the BigQuery console
Loading data into a table using BigQuery
Deleting datasets
Working with BigQuery using CLI
BigQuery pricing
Analyzing financial time series with BigQuery
Summary
9
Identity and Access Management
Identity and Access Management
Resource hierarchy of GCP
Permissions and roles
Summary
10
Managing Hadoop with Dataproc
Managing Hadoop with Dataproc
Hadoop and Spark
Hadoop on the cloud
Google Cloud Dataproc
Compute options for Dataproc
Working with Dataproc
Summary
11
Load Balancing
Load Balancing
Why load balancers matter now
Taxonomy of GCP load balancers
HTTP(S) load balancing
Configuring HTTP(S) load balancing
Configuring Internal Load Balancing
Other load balancing
Summary
12
Networking in GCP
Networking in GCP
Why GCP's networking model is unique
VPC networks and subnets
The default VPC
Internal and external IP addresses
VPN and cloud router
Working with VPCs
Working with custom subnets
Working with firewall rules
Summary
13
Logging and Monitoring
Logging and Monitoring
Logging
Monitoring
Summary
14
Infrastructure Automation
Infrastructure Automation
Managed Instance Groups
Cloud deployment manager
Summary
15
Security on the GCP
Security on the GCP
Security features at Google and on the GCP
Google-provided tools and options for security
Some security best practices
BeyondCorp – Identity-Aware Proxy
Summary
16
Pricing Considerations
Pricing Considerations
Compute Engine
BigTable
BigQuery
Datastore
Cloud SQL
Google Kubernetes Engine
Pub/Sub
Cloud ML Engine
Stackdriver
Video Intelligence API
Key Management Service – KMS
Vision API
Summary
17
Effective Use of the GCP
Effective Use of the GCP
Eat the Kubernetes frog
Careful that you don't get nickel-and-dimed
Pay for what you allocate not what you use
Make friends with the gsuite admins
Try to find reasons to use network peering
Understand how sustained use discounts work
Read the fine print on GCS pricing
Use BigQuery unless you have a specific reason not to
Use pre-emptible instances in your Dataproc clusters
Keep your Dataproc clusters stateless
Understand the unified architecture for batch and stream
Understand the main choices for ML applications
Understand the differences between snapshots and images
Don't be Milton!
Summary
18
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Use case – using customer supplied encryption keys

Data in GCS buckets is always encrypted, in-flight and at-rest. If we do nothing at all, the encryption occurs using Google-supplied keys. These keys are created, managed, and rotated by Google, and we need not bother with data encryption at all. This is the first option, called Google Supplied Encryption Key (GSEK), which is the one most likely to work right out of the box. The keys are those associated with the respective users and governed by IAM:

Alternatively, a customer might want more control, and insist on Customer Supplied Encryption Key (CSEK). Here, the key resides on the customer's premise, but is sent across in raw form as part of the API calls. All GCP references to the key are in-memory only, the key actually never gets stored on the cloud.

A third option is Customer Managed Encryption Keys (CMEK),...

Previous Section
End of Section 13
Next Section