Wabion’s Senior Cloud Architect keeps you up to date with the latest news from, about and around Google Cloud. Jörn’s update addresses both technology-focussed and business-oriented readers who want to stay in the know about the fastest-growing public cloud provider. Our new series appears once a month and always gets to the point.
After some very busy months, June was a bit slower regarding new features, releases and new services on Google Cloud. However, there are a lot of best practices and valuable insights related to both GCP and other areas of its ecosystem:
1. Best Practices: Priyanka Vergadia (Developer Advocate at Google / https://thecloudgirl.dev/about.html) created a great series of Reference Architectures for GCP. Check them out on LinkedIn via #BuildonGCP or in the summary on medium. A must-read.
2. Cloud Run FAQ: CloudRun (aka serverless containers aka knative) is a quite new addition to the serverless portfolio on GCP running on top of Kubernetes / GKE to help reduce the operational efforts for containerized workloads. As always, more choice also means more questions. This repo in Github includes FAQ on CloudRun going beyond the official documentation from Google. Kudos to my colleague Patrick Lubach for sharing this resource with us.
3. Big Query Security: GCPs serverless Data-Warehouse is becoming a central pillar of the data infrastructure for more and more customers due to its market-leading features and pricing. As hosting more and more sensitive data typically also requires more security, it’s great to see Google keep improving in this area by enabling row-level-security for more granular access. Read more in this article.
4. New VM-family for Scale-Out-Workloads: “Scale-out workloads demand the best combination of performance and price to bring down the cost of delivering applications, all while providing an excellent user experience”. That’s why “Tau VMs based on 3rd Gen AMD EPYC™ processors” are coming to Google Cloud. Read more in the announcement from Urs Hölzle, SVP Cloud Infrastructure.
5. Kubernetes: Great insights for everyone interested in Kubernetes and how to build a platform with the Kubernetes Resource Model. There are already four parts in the series, every part is worth reading: : Part 1 ( What’s in a platform), Part 2 (How KRM works), Part 3 (Simplifying Kubernetes app development) and Part 4 (Administering a multi-cluster environment). To be continued.
6. SAP on GCP: SAP HANA is at the heart of many business processes at a lot of customers worldwide. Google Cloud is doing a lot to be the best place to run SAP HANA. Read this article on how to “migrate your SAP HANA database to Google Cloud”.
7. Cloud Security#1: The monthly must-read when it comes to cloud- and cyber-security – “Cloud CISO Perspectives: June 2021” by Phil Venables, CISO of Google Cloud.
8. Dataproc: Many organizations started their data analytics journey with open source processing platforms such as Apache Spark, Presto, Apache Flink and Apache Hadoop. Dataproc is GCP’s service to run these services hassle-free and with less operational efforts. Read this article for Dataproc best practices.
9. Ubuntu on GCP: “You can now purchase these premium images directly from Google Cloud by selecting Ubuntu Pro as the operating system straight from the Google Cloud Console” and benefit from features like “10-year lifetime security updates” and many more. Find more information here.
10. Monitoring: The concept with workspaces in Cloud Operations (formerly known as Stackdriver) wasn’t ideall when it came to Multi-Project Monitoring, which is typically a key requirement for many customers. Therefore, it’s great to see that Google is overhauling the concept with workspaces and replacing it with a much more flexible approach. Read more here to learn more about Cloud Monitoring made easier.
11. Google Cloud VMware Engine (GCVE): There is great news for healthcare organizations: “Healthcare organizations can now migrate and run their HIPAA-compliant VMware workloads in a fully compatible VMware Cloud Verified stack running natively in Google Cloud with Google Cloud VMware Engine, without changes or re-architecture to tools, processes, or applications.” Read more here.
12. Asset Management on GCP: So far, Cloud Asset Inventory on GCP happened mostly in the background, e.g. when using Cloud Security Command Center (CSCC) to provide a list of your GCP assets. Recently, Google Cloud announced significant improvements around Cloud Asset Inventory. The biggest one is Cloud Asset Inventory Console, a dedicated UI for your Cloud Assets. I consider this a really exciting progress, as it’s addressing a huge need for many organizations. Read more here.
13. Cloud DNS for GKE: Surprisingly, I haven’t seen this one popping up on social media. In my opinion, it’s also a big one, as “Kubernetes networking almost always starts with a DNS request”. Integrating Cloud DNS with GKE not only reduces resource utilization, but also improves speed and performance. Pretty nice stuff!
14. EU Compliance: Read more about how Google Cloud incorporates the latest update in regards to the Standard Contractual Clauses (SCCs, also known as Model Contractual Clauses) to help safeguard personal data.
15. Cloud Foundry and Kubernetes: For companies using Cloud Foundry as a platform for app-development it can be cumbersome to bring these apps to Kubernetes / GKE. Great to see that Google now introduced “Kf”, “a Google Cloud service that allows you to easily move existing Cloud Foundry workloads to Kubernetes with minimal disruption to your existing processes.”
16. Cloud Security 2: Do you want to achieve CIS benchmark for Google Cloud Platform foundation 1.1 compliance easily? Cloud Security Command Center Premium has you covered. In addition, you can now grant fine-grained access on folder and project-levels, which enables you to “restrict employee access to only those who need to do their jobs”. This is particularly useful “if you need to delegate SCC findings to specific teams without having to give those teams a view of the entire organization.”
17. New Cloud TPU VMs: TPUs are a great option for ML-Models based on Tensorflow, PyTorch or JAX. Cloud TPU VMs now give you “…direct access to TPU host machines, …instead of accessing Cloud TPUs remotely over the network”.
18. Open Source Insights: Today, many companies today rely on open source projects / technologies. It’s often unclear whether an open source project is compliant with your requirements / policies or not, primarily because of the dependencies that it has. To tackle this issue, Google now started the Open Source Insights Project supporting customers in their open source projects. Read more here.
19. Cost Optimization for GKE: “When it comes to Kubernetes, cost optimization is especially challenging because you don’t want any efforts you undertake to negatively affect your applications‘ performance, stability, or ability to service your business.” This article helps you manage this challenge with out-of-the-box solutions.
20. Cloud Security 3: To address challenges related to infrastructure security, “Google Cloud built the security foundations blueprint to identify core security decisions and guide you with opinionated best practices for deploying a secured GCP environment.” When it comes to Cloud Security, it’s always worth having a closer look at the Wabion Cloud Security Best Practices Assessment.
That’s it for June. Just a short reminder: Google operates the greenest Cloud in the industry. As the extreme weather conditions all over the world demonstrate, we need to stop talking and start acting.
All the best,