Google Cloud Onboard Core Infrastructure 3.28.2019 PDF

1
3
<Start Training>
5
Welcome to Cloud OnBoard

7
9
#GoogleCloudOnBoard
10
#NowICan
11
12
13 </Start Training>
14
15
16
1 Cloud OnBoard
3
Cloud OnBoard <Agenda>
5
{
6
( ) Registration 08:30 AM
7
Welcome and Building What’s Next with Google Cloud 10:00 AM
8
(‘Module 1’) Introducing Google Cloud Platform 10:40 AM
9
(‘Module 2’) Getting Started with Google Cloud Platform 11:20 AM
( ) Lunch
10
12:00 PM
11
(‘Module 3’) Virtual Machines in the Cloud 01:00 PM
12 (‘Module 4’) Storage in the Cloud 01:40 PM
13 (‘Module 5’) Containers in the Cloud 02:30 PM
14
( ) Break 03:00 PM
15 (‘Module 6’) Applications in the Cloud 03:30 PM
16 (‘Module 7’) Developing, Deploying, and Monitoring in the Cloud 04:00 PM
17 (‘Module 8’) Big Data and Machine Learning in the Cloud 04:30 PM
} Closing Session | Continue learning with Google Cloud 05:00 PM

18
Cloud OnBoard
To download a copy of this presentation, go to:
https://files.roitraining.com/roiGCP/CoreFundamentals.zip
❖ Most recognized, experienced Google Cloud Premier Partner
❖ 40,000+ people trained in 30+ countries across 6 continents
❖ Largest team of Google Cloud Platform Certified Instructors
❖ Helped more IT professionals achieve Google Cloud Platform

certification than any other partner
google.roitraining.com
7 Cloud products with 1 billion users
Enable enterprise growth with all of
Google’s technology infrastructure built for cloud
Cloud OnBoard
Businesses are moving to cloud for

multiple purposes…
Optimize infrastructure Gain value from data Build new apps Connect to business Make teams productive
costs and achieve scale to predict business and experiences platforms of services with secure
outcomes and partners mobile/devices
Cloud OnBoard
While IT is modernizing at different speeds
Private Cloud/ Data Center Hybrid Cloud Public Cloud
Mobility & Devices
Platforms
Apps
Data
Infrastructure
YEARS QUARTERS MONTHS

Enterprises are experiencing a Digital Transformation
2010 2020
Individual Collective
Productivity Intelligence
Aggregated data stored in cloud, with global query

Data in silos on premise, hard to
access, analyze, and use Machine learning combined with “trained” data drives
deep, actionable insights
Productivity tools built for
individual, local usage Secure, open, container based applications &
microservices
Collaborative, cloud-based productivity applications
Proprietary + Confidential
Google datacenters are
"Information Factories"
This is just the beginning.
What does this new tech mean for existing businesses?
BigData Internet of Things Machine Learning

Meets you where you are
And helps you grow
Cloud OnBoard
2 What makes Google Cloud Different

3
10
11 Open Intelligent Collaborative Secure

12
13
14
15
16
17
WHY GOOGLE
Technology Advantages
Best in Class Products
Use the same tools, that power Google products

with +1Bn users each: Google Search, YouTube,
Chrome, Google Maps, Gmail, Android, Google Play.
Products like BigQuery help you make best use of

your data and our Machine Learning capabilities
enable you to create meaningful insights to take
informed business decisions
Confidential & Proprietary 14

Partner with all of Google
All brands
All our growth experience
All our innovation
Delivered engineer to engineer
Pricing for long term customer relationship

Google is the world leader in applying Machine Learning to
real world situations, inside and outside of Google...
Search Android Play
Search Ranking Keyboard and App Recommendations
Speech Recognition Speech Input Game Developer Experience
Gmail Drive Chrome

Smart Reply Intelligence in Apps Search by Image
Spam Classification
Photos YouTube Maps

Photos Search Video Recommendations Street View Image
Better Thumbnails Parsing Local Search
Translate Cardboard Ads

Text, Graphic and Smart Stitching Richer Text Ads
Speech Translations Automated Bidding
Self Driving Car Data Center Alpha Go

1.5MM miles driven Power Usage First AI to beat a world Go
Reduced cooling champion (2016)
energy 40% Confidential + Proprietary
Cloud OnBoard
Teams, mobility, devices
Connected business platforms

Security
App development & management Scale
Control
Data analytics & machine learning
Infrastructure, storage, network

Cloud OnBoard
Teams, mobility, devices
VISION LANGUAGE
Connected business platforms API API
APP COMPUTE KUBERNETES

App development & management ENGINE ENGINE ENGINE
BIG DATA MACHINE

Data analytics & machine learning QUERY FLOW LEARNING
Infrastructure, storage, network CLOUD

STORAGE
NETWORKING
COMPUTE
ENGINE
Security / Scale / Control

Defense in depth at scale, by default
Provenance from the bottom of the stack to the top
Security Key
Usage Cloud Audit Logging Access Transparency Safe Browsing API BeyondCorp
Enforcement
Threat prevention,
Compliance and Automatic Updates Anomaly Incident
Operations Certifications and Patching
analysis and Forensics
detection Response
intelligence
TLS encryption in
Certificate Free and automatic Load Balancer DDoS
Deployment transit with perfect
Authority certificates Mitigation
forward secrecy
Source code Binary Web Application

Application Code review
provenance verification Security Scanner
WAF IDS/ IPS
Identity and Access Key Management

Storage Encryption at rest Logging
Management Service
RPC encryption in
Software-defined
Network transit between data DNS
Network
Andromeda
centres
Authentication
Hardened
OS + IPC KVM Hypervisor
for each host Curated Images
and each job
Cryptographic
Boot Trusted Boot
Credentials
Purpose-built Purpose-built Purpose-built Purpose-built Purpose-built

Hardware Chips Servers Storage Network Data Centers
Cover ISO 27001 HIPAA ISAE 3402 Type II PCI DSS v3.2
yourself:
trust but ISO 27017 AICPA SOC 1, 2 & 3 STAR Certification
EU-U.S. & Swiss-U.S.
Privacy Shield Framework
verify
ISO 27018 SSAE 15 Type II FedRAMP ATO MTCS Level 3
and stay a
step ahead
Not an exhaustive list, refer: cloud.google.com/security

Cloud OnBoard
Meets you where you are…

Current IT Product Capabilities
Insecure devices, low Secure devices and

team productivity Teams, mobility, devices
collaborative team
VISION
Legacy integrations Expose high value data and API
(SOA, ESB) Connected business platforms

assets as APIs LANGUAGE
API
Core apps, legacy Modernize apps, accelerate

App development & management
back ends app delivery
Data in silos Deliver interactive analytics

(EDW, Hadoop) for all data types
Private Data Center Optimize in secure, fully

(Co-lo, virtualization) managed operations

Cloud OnBoard
And helps you grow

Opportunities Product Capabilities
Use new sensors &
Productive teams in
device interactions Teams, mobility, devices
connected workspaces
for teams
API monetization, business VISION

Create new API
ready APIs, partner Connected business platforms
business models LANGUAGE
ecosystems API
Breakthrough customer Build global scale transaction

App development & management
experience apps, manage cross clouds
Predict business Democratize analytics

outcomes and machine learning
Global scale Scale globally with high

and security flexibility and control

Why
Cloud OnBoard
2 What makes Google Cloud Different

3
10
11 Open Intelligent Collaborative Secure

12
13
14
15
16
17
Cloud OnBoard
2
Open Intelligent Collaborative Secure
3
7
“Google is the clear “Since working with Google "G Suite is a simple solution “User trust is crucial to our
8 leader in Kubernetes and Cloud TPUs, we’ve been in many ways, but the business so security was
9
container management, extremely impressed with features are actually very hugely important when
which aligns very well with their speed—what could sophisticated, enabling us selecting a cloud provider.
10 our open source values and normally take days can now to surround our business Google Cloud’s end-to-end
11
our vision for the future.” take hours. Deep learning is processes with the right approach met our high
fast becoming the tools to connect people." standards.”
12 backbone of the software
13
running self-driving cars.”
14 Niall Hayes, Anantha Kancherla, Mike Heim, Ryan Graciano,

Chief Operating Officer, Head of Self-Driving Chief Information Officer, Chief Technology Officer,
15 Pantheon Software, Lyft Whirlpool Corporation Credit Karma
16
17
Cloud OnBoard
Productive teams with Connect & grow ecosystems

mobility & devices
G-Suite; Chrome and Android Ready APIs (Maps, Vision,
Translate etc.), Apigee, OrbitEra
Deliver new apps

App Engine,
Kubernetes, Firebase,
Secure & trusted Cloud Functions
infrastructure
100+ POPs globally; 600+ security
engineers
Turn data into advantage
Machine Learning & Data
Analytics: Cloud ML,
TensorFlow, BigQuery
Cloud OnBoard
Google Cloud Platform Regions

18 current regions. 2 new regions coming.
Future region and

number of zones
Current region
and number
of zones
Cloud OnBoard
Google Cloud Platform Regions

18 current regions. 2 new regions coming.
3
FASTER (US, JP, TW) 2016 2
Havfrue (US,IE, DK) 2019
3 3 3
3 3
4
3 3 3
3 3
3 3 SJC (JP, HK, SG) 2013
HK-G (HK, GU) 2019

Unity (US, JP) 2010
Curie (CL, US) 2019
2 PLCN (HK, LA) 2019
Current region and

number of zones 3 Monet (US, BR) 2017
3 Future region and

number of zones
Junior (Rio, Santos) 2017
Network
Tannat (BR, UY, AR) 2017
Edge points of
presence >100
Indigo (SG, ID, AU) 2019 Edge node locations

>1000
1
3
<Start Training>
5
7
Module #1: Introducing
Google Cloud Platform
8
Google Cloud Platform Fundamentals: Core Infrastructure

10
V4.1
11
12
14
15
16
1 Cloud OnBoard
3
Agenda
5
6
Introduction to Google Cloud Platform
7
8 Quiz
9
10
11
12
13
14
15
16
17
18
Cloud OnBoard
Computing trends toward pay-as-you-go,

fully automated services
Now Next
Storage Processing Memory Network Storage Processing Memory Network
Physical/Colo Virtualized Serverless
User-configured, managed, and maintained Fully automated

Every company is
a data company
Cloud OnBoard
GCP offers a range of computing architectures
Kubernetes Managed Cloud

Compute Engine App Engine
Engine services Functions
IaaS Hybrid PaaS Automated elastic Serverless

resources logic
Toward managed infrastructure Toward dynamic infrastructure

Cloud OnBoard
Google network: 100,000s of km of fiber cable, 8 subsea cables
FASTER (US, JP, TW) 2016
Unity (US, JP) 2010
PLCN (HK, LA) 2019

SJC (JP, HK, SG) 2013
Monet (US, BR) 2017

Network
Network sea cable investments

Junior (Rio, Santos) 2017
Edge points of presence >100
Tannat (BR, UY, AR) 2017
Edge node locations >1000
Indigo (SG, ID, AU) 2019

Cloud OnBoard
Google Cloud Platform is organized into regions and zones
Future region and

number of zones
Current region
and number
of zones
Cloud OnBoard
Google offers customer-friendly

pricing innovations
Billing in sub-hour Discounts for Custom VM

increments sustained use instance types
For virtual machines and Automatically applied to Pay only for the resources
containers in the cloud; virtual machine use over you need for your application
data processing and other 25% of a month
services too
Cloud OnBoard
Open APIs and open source mean flexibility
Open APIs; compatibility Open source for a rich Multi-vendor-friendly

with open-source services ecosystem technologies
Cloud Bigtable Kubernetes Google Stackdriver
Forseti Security
Cloud Dataproc
Kubernetes Engine
Cloud OnBoard
Security is designed into Google’s

technical infrastructure
Layer Notable security measures (among others)
Intrusion detection systems; techniques to reduce insider risk; employee U2F use; software
Operational security
development practices
Internet communication Google Front End; designed-in Denial of Service protection
Storage services Encryption at rest
User identity Central identity service with support for U2F
Service deployment Encryption of inter-service communication
Hardware infrastructure Hardware design and provenance; secure boot stack; premises security
Why choose Google Cloud
Platform?
Google Cloud Platform enables
developers to build, test, and
deploy applications on Google’s
highly secure, reliable, and
scalable infrastructure.
Cloud OnBoard
Review: Google Cloud Platform offers a range of

compute services
Compute
Compute Kubernetes App Engine Cloud

Engine Engine Functions
Cloud OnBoard
Google Cloud Platform offers a range of storage services
Compute Storage
Kubernetes Cloud Bigtable Cloud Cloud SQL Cloud Cloud

Compute App Engine
Engine Functions Storage Spanner Datastore
Engine
Cloud OnBoard
Google Cloud Platform offers services for getting

value from data
Compute Storage
Kubernetes Cloud Bigtable Cloud Cloud SQL Cloud Cloud

Compute App Engine
Engine Functions Storage Spanner Datastore
Engine
Big Data Machine Learning
BigQuery Pub/Sub Dataflow Dataproc Datalab Natural Vision API Machine Speech Translate
Language Learning API API
API
1 Cloud OnBoard
3
Agenda
5
6
Introduction to Google Cloud Platform
7
8 Quiz
9
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6
Name some of Google Cloud
7
Platform’s pricing innovations.
8
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6
Name some of Google Cloud ● Sub-hour billing
7 ● Sustained-use discounts
8 ● Compute Engine custom machine types
9
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6
9
10
11
Name some benefits of using

12
Google Cloud Platform other

13
14
than its pricing.
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6
9
10
11
Name some benefits of using ● Commitment to environmental responsibility

Commitment to open-source technologies
12
●
Google Cloud Platform other
13
● Robust infrastructure
14
than its pricing.
15
16
17
18
1 Cloud OnBoard
3
More resources
5
7
Why Google Cloud Platform? Google Cloud Platform product overview
8
https://cloud.google.com/why-google/ http://cloud.google.com/products/
9
10
Pricing philosophy Google Cloud Platform solutions
11
https://cloud.google.com/pricing/philosophy/ http://cloud.google.com/solutions/
12
13 Data centers
14 https://www.google.com/about/datacenters/
15
16
17
18
1
3
<Start Training>
5
#GoogleCloudOnBoard
7
10
11
12
14
15
16
1
3
<Cloud OnBoard>
5
7
Module #2: Getting Started with
8
10 GCP Fundamentals: Core Infrastructure

11
V4.0
12
13 </Cloud OnBoard>
14
15
16
1
Demo
7
10
11
12
13
14
15
16
Cloud OnBoard
On- Infrastructure Platform as a Managed

Responsibility premises as a Service Service services
Content Cloud security

Access policies
requires collaboration
Usage
● Google is responsible
Deployment for Managing its
Web application security
infrastructure Security.
Identity
● You are responsible for
Operations Securing your data.
Access and authentication
● Google helps you with best
Network security
practices, templates,
OS, data, and content products, and solutions.
Audit logging
Network
Customer-managed Google-managed
Storage and encryption
Hardware
1 Cloud OnBoard
3
Agenda
5
6
Google Cloud Platform resource hierarchy
7
8 Identity and Access Management (IAM)

9
10 Cloud Identity
11
12
Interacting with Google Cloud Platform
GCP Marketplace
13
14
15
Quiz
16
17
18
1 Cloud OnBoard
3
Projects organize resources
5
6 ● Global resource collection

7
○ Track resource and quota usage
○ Enable or disable services and APIs
8
○ Control permissions and credentials
9 ○ Enable billing account
10
11 ● Provides an isolation boundary

12
between resources
○ You can create explicit trust
13
across projects
14
15 ● All Google Cloud Platform services

16 you use are associated with one
17 and only project
18
1 Cloud OnBoard
3
Resource hierarchy levels define
trust boundaries
5
● Group your resources with folders

8
and projects according to your
9
organization structure
10
11
● Levels of the hierarchy provide trust
12 boundaries and resource isolation
13
14
15
16
17
18
Cloud OnBoard
Cloud OnBoard
The organization node organizes projects

● The organization node is
the root node for Google
Cloud resources
● Notable organization roles: [email protected]

○ Organization Administrator Organization Admin
■ Broad control over all
cloud resources
○ Project Creator
■ Fine-grained control of
project creation
Create
Ex Drive Ex Mail
[email protected]
Project Creator
1 Cloud OnBoard
An example IAM resource hierarchy

2
Organization
6 ● A policy is set on a resource
7
○ Each policy contains
a set of roles and
8
role members
Folders
9
10 ● Resources inherit policies

11 from parent
Projects
12
○ Resource policies
are a union of parent
13
and resource
14
15 ● A less restrictive parent

Resources
16 policy overrides a more

17 restrictive resource policy
18
1 Cloud OnBoard
3
Agenda
5
6
7

9
10 Interacting with Google Cloud Platform

11
12
GCP Marketplace
Quiz
13
14
15
16
17
18
1 Cloud OnBoard
3
Cloud Identity
5
8
● Integrate your cloud and on-premises
directories in one IDaaS platform
9
10
● Single sign-on supports SAML 2.0,
11
OAuth 2.0 and OpenID
12
13
● Google grade security and scale
14
15 ● Suspicious activity detection

16
○ Sessions management tools
○ Security alerts
17
○ Multi-factor login support and
18 enforcement
Cloud OnBoard
Google’s Current Offering
Access
(SAML + OIDC)
Provisioning
Cloud Identity
sync
Cloud OnBoard
One independent platform to host and

manage identity
Cloud OnBoard
Managing Identity And Access

For managing users and For granting authorization
authentication to cloud resources
Cloud Identity
Cloud Console IAM
admin console
● User accounts ● Defining Identity and Access

Management roles
● Groups
● Authentication options for
developers
Cloud OnBoard
Each action in your environment needs to

answer 3 questions
who can do what on which resource

1 Cloud OnBoard
3
The most common ways to identify
users or machines are
5
6 who
7
9
Organization-managed users hosted of Google’s secure
10
IDaaP Including GSuite Users
11
[email protected]
12
13
User managed Google account
14
[email protected]
15
16
Service account
17
test@project_id.iam.gserviceaccount.com
18
1 Cloud OnBoard
3
Service Account
5 Belongs to your application or a virtual machine (VM),
6 instead of to an individual end user
7
8
● Provide a machine identity for carrying out server-to-server/service
interactions
9
10
● Default service accounts managed by Google
11
<project_number>[email protected]
12
13 ● User Defined Service Accounts

14 <name>@<project_ID>.iam.gserviceaccount.com
15
○ Provide a meaningful name
○ Use minimal privilege
16
○ Rotate keys periodically
17
18
1 Cloud OnBoard
There are three types of IAM roles

3
6 can do what
7
10
11
12
13
14
Primitive Predefined
15
Custom
16
17
18
1 Cloud OnBoard
3
IAM predefined roles
5 A set of permissions that grouped together
6
can do what on resources in this project, folder, or org

8
10
InstanceAdmin Role
11
compute.instances.delete
12
compute.instances.get
compute.instances.list
13
14
compute.instances.setMachineType
15
compute.instances.start
16 compute.instances.stop
17
example.com
18 <service>.<resource>.<verb>
1 Cloud OnBoard
3
IAM Custom roles
5 lets you define a precise set of permissions
6
can do what on resources in this project, folder, or org

8
10
SecurityAudit Role
11
compute.instances.get
12
compute.instances.list
containers.pods.getLogs
13
14
appengine.instances.get
15
logging.logs.list
16
17
example.com
18
Cloud OnBoard
IAM primitive roles apply across all GCP

services in a project
can do what on all project resources

Cloud OnBoard
IAM primitive roles offer fixed,

coarse-grained levels of access
Viewer Editor Owner Billing Admin Access
x x Manage billing
x x Add and remove administrators
x x x Read-only access A project can

x x Configure services
have multiple
owners, editors,
x x Modify code viewers, and billing
x Deploy applications
administrators.
x Invite members
x Remove members
x Delete projects
1 Cloud OnBoard
3
Google Groups Best Practices
5
8
● Assign permissions to groups rather than ● Create Groups for each team in your
individuals organisation
9
10
● Make Groups own resources and projects ● Nest Groups for fine grain control
11
for continuity
12
● Groups can also contain service accounts
13
14
SecOps Developers NetOps

15
16
17
App A App B
18
1 Cloud OnBoard
3
Audit Logs
5
10
11
Cloud console
12
activity page
13
14
15
Stackdriver
16
logging
17
18
Cloud OnBoard
Principle of least privilege
Everybody Owner Organization
Security Admin Security Project A

Group A Admin Role
Cloud OnBoard
Example: Service Accounts and IAM

● VMs running FrontEnd are granted Ex Mail Ex Drive
Editor access to project_b using
Service Account 1
● VMs running BackEnd are granted FrontEnd VM Service

objectViewer access to bucket_1 Account 1
Editor
using Service Account 2
● Service account permissions

can be changed without
BackEnd VM Service
recreating VMs Account 2
Storage.
objectViewer
bucket_1
1 Cloud OnBoard
3
Agenda
5
6
7

9

11
12
GCP Marketplace
Quiz
13
14
15
16
17
18
Cloud OnBoard
There are four ways to interact with GCP
Cloud Platform Cloud Shell and Cloud Console REST-based API

Console Cloud SDK Mobile App
For custom
Web user interface Command-line For iOS and Android applications
interface
>_
Cloud OnBoard
Google Cloud Platform Console
● Centralized console for all project data
● Developer tools
○ Cloud Source Repositories
○ Cloud Shell
○ Test Lab (mobile app testing)
● Access to product APIs
● Manage and create projects

Cloud OnBoard
Google Cloud SDK
● SDK includes CLI tools for Cloud Platform

products and services
○ gcloud, gsutil (Cloud Storage),
bq (BigQuery)
● Available as Docker image
● Available via Cloud Shell

○ Containerized version of Cloud SDK
running on Compute Engine instance
Cloud OnBoard
Cloud Console Mobile App
● Manage virtual machines and

database instances
● Manage apps in Google App Engine
● Manage your billing
● Visualize your projects with a

customizable dashboard
1 Cloud OnBoard
3
RESTful APIs
5
6 ● Programmatic access to products and services

7 ○ Typically use JSON as an interchange format
8 ○ Use OAuth 2.0 for authentication and authorization
9
10
● Enabled through the Google Cloud Platform Console
11
12 ● Most APIs include daily quotas and rates (limits) that can be
13 raised by request
14
○ Important to plan ahead to manage your required capacity
15
16
● Experiment with APIs Explorer
17
18
1 Cloud OnBoard
3
APIs Explorer
5
6 ● The APIs Explorer is an interactive tool that lets you easily try Google
7 APIs using a browser.
8
9
● With the APIs Explorer, you can:
10 ○ Browse quickly through available APIs and versions.
11 ○ See methods available for each API and what parameters they support
12 along with inline documentation.
13
○ Execute requests for any method and see responses in real time.
14
○ Easily make authenticated and authorized API calls.
15
16
17
18
1 Cloud OnBoard
3
Client Libraries
5
6 ● Cloud Client Libraries

7 ○ Community-owned, hand-crafted client libraries
8
9 ● Google API Client Libraries

10
○ Open source, generated
11
○ Support various languages
■ Java, Python, JavaScript, PHP, .NET, Go, Node.js, Ruby, Objective-C, Dart
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Agenda
5
6
7

9

11
12
GCP Marketplace
Quiz
13
14
15
16
17
18
Cloud OnBoard
GCP Marketplace gives quick access

to solutions
● A solution marketplace containing

pre-packaged, ready-to-deploy solutions
○ Some offered by Google
○ Others by third-party vendors
● You pay for the underlying GCP

resource usage.
○ Some solutions also assess third-party
license fees.
1 Cloud OnBoard
3
Agenda
5
6
7

9

11
12
GCP Marketplace
Quiz
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6
True or False: If a Google Cloud IAM
7 policy gives you Owner permissions at
8 the project level, your access to a
9
resource in the project may be restricted
by a more restrictive policy on that
10
resource.
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6
True or False: If a Google Cloud IAM False: Policies are a union of the parent and
7 policy gives you Owner permissions at the resource. If a parent policy is less
8 the project level, your access to a restrictive, it overrides a more restrictive
9
resource in the project may be restricted resource policy.
10
resource.
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6
9
10
resource.
11
12
13
14 True or False: All Google Cloud Platform

15
resources are associated with a project.
16
17
18
1 Cloud OnBoard
3
Quiz
5
6
9
10
resource.
11
12
13
14 True or False: All Google Cloud Platform True: All Google Cloud Platform resources are
15
resources are associated with a project. associated with a project.
16
17
18
1 Cloud OnBoard
3
Quiz: Service Accounts
5
6 Service accounts are used to provide which of the following?

7
8 ❏ Authentication between Google Cloud Platform services

9
10
❏ Key generation and rotation when used with App Engine and
11
Compute Engine
12
❏ A way to restrict the actions a resource (such as a VM) can perform

13
14
❏ A way to allow users to act with service account permissions
15
16
❏ All of the above
17
18
1 Cloud OnBoard
3
Quiz: Service Accounts
5
6 Service accounts are used to provide which of the following?

7
8 ❏ Authentication between Google Cloud Platform services

9
10
❏ Key generation and rotation when used with App Engine and
11
Compute Engine
12
❏ A way to restrict the actions a resource (such as a VM) can perform

13
14
❏ A way to allow users to act with service account permissions
15
16
✓ All of the above
17
18
1 Cloud OnBoard
3
More resources
5
7
Google Cloud Platform security Cloud SDK installation and quick start
8
https://cloud.google.com/security/ https://cloud.google.com/sdk/#Quick_Start
9
10
Configuring permissions Google Cloud Platform solutions
11
https://cloud.google.com/docs/permissions- http://cloud.google.com/solutions/
12
overview
13
14

16 https://cloud.google.com/iam/
17
18
1 Cloud OnBoard
3
Q&A
5
10
11
12
13
14
15
16
17
18
1
3
<Start Training>
5
#GoogleCloudOnBoard
7
10
11
12
14
15
16
Help shape the future of GCP, join
upcoming user studies.
Visit g.co/userresearch/gcpux to sign up.

1
3
<Break>
5
[Lunch]
7
9
[60 Minutes]
10
11
12
13 </Break>
14
15
16
Cloud OnBoard
Getting started on your Google Cloud

learning journey
1 2 3
Today Tomorrow Future

Google Cloud Platform Complete hands-on labs: Find more training online
Fundamentals: GCP Essentials Quest cloud.google.com/training
Core Infrastructure google.qwiklabs.com
Cloud OnBoard
Qwiklabs provides a hands-on labs

environment to learn GCP
1 2 3 4
Sign in to Choose a Lab Get a time bound Master a Skill

Qwiklabs 150+ labs live GCP
18 Quests Environment
Cloud OnBoard
1 month free access to Qwiklabs

Earn a badge and get a 2nd month free
1 Receive a follow up email after this event
2 Follow the link to Qwiklabs and enroll in a Quest
3 Create your Qwiklabs account if you don’t have one already
4 Log in and take your first lab
5 Complete the Quest within a month, and get a 2nd month

of free access to all the labs!
1
3
<Cloud OnBoard>
5
7
Module #3:
Virtual Machines in the Cloud
8

11
V4.0
12
13 </Cloud OnBoard>
14
15
16
1
Demo
7
10
11
12
13
14
15
16
1 Cloud OnBoard
3
Agenda
5
6
Virtual Private Cloud (VPC) Network
7
8 Compute Engine
9
10 Operations and tools

11
12
Quiz
13
14
15
16
17
18
1 Cloud OnBoard
3
Virtual Private Cloud Network
5
8 ● Build your own VPC on top Google’s physical global fiber network, powered by
9 Andromeda
10
11
● Gives you the flexibility to build solutions that scale and communicate across
12
regions and continents
13
● Abstracts away lower level management so you can focus on creating an
14
elastic, flexible and cost effective solution
15
16
17
18
1 Cloud OnBoard
3
Virtual Private Cloud Network
5
6
Key Features
7
8 ● Global Load Balancer with a single anycast IP

9
10 ● Subnets span across Regions

11
12
● Software defined Routers
13
● Easy ways to share and peer your network
14
15
● Flexible Firewall Rules
16
17
● Up to 5 global networks per project
18
Cloud OnBoard
Google Cloud VPCs are global; subnets

are regional
My VPC
us-east1
us-east1-b us-east1-c
my-subnet1
10.0.0.0/24 10.0.0.2 10.0.0.3

Cloud OnBoard
Project
Network Prod Network #2 Network Dev Network Corp Network #5
asia-east1
B europe-west1
us-central1
us-west1
A C D us-east1
The Internet
Cloud OnBoard
Google Cloud Platform offers many

connectivity options
VPN Interconnect Direct Peering
Cloud VPN securely connects Enterprise-grade Access to Google public IPs,

your on-premises network to connections to Google’s VPC over settlement free and saves up
your Google Cloud Platform RFC1918 IPs with SLA to 67% of your egress fees.
(GCP) Virtual Private Cloud
(VPC) network through an
IPsec VPN connection.
1 Cloud OnBoard
3
Cloud Global Load Balancing:
5
6 HTTP(S)
7
8 ● Global single anycast IP address routes traffic based on location or URL path
9
10 ● Balance HTTP(S) traffic across multiple Compute Engine regions

11
12
● Integrated health checks means traffic is directed only to healthy instances
13
● Terminates SSL at the load balancer
14
15
● Scalable, requires no pre-warming and provides resilience, fault tolerant
16
architecture
17
18
Cloud OnBoard
Global Load Balancer

1 Cloud OnBoard
3
Cloud Load Balancing Content Based
5
8 Spread HTTP(S) traffic over different pool of Global Load Balancer

9 instances based on the URL Pattern.
10
11
Traffic is directed only to instances that
12
pass health checks and has capacity
Scalable, requires no pre-warming
13
14
15
16
17
Default /video
18 Handler
1 Cloud OnBoard
3
Cloud Load Balancing -
TCP/SSL and UDP
5
8 ● Spread TCP/SSL and UDP traffic over pool of instances within a

9 Compute Engine region
10
11
● Traffic is directed only to instances that pass health checks
12
● Scalable, requires no pre-warming

13
14
15
16
17
18
1 Cloud OnBoard
3
Cloud Load Balancers
5
10
11
Global HTTP(S) SSL Proxy Proxy
12
13
14
Regional Network Internal
15
16
17
18
1 Cloud OnBoard
3
Cloud DNS is cost-effective way to
make your applications and services
5
available to your users

6
9
● Low latency solution
10
● Fast Anycast Name Servers
11
12
● Automatic Scaling
13
14
● 100% SLA
15
16 ● Create managed zones, then add, edit, delete DNS records

17
○ Programmatically manage zones and records using RESTful API or command-line interface
18
1 Cloud OnBoard
3
Cloud CDN (Content Delivery Network)
5
8 ● Use Google's globally distributed edge caches to cache HTTP(S) load-balanced content far
9 closer to your users than your instances
10
○ Faster delivery of content to users while reducing costs
11
● Cloud CDN uses caches at network locations to store responses generated by instances
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Agenda
5
6
7
8 Compute Engine
9

11
12
Quiz
13
14
15
16
17
18
Cloud OnBoard
Purpose-built Purpose-built Purpose-built Purpose-built Purpose-built data

chips servers storage network centers
1 Cloud OnBoard
3
Compute Engine
5
6
Scalable, High Performance Virtual Machines
7
8 ● Performance consistency, boots quickly

9
10 ● Custom Machine Types and industry-leading local SSD Performance

11
12
● Resize disks with no downtime
13
● Scales from single instances to global, load-balanced cloud computing
14
15
● Various pricing innovation
16
17
● Transparent Maintenance, automatic restarts and health-checks
18
1 Cloud OnBoard
3
Compute Engine
5
6
IaaS that is build for the Cloud era
7
8 ● Managed instance groups that will horizontally scale your fleet

9 ○ CPU
○ HTTP Load
10
○ Custom Metric
11
12
● Recommendation Engine
13
14 ● Inferred instance discount

15
16
● Preemptible Machines
17
● Sustained Use Discounts

18
Cloud OnBoard
Automatic Sustained Use Discounts
-10%
100%
-20%
-30%
75%
24%
Price
50%
Monthly
Usage
Average Savings
25%
0% 25% 50% 75% 100%

Cloud OnBoard
Rightsizing Recommendations
Optimize for your usage
2 instances could be resized to

save an estimated $33 per month
Cloud OnBoard
Resource based instances discount

Cloud OnBoard
<compute engine>
Preemptible VMs
Up to 80% cheaper for short-lived instances
CPU and GPU
1 Cloud OnBoard
3
Agenda
5
6
7
8 Compute Engine
9

11
12
Quiz
13
14
15
16
17
18
Cloud OnBoard
VPC Network offers many

internetworking features
● Fine-grained networking policies
● Fine-grained IP address range selection
● Routes
● Firewalls
● Virtual Private Network (VPN)
● Cloud Router
1 Cloud OnBoard
3 Google Cloud Platform offers many

5
interconnect options
6
10
Carrier Interconnect Direct Peering CDN Interconnect
11
Enterprise-grade Connect your business Allows select CDN providers to establish direct
12 connections provided by directly to Google interconnect links with Google’s edge network at
13
carrier service providers various locations
14
15
16
17
18
Google Cloud Interconnect
Cloud OnBoard
Cloud DNS is highly available

and scalable
● Create managed zones, then add, edit,

delete DNS records
○ Programmatically manage zones and
records using RESTful API or
command-line interface
Cloud OnBoard
Cloud Load Balancing: HTTP(S)
● Balance HTTP-based traffic across multiple

Compute Engine regions
● Global, external IP address routes traffic
● Traffic is directed only to instances that

pass health checks
● Scalable, requires no pre-warming and

provides resilience, fault tolerance
Cloud OnBoard
Cloud Load Balancing: TCP/SSL, UDP
● Spread TCP/SSL and UDP traffic over

pool of instances within a Compute
Engine region
● Traffic is directed only to instances that

pass health checks
● Scalable, requires no pre-warming

Cloud OnBoard
Cloud CDN (Content Delivery Network)
● Use Google's globally distributed edge

caches to cache HTTP(S) load-balanced
content far closer to your users than
your instances
○ Faster delivery of content to users while
reducing costs
● Cloud CDN uses caches at network

locations to store responses generated
by instances
1 Cloud OnBoard
3
Agenda
5
6
7
8 Compute Engine
9

11
12
Quiz
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6 Name 3 robust networking services

7 available to your applications on Google
8
Cloud Platform.
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6 Name 3 robust networking services Cloud Virtual Network, Cloud

7 available to your applications on Google Interconnect, Cloud DNS, Cloud Load
8
Cloud Platform. Balancing, and Cloud CDN.
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5

8
10
11 Name 3 Compute Engine pricing

12
innovations.
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5

8
10
11 Name 3 Compute Engine pricing Per-second billing, custom machine

12
innovations. types, preemptible instances.
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5

8
10

12
13
14
15
True or False: Google Cloud Load
Balancing lets you balance HTTP traffic
16
across multiple Compute Engine regions.
17
18
1 Cloud OnBoard
3
Quiz
5

8
10

12
13
14
15
True or False: Google Cloud Load True.
Balancing lets you balance HTTP traffic
16
across multiple Compute Engine regions.
17
18
1 Cloud OnBoard
3
More resources
5
6
Google Compute Engine
7
https://cloud.google.com/compute/docs/
8
9 Google Cloud Platform VPC

10 https://cloud.google.com/compute/docs/vpc/
11
12
Google Cloud Stackdriver
13
https://cloud.google.com/stackdriver/docs/
14
Google Cloud Source Repositories gcloud tool guide
15
https://cloud.google.com/source-repositories/docs/
16
17
18
1 Cloud OnBoard
3
Q&A
5
10
11
12
13
14
15
16
17
18
1
3
<Start Training>
5
#GoogleCloudOnBoard
7
10
11
12
14
15
16
1
3
<Cloud OnBoard>
5
7
Module #4:
Storage in the Cloud
8

11
V4.0
12
13 </Cloud OnBoard>
14
15
16
1
Demo
7
10
11
12
13
14
15
16
1 Cloud OnBoard
3
Agenda
5
6
Cloud Storage
7
8 Cloud SQL and Cloud Spanner

9
10 Cloud Bigtable
11
12
Cloud Datastore
Comparing storage options

13
14
15
Integrations with other services
16
17 Quiz
18
Cloud OnBoard
Machine Operations
Compute Networking Big Data Storage
Learning and Tools
Cloud Cloud Cloud Cloud Cloud

Storage SQL Spanner Datastore Bigtable
Cloud OnBoard
Cloud Storage is binary large-object

storage
● High performance, internet-scale
● Simple administration
○ Does not require capacity management
● Data encryption at rest
● Data encryption in transit by default

from Google to endpoint
● Online and offline import services

are available
1 Cloud OnBoard
3
Your Cloud Storage files are organized
into buckets
5
7
Bucket attributes: Bucket contents:
8 ● Globally unique name ● Files (in a flat namespace)
9
● Storage class ● Access Control Lists
10
● Location
11
○ Region or multi-region
12
13
● IAM policies or
14 ● Access Control Lists
15 ● Object versioning setting
16
● Object lifecycle management rules
17
18
Cloud OnBoard
Choosing among Cloud Storage classes

Multi-regional Regional Nearline Coldline
Intended for data Most frequently Accessed frequently Accessed less than Accessed less than
that is... accessed within a region once a month once a year
Availability SLA 99.95% 99.90% 99.00% 99.00%
Access APIs Consistent APIs
Access time Millisecond access

Price per GB stored per month
Storage price
Total price per GB transferred
Retrieval price
Use cases Content storage and In-region analytics, Long-tail content, Archiving,
delivery transcoding backups disaster recovery
“Thanks to Google Cloud Platform and the
Google Genomics team, the greatest minds in
science from around the world will be able to
study trillions of data points in one single
database.”
200 PER
UPLOADED
100
UP TO
RAW
TERABYTES GENOME
GIGABYTES
of data from more than
OF DATA
MSSNG project
1,300 WHOLE could easily surpass a
GENOMES PETABYTE
to Google Cloud Storage
WHOLE GENOMES FROM
PEOPLE
Making MSSNG world’s
10,000
largest single repository
of autism-related DNA
sequencing data
1 Cloud OnBoard
3
Agenda
5
6
Cloud Storage
7

9
10 Cloud Bigtable
11
12
Cloud Datastore

13
14
15
16
17 Quiz
18
Cloud OnBoard
Cloud SQL is a managed RDBMS
● Offers MySQL and PostgreSQL databases

as a service
● Automatic replication
● Managed backups
● Vertical scaling (read and write)
● Horizontal scaling (read)
● Google security
Cloud OnBoard
Cloud Spanner is a horizontally

scalable RDBMS
Cloud Spanner supports:
● Automatic replication
● Strong global consistency
● Managed instances with high availability
● SQL (ANSI 2011 with extensions)

1 Cloud OnBoard
3
Agenda
5
6
Cloud Storage
7

9
10 Cloud Bigtable
11
12
Cloud Datastore

13
14
15
16
17 Quiz
18
Cloud OnBoard
Cloud Bigtable is managed NoSQL
● Fully managed NoSQL, wide-column

database service for terabyte applications
● Integrated
○ Accessed using HBase API
○ Native compatibility with big data,
Hadoop ecosystems
Cloud OnBoard
Why choose Cloud Bigtable?
● Replicated storage
● Data encryption in-flight and at rest
● Role-based ACLs
● Drives major applications such as Google

Analytics and Gmail
Overview: Challenges:
Data to process: Data in the Consolidated Audit Trail (CAT). How to process the CAT and organize 100 billion
A data repository of all equities and options orders, quotes, market events into an “order lifecycle” in a 4 hour
and events window. Store 6 years (~30PB) of data
Cloud Bigtable to process and run queries

and tolerate volume increases
6 BILLION 1.7 GIGs 10 BN 1.7 GIGABYTES

PER SECOND PER SECOND
MARKET EVENTS WRITTEN
6 TBs PER HOUR BURSTS 10 TERABYTES

WRITTEN PER HOUR PER HOUR
PER HOUR
Cloud OnBoard
Bigtable Access Patterns

Application API
Data can be read from and written to Cloud Bigtable
through a data service layer like Managed VMs, the
HBase REST Server, or a Java Server using the HBase
client. Typically this will be to serve data to applications,
dashboards, and data services.
Streaming
Data can be streamed in (written event by event) through
a variety of popular stream processing frameworks like
Cloud Dataflow Streaming, Spark Streaming, and Storm.
Batch Processing
Data can be read from and written to Cloud Bigtable
Cloud Bigtable
through batch processes like Hadoop MapReduce,
Dataflow, or Spark. Often, summarized or newly
calculated data is written back to Cloud Bigtable or
to a downstream database.
1 Cloud OnBoard
3
Agenda
5
6
Cloud Storage
7

9
10 Cloud Bigtable
11
12
Cloud Datastore

13
14
15
16
17 Quiz
18
Cloud OnBoard
Cloud Datastore is a horizontally scalable

NoSQL DB
NoSQL designed for application

backends
● Fully managed
● Uses a distributed architecture
● to automatically manage scaling
● Built-in redundancy
● Supports ACID transactions

Cloud OnBoard
Google Cloud Datastore: benefits
● Schemaless access
○ No need to think about underlying
data structure
● Local development tools
● Includes a free daily quota
● Access from anywhere through a

RESTful interface
1 Cloud OnBoard
3
Agenda
5
6
Cloud Storage
7

9
10 Cloud Bigtable
11
12
Cloud Datastore

13
14
15
16
17 Quiz
18
Cloud OnBoard
Comparing storage options: technical details

Cloud Cloud Cloud
Bigtable Cloud SQL BigQuery
Datastore Storage Spanner
Type NoSQL NoSQL Blobstore Relational SQL Relational SQL Relational SQL
document wide column for OLTP for OLTP for OLAP
Transaction Yes Single-row No Yes Yes No
Complex No No No Yes Yes Yes
queries
Capacity Terabytes+ Petabytes+ Petabytes+ 500 GB Petabytes Petabytes+
Unit size 1 MB/entity ~10 MB/cell 5 TB/object Determined by 10,240 MiB/ 10 MB/row
~100 MB/row DB engine row
Cloud OnBoard
Comparing storage options: technical details

Cloud Cloud Cloud
Bigtable Cloud SQL BigQuery
Datastore Storage Spanner
Type NoSQL NoSQL Blobstore Relational SQL Relational SQL Relational SQL
document wide column for OLTP for OLTP for OLAP
Best for Getting “Flat” data, Structured and Web Large-scale Interactive
started, App Heavy read/ unstructured frameworks, database querying, offline
Engine write, events, binary or object existing applications (> analytics
applications analytical data data applications ~2 TB)
Use cases Getting AdTech, Images, large User Whenever high Data
started, App Financial and media files, credentials, I/O, global warehousing
Engine IoT data backups customer consistency is
applications orders needed
1 Cloud OnBoard
3
Agenda
5
6
Cloud Storage
7

9
10 Cloud Bigtable
11
12
Cloud Datastore

13
14
15
16
17 Quiz
18
Cloud OnBoard
Cloud Storage is integrated with other GCP services
Import and Startup scripts,

export tables images, and
general object
storage
BigQuery Compute
Engine
Cloud
Object storage, Import and
Storage export tables
logs, and
Datastore backups
App Cloud SQL

Engine
Cloud OnBoard
Cloud Bigtable is integrated with other GCP services
Google Cloud Dataflow

Use Cloud Dataflow connector for
Bigtable for batch and streaming
operations in pipelines.
Google Cloud Dataproc

Use Bigtable HBase client to integrate
Hadoop jobs with Cloud Dataproc.
Cloud Bigtable
On-premises, cloud-based Hadoop
External
service Use Bigtable HBase client to integrate
with Hadoop clusters.
Cloud OnBoard
Cloud SQL is integrated with other GCP

services
External
service
Cloud SQL can be used Compute Engine instances Cloud SQL can be used with
with App Engine using can be authorized to access external applications and clients.
standard drivers. Cloud SQL instances using
an external IP address. Standard tools can be used to
You can configure a Cloud SQL administer databases.
instance to follow an App Cloud SQL instances can be
Engine application. configured with a preferred zone. External read replicas can
be configured.
1 Cloud OnBoard
3
Agenda
5
6
Cloud Storage
7

9
10 Cloud Bigtable
11
12
Cloud Datastore

13
14
15
16
17 Quiz
18
1 Cloud OnBoard
3
Quiz
5
6 Your application transcodes large video

7 files. Which storage service should you
8
consider first?
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6 Your application transcodes large video Google Cloud Storage

8
consider first?
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5

8
consider first?
10
11 You stream huge amounts of data from

12 devices with sensors. Which storage
13
service should you consider first?
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5

8
consider first?
10
11 You stream huge amounts of data from Google Cloud Bigtable

12 devices with sensors. Which storage
13
service should you consider first?
14
15
16
17
18
1 Cloud OnBoard
3
More resources
5
6
Overview of Cloud Storage Cloud Spanner
7
https://cloud.google.com/storage/ https://cloud.google.com/spanner/docs/
8
9 Getting started with Google Cloud SQL Cloud Datastore

10 https://cloud.google.com/sql/docs/quickstart https://cloud.google.com/datastore/docs/
11
12
Cloud Bigtable
13
14
15
16
17
18
1
3
<Start Training>
5
#GoogleCloudOnBoard
7
10
11
12
14
15
16
1
3
<Cloud OnBoard>
5
7
Module #5:
Containers in the Cloud
8

11
V4.0
12
13 </Cloud OnBoard>
14
15
16
1
Demo
7
10
11
12
13
14
15
16
Cloud OnBoard
Review: IaaS and PaaS
Toward Compute Engine Kubernetes Engine App Engine Toward

managed managed
infrastructure services
IaaS PaaS
Raw compute, storage, and network Preset run-times
More granular control Java, Go, PHP, Python...
Focus is application logic
Pay for what you allocate Pay for what you use
More management overhead Less management overhead
1 Cloud OnBoard
3
Agenda
5
6
Introduction to Containers
7
8 Kubernetes
9
10 Kubernetes Engine
11
12
Quiz
13
14
15
16
17
18
Cloud OnBoard
How do virtual machines and containers differ?
Hypervisor-based virtualization Container-based virtualization
App App App
Libs Libs Libs App App App
Libs Libs Libs
Guest Guest Guest Container runtime

OS OS OS
Host OS Kernel
Hardware
Hypervisor
Hardware
1 Cloud OnBoard
3
Why use containers?
5
Consistency Loose coupling Workload migration Agility

9
10 Across Between application Simplified between Agile development

11 development, and operating on-premises and cloud and operations
12 testing, and system layers environments
13 production
14 environments
15
16
17
18
1 Cloud OnBoard
3
Agenda
5
6
7
8 Kubernetes
9
11
12
Quiz
13
14
15
16
17
18
Cloud OnBoard
Kubernetes is a container cluster

orchestration system
● Automates deployment, scaling,

and operations for container clusters
● Open source, based on Google’s experience

over 10+ years
● Built for a multi-cloud world

○ Public, private, hybrid
Cloud OnBoard
Google Cloud Datastore: benefits
● Workload portability
○ You can run in many environments,
across cloud providers.
○ Implementation is open and modular.
● Rolling updates
○ You can upgrade applications
without downtime.
● Persistent storage
○ Details of how storage is provided are
abstracted from how it is consumed.
Cloud OnBoard
Kubernetes makes applications

more elastic
● Multi-zone clusters
○ Run a single cluster in multiple zones
● Load balancing
○ External IP address routes traffic to
correct port
● Autoscaling
○ Automatically adapt to changes in
workload
1 Cloud OnBoard
3
Agenda
5
6
7
8 Kubernetes
9
11
12
Quiz
13
14
15
16
17
18
Cloud OnBoard
Kubernetes Engine manages and

runs containers
● Fully managed cluster management and

orchestration system for running containers
○ Based on Kubernetes
○ Uses Compute Engine instances and
resources
● Uses a declarative syntax to manage

applications
○ Declare desired application
configuration, Kubernetes Engine
implements, manage
Cloud OnBoard
Why use Kubernetes Engine?
● Decouples operational, development

concerns
● Manages and maintains

○ Logging, health management,
monitoring
● Easily update Kubernetes versions as they

are released
1 Cloud OnBoard
3
Kubernetes Engine’s complementary services
5
10
11
12
Google Cloud Container Builder Google Container Registry
13
Create Docker container images from Docker image storage that’s private to
14
app code in Google Cloud Storage your GCP project
15
16
17
18
Cloud OnBoard
Treeptik
“Our platform sometimes has to be deployed on a cluster. How do we enable containers to

communicate from different hosts? Google has the answer: Kubernetes. This awesome tool
helps us manage our clusters of containers as if they were a single system.”
scale speed -30%

Docker containers REST APIs speed provisioning of Administrative costs
automate scalability new instances; JAVA applications reduced by 30%
can be deployed in minutes
1 Cloud OnBoard
3 Deploying Apps: Kubernetes Engine vs App Engine

5
7
Kubernetes App Engine App Engine Flexible
8 Engine Standard
9
Language support Any Java, Python, Go & Any

10
PHP
11
12
Service model Hybrid PaaS PaaS
13
14
Primary use case Container-based Web and mobile Web and mobile
workloads applications applications,
15
container-based
16 workloads
17
18
1 Cloud OnBoard
3
Agenda
5
6
7
8 Kubernetes
9
11
12
Quiz
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6 Name two reasons for deploying

7 applications using containers.
8
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6 Name two reasons for deploying Consistency across development,

7 applications using containers. testing,and production environments;
8
Simpler to migrate workloads; Loose
coupling; Agility
9
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5

8
coupling; Agility
9
10
11
True or False: Kubernetes lets you
manage container clusters in multiple
12
cloud providers.
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5

8
coupling; Agility
9
10
11
True or False: Kubernetes lets you True
12
cloud providers.
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5

8
coupling; Agility
9
10
11
12
cloud providers.
13
14
15 True or False: GCP provides a private,

16 high-speed container image storage
17
service for use with Kubernetes Engine.
18
1 Cloud OnBoard
3
Quiz
5

8
coupling; Agility
9
10
11
12
cloud providers.
13
14
15 True or False: GCP provides a private, True

16 high-speed container image storage
17
service for use with Kubernetes Engine.
18
1 Cloud OnBoard
3
More resources
5
6
Kubernetes Engine Google Cloud Container Builder
7
https://cloud.google.com/container- https://cloud.google.com/container-
8
engine/docs/ builder/docs/
9
10 Kubernetes Engine tutorials Google Container Registry

11 https://cloud.google.com/container-engine/ https://cloud.google.com/container-
12
docs/tutorials registry/docs/
13
Kubernetes
14
http://kubernetes.io/
15
16
17
18
1
3
<Start Training>
5
#GoogleCloudOnBoard
7
10
11
12
14
15
16
1
3
<Break>
5
[Break]
7
9
[30 Minutes]
10
11
12
13 </Break>
14
15
16
1
3
<Cloud OnBoard>
5
7
Module #6:
Applications in the Cloud
8

11
V4.0
12
13 </Cloud OnBoard>
14
15
16
1
Demo
7
10
11
12
13
14
15
16
1 Cloud OnBoard
3
Agenda
5
6
Google App Engine
7
8 Google App Engine Standard Environment

9
10 Google App Engine Flexible Environment

11
12
Google Cloud Endpoints and Apigee Edge
Quiz
13
14
15
16
17
18
1
Demo
7
10
11
12
13
14
15
16
Cloud OnBoard
App Engine is a PaaS for building

scalable applications
● App Engine makes deployment,

maintenance, and scalability easy so you
can focus on innovation
● Especially suited for building scalable web

applications and mobile backends
1 Cloud OnBoard
3
Agenda
5
6
Google App Engine
7

9

11
12
Quiz
13
14
15
16
17
18
Cloud OnBoard
App Engine standard environment
● Easily deploy your applications
● Autoscale workloads to meet demand
● Economical
○ Free daily quota
○ Usage based pricing
● SDKs for development, testing and

deployment
Cloud OnBoard
App Engine standard environment:

Requirements
● Specific versions of Java, Python, PHP, and

Go are supported
● Your application must conform to sandbox

constraints:
○ No writing to local file system
○ All requests time out at 60 seconds
○ Third-party software installations are
limited
Cloud OnBoard
Example App Engine standard workflow:

Web applications
App Engine automatically App Engine can access a
3
scales & reliably serves your variety of services using
Develop & test the web dedicated APIs
1 web application
application locally
Project
Memcache
App Engine
App Servers Task
queues
Application
Use the SDK to deploy to Scheduled
2 instances
App Engine tasks
Application
instances
Search
Application
instances
Logs
1 Cloud OnBoard
3
Agenda
5
6
Google App Engine
7

9

11
12
Quiz
13
14
15
16
17
18
Cloud OnBoard
App Engine flexible environment
● Build and deploy containerized apps

with a click
● No sandbox constraints
● Can access App Engine resources
● Standard runtimes: Python, Java, Go,

Node.js
● Custom runtime support: Any language

that supports HTTP requests
● Package your runtime as a Dockerfile

Cloud OnBoard
Comparing the App Engine environments

Standard Environment Flexible Environment
Instance startup Milliseconds Minutes
SSH access No Yes (although not by default)
Scaling Manual, basic, automatic Manual, automatic
Write to local disk No Yes (but writes are ephemeral)
Support for 3rd-party No Yes

binaries
Network access Via App Engine services Yes
Pricing model After free daily use, pay per instance class, Pay for resource allocation per hour; no
with automatic shutdown automatic shutdown
Cloud OnBoard
CompaDeploying Apps: Kubernetes Engine vs App Engine
ring the AppKubernetes

Engine environments
Engine App Engine Flexible App Engine Standard
Language Any Any Java, Python, Go, PHP

support
Service model Hybrid PaaS PaaS
Primary use Container-based workloads Web and mobile applications, Web and mobile applications
case container-based workloads
Toward managed infrastructure Toward dynamic infrastructure

1 Cloud OnBoard
3
Agenda
5
6
Google App Engine
7

9

11
12
Quiz
13
14
15
16
17
18
Cloud OnBoard
Cloud Endpoints helps you create and

maintain APIs
● Distributed API management through an

API console
● Expose your API using a RESTful interface
● Control access and validate calls with

JSON Web Tokens and Google API keys
● Identify web, mobile users with Auth0 and

Firebase Authentication
● Generate client libraries

Cloud OnBoard
Cloud Endpoints: Supported platforms
● Supports App Engine standard or

flexible environment, Compute Engine,
Kubernetes Engine
● Use Java or Python open-source

Frameworks or any other framework
and language
● Supports iOS, Android, and

JavaScript clients
1 Cloud OnBoard
3
Apigee Edge helps you secure and
monetize APIs
5
8
1. A platform for making APIs available to your customers
9
and partners
10
11
2. Contains analytics, monetization, and a developer portal
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Agenda
5
6
Google App Engine
7

9

11
12
Quiz
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6 Name 3 advantages of using the App

7 Engine flexible environment over App
8
Engine standard.
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6 Name 3 advantages of using the App The flexible environment allows SSH
7 Engine flexible environment over App access, allows disk writes, and
8
Engine standard. supports third-party binaries (also
allows stack customization and
9
background processes).
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
8
9
10
11
12 What is the difference between Cloud

Endpoints and Apigee Edge?
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
8
9
10
11
12 What is the difference between Cloud Cloud Endpoints helps you create and
Endpoints and Apigee Edge? maintain APIs; Apigee Edge helps you
13
secure and monetize APIs.
14
15
16
17
18
1 Cloud OnBoard
3
More resources
5
6
Google App Engine Google Cloud Endpoints
7
https://cloud.google.com/appengine/docs/ https://cloud.google.com/endpoints/docs/
8
9 Google App Engine Flexible Environment Apigee Edge

10 https://cloud.google.com/appengine/ http://docs.apigee.com/api-services/content/
11 docs/flexible/ what-apigee-edge
12
13
Google App Engine Standard Environment
https://cloud.google.com/appengine/
14
docs/standard/
15
16
17
18
1
3
<Start Training>
5
#GoogleCloudOnBoard
7
10
11
12
14
15
16
1
3
<Cloud OnBoard>
5
7
Module #7:
Developing, Deploying, and Monitoring in the Cloud
8
GCP Fundamentals: Core Infrastructure

10
V4.0
11
12
13 </Cloud OnBoard>
14
15
16
1
Demo
7
10
11
12
13
14
15
16
1 Cloud OnBoard
3
Agenda
5
6
Development in the cloud
7
8 Deployment: Infrastructure as code

9
10 Monitoring: Proactive instrumentation

11
12
13
14
15
16
17
18
Cloud OnBoard
Cloud Source Repositories
● Fully featured Git repositories hosted on

● Supports collaborative development of

cloud apps
● Includes integration with Stackdriver

Debugger
Cloud OnBoard
Cloud Functions
● Create single-purpose functions that

respond to events without a server
or runtime
○ Event examples: New instance created,
file added to Cloud Storage
● Written in Javascript; execute in managed

Node.js environment on Google Cloud
Platform
1 Cloud OnBoard
3
Agenda
5
6
7

9

11
12
13
14
15
16
17
18
Cloud OnBoard
Deployment Manager
● Infrastructure management service
● Create a .yaml template describing your

environment and use Deployment Manager
to create resources
● Provides repeatable deployments

1 Cloud OnBoard
3
Agenda
5
6
7

9

11
12
13
14
15
16
17
18
Monitoring Logging Debug
Error Reporting Trace

1 Cloud OnBoard
3 Stackdriver offers capabilities in six areas

5
6
Monitoring Logging Profiler
7
Platform, system, and Platform, system, and Statistical, low-overhead profiler

8
application metrics application logs that continuously gathers CPU
9
usage and memory-allocation
Uptime/health checks Log search, view, filter,
10 information from your
and export
11 Dashboards and alerts production applications
Log-based metrics
12
13
14 Error Reporting Debugger Trace
15 Error notifications Debug applications Latency reporting and

16 sampling
Error dashboard
17 Per-URL latency and statistics
18
1 Cloud OnBoard
3
More resources
5
6
Cloud Source Repositories
7
https://cloud.google.com/source-repositories/docs/
8
9 Deployment Manager
10 https://cloud.google.com/deployment-manager/docs/
11
12
Google Stackdriver
13
14
15
16
17
18
1
3
<Start Training>
5
#GoogleCloudOnBoard
7
10
11
12
14
15
16
1
3
<Cloud OnBoard>
5
7
Module #8:
Big Data and Machine Learning in the Cloud
8
GCP Fundamentals: Core Infrastructure

10
V4.0
11
12
13 </Cloud OnBoard>
14
15
16
1 Cloud OnBoard
3
Agenda
5
6
Google Cloud Big Data Platform
7
8 Google Cloud Machine Learning Platform

9
10 Quiz
11
12
13
14
15
16
17
18
Cloud OnBoard
Google Cloud’s big data services are

fully managed and scalable
Cloud Cloud BigQuery Cloud Cloud

Dataproc Dataflow Pub/Sub Datalab
Analytics database;
Managed Hadoop Stream and batch stream data at Scalable and Interactive data
MapReduce, processing; unified 100,000 rows per flexible exploration
Spark, Pig, and and simplified second enterprise
Hive service pipelines messaging
Cloud OnBoard
Cloud Dataproc is managed Hadoop
● Fast, easy, managed way to run

Hadoop and Spark/Hive/Pig on Google
Cloud Platform
● Create clusters in 90 seconds or less

on average.
● Scale clusters up and down even when jobs

are running.
Cloud OnBoard
Why use Cloud Dataproc?
● Easily migrate on-premises Hadoop jobs to

the cloud.
● Quickly analyze data (like log data) stored

in Cloud Storage; create a cluster in 90
seconds or less on average, and then delete
it immediately.
● Use Spark/Spark SQL to quickly perform

data mining and analysis.
● Use Spark Machine Learning Libraries

(MLlib) to run classification algorithms.
Cloud OnBoard
Cloud Dataflow offers managed

data pipelines
● Processes data using Compute

Engine instances.
○ Clusters are sized for you
○ Automated scaling, no instance
provisioning required
● Write code once and get batch

and streaming.
● Transform-based programming model.

Cloud OnBoard
Dataflow pipelines flow data from a

source through transforms
Source
BigQuery
Transforms
Sink
Cloud Storage
Cloud OnBoard
Why use Cloud Dataflow?
● ETL (extract/transform/load) pipelines to

move, filter, enrich, shape data
● Data analysis: batch computation or

continuous computation using streaming
● Orchestration: create pipelines that coordinate

services, including external services
● Integrates with GCP services like Cloud

Storage, Cloud Pub/Sub, BigQuery,
and Bigtable
○ Open source Java and Python SDKs
Cloud OnBoard
BigQuery is a fully managed

data warehouse
● Provides near real-time interactive analysis

of massive datasets (hundreds of TBs)
● Query using SQL syntax (SQL 2011)
● No cluster maintenance is required.

Cloud OnBoard
BigQuery runs on Google’s

high-performance infrastructure
● Compute and storage are separated with

a terabit network in between
● You only pay for storage and

processing used
● Automatic discount for long-term

data storage
BigQuery at UC Denver
Anschutz Medical Personalized medicinal care for
each patient
Campus
6 million
Genetic makeup, health history and
treatments of over 6 million patients
8 hrs 15 min
BigQuery reduced time to execute
complex analyses on the entire set of
patient records to just 15 minutes
Cloud OnBoard
Cloud Pub/Sub is scalable,

reliable messaging
● Supports many-to-many asynchronous

messaging
○ Application components make push/pull
subscriptions to topics
● Includes support for offline consumers
● Based on proven Google technologies
● Integrates with Cloud Dataflow for data

processing pipelines
Cloud OnBoard
Why use Cloud Pub/Sub?
● Building block for data ingestion in

Dataflow, Internet of Things (IoT),
Marketing Analytics
● Foundation for Dataflow streaming
● Push notifications for cloud-based

applications
● Connect applications across Google Cloud

Platform (push/pull between Compute
Engine and App Engine)
Cloud OnBoard
Cloud Datalab offers interactive

data exploration
● Interactive tool for large-scale data

exploration, transformation, analysis,
and visualization
● Integrated, open source

○ Runs on App Engine
○ Built on Jupyter (formerly IPython)
Cloud OnBoard
Why use Cloud Datalab?
● Create and manage code, documentation,

results, and visualizations in intuitive
notebook format.
○ Use Google Charts or matplotlib for
easy visualizations.
● Analyze data in BigQuery, Compute Engine,

and Cloud Storage using Python, SQL,
and JavaScript.
● Easily deploy models to BigQuery.

1 Cloud OnBoard
3
Agenda
5
6
7

9
10 Quiz
11
12
13
14
15
16
17
18
1
Demo
7
10
11
12
13
14
15
16
Cloud OnBoard
Machine Learning APIs enable apps that

see, hear, and understand
Cloud OnBoard
Cloud Machine Learning Platform
● Open source tool to build and run neural network

models
○ Wide platform support: CPU or GPU; mobile, server,
or cloud
● Fully managed machine learning service
○ Familiar notebook-based developer experience
○ Optimized for Google infrastructure; integrates with
Cloud ML
BigQuery and Cloud Storage
● Pre-trained machine learning models built by Google
○ Speech: Stream results in real time, detects 80
languages
○ Vision: Identify objects, landmarks, text, and
content
Machine Learning APIs ○ Translate: Language translation including detection
○ Natural language: Structure, meaning of text
1 Cloud OnBoard
3 Why use the Cloud Machine Learning platform?

5
6
For structured data For unstructured data
7
Image and video analytics

9
Classification and regression
10
11
12
Text analytics
Recommendation
13
14
15
Anomaly detection
16
17
18
Cloud OnBoard
Cloud Vision API
● Analyze images with a simple REST API

○ Logo detection, label detection, etc
● With the Cloud Vision API, you can:

○ Gain insight from images
○ Detect inappropriate content
○ Analyze sentiment
○ Extract text
Cloud OnBoard
Cloud Speech API
● Recognizes over 80 languages and variants
● Can return text in real time
● Highly accurate, even in noisy environments
● Access from any device
● Powered by Google’s machine learning

Cloud OnBoard
Cloud Natural Language API
● Uses machine learning models to reveal

structure and meaning of text.
● Extract information about items mentioned

in text documents, news articles, and
blog posts.
● Analyze text uploaded in request or

integrate with Cloud Storage.
Cloud OnBoard
Cloud Translation API
● Translate arbitrary strings between

thousands of language pairs
● Programmatically detect a
document’s language
● Support for dozens of languages

Cloud OnBoard
Cloud Video Intelligence APIBeta
● Annotate the contents of videos
● Detect scene changes
● Flag inappropriate content
● Support for a variety of video formats

1 Cloud OnBoard
3
Agenda
5
6
7

9
10 Quiz
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6 When would you use Cloud Dataproc?

7
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
6 When would you use Cloud Dataproc? You can use it to migrate on-premises
7 Hadoop jobs to the cloud. You can
8
also use it for data mining and
analysis of cloud-based data.
9
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
8
9
10
11 Name two use cases for Cloud Dataflow.

12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
8
9
10
11 Name two use cases for Cloud Dataflow. ETL, orchestration

12
13
14
15
16
17
18
1 Cloud OnBoard
3
Quiz
5
8
9
10

12
13
14 Name three use cases for the Google

15
machine learning platform.
16
17
18
1 Cloud OnBoard
3
Quiz
5
8
9
10

12
13
14 Name three use cases for the Google Fraud detection, sentiment analysis,
15
machine learning platform. content personalization
16
17
18
1 Cloud OnBoard
3
More resources
5
6
Google Big Data Platform
7
https://cloud.google.com/products/big-data/
8
9 Google Machine Learning Platform

10 https://cloud.google.com/products/machine-learning/
11
12
13
14
15
16
17
18
1
3
<Start Training>
5
#GoogleCloudOnBoard
7
10
11
12
14
15
16
1
3
<Cloud OnBoard>
5
8
Closing Session
9
Continue learning with Google Cloud

10
11
12
13 </Cloud OnBoard>
14
15
16
Cloud OnBoard
1 month free access to Qwiklabs

Earn a badge and get a 2nd month free
1 Receive a follow up email after this event
2 Follow the link to Qwiklabs and enroll in a Quest
3 Create your Qwiklabs account if you don’t have

one already
4 Log in and take your first lab
5 Complete the Quest within a month, and get a

2nd month of free access to all the labs!
1 Free Course: Learn more about Architecting with Google Cloud Platform
2 Activate your free voucher now
3
5
Go to
1 https://www.coursera.org/promo/CloudOnBoardInfra
6
8 Activate voucher and sign

9
2 up for a free account
10
11 Enroll in Architecting with Google

3 Cloud Platform on Coursera
12
-Limited Time Offer
13
14 Explore other Courses at

15
Coursera.org/Googlecloud
16
Cloud OnBoard
Make Google Cloud certification your goal!
Find study guides, tips, practice

Associate Cloud Engineer exams, and testing sites
Deploys applications, monitors operations, and
maintains projects
Professional Cloud Architect

Designs, builds and manages solutions
Professional Data Engineer

Develops data processing systems and creates
machine learning models
cloud.google.com/certification
1 Cloud OnBoard
3
Google Cloud Developer Communities
5
6 Start or join a community near you

7 Connect with developers, DevOps,
8 IT pros and architects, through in
9
person meetups.
10
11
Train, share, and learn about the
12
latest features and newest updates
13
on Google Cloud.
14
15
[email protected]
16 cloud.google.com/community/meetups 50 chapters globally and growing
17
18
1 Cloud OnBoard
3
Complete the survey
5
10
11
12
13
14
15 http://bit.ly/virtualCP100
16
17
18
1 Cloud OnBoard
3
Don’t forget to pick up your certificate
of attendance
5
10
11
12
13
14
15
16
17
18
1 Cloud OnBoard
3
Complete the survey
5
10
11
12
13
14
15 http://bit.ly/virtualCP100
16
17
18

Google Cloud Onboard Core Infrastructure 3.28.2019 PDF

Uploaded by

Copyright:

Available Formats

Google Cloud Onboard Core Infrastructure 3.28.2019 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Google Cloud Onboard Core Infrastructure 3.28.2019 PDF

Uploaded by

Copyright:

Available Formats

What are some of the main services and products offered by Google Cloud?

What are some of the main services and products offered by Google Cloud?

What are some common use cases for businesses moving to the cloud?

What are some common use cases for businesses moving to the cloud?

1

Welcome to Cloud OnBoard

16 (‘Module 7’) Developing, Deploying, and Monitoring in the Cloud 04:00 PM

} Closing Session | Continue learning with Google Cloud 05:00 PM

To download a copy of this presentation, go to:

❖ 40,000+ people trained in 30+ countries across 6 continents

❖ Largest team of Google Cloud Platform Certified Instructors

❖ Helped more IT professionals achieve Google Cloud Platform

Businesses are moving to cloud for

While IT is modernizing at different speeds

Private Cloud/ Data Center Hybrid Cloud Public Cloud

Mobility & Devices

YEARS QUARTERS MONTHS

Aggregated data stored in cloud, with global query

BigData Internet of Things Machine Learning

2 What makes Google Cloud Different

11 Open Intelligent Collaborative Secure

Best in Class Products

Use the same tools, that power Google products

Products like BigQuery help you make best use of

Confidential & Proprietary 14

All our growth experience

All our innovation

Delivered engineer to engineer

Pricing for long term customer relationship

Gmail Drive Chrome

Photos YouTube Maps

Translate Cardboard Ads

Self Driving Car Data Center Alpha Go

Teams, mobility, devices

Connected business platforms

Infrastructure, storage, network

Teams, mobility, devices

APP COMPUTE KUBERNETES

BIG DATA MACHINE

Infrastructure, storage, network CLOUD

Security / Scale / Control

Source code Binary Web Application

Identity and Access Key Management

Purpose-built Purpose-built Purpose-built Purpose-built Purpose-built

Not an exhaustive list, refer: cloud.google.com/security

Meets you where you are…

Insecure devices, low Secure devices and

(SOA, ESB) Connected business platforms

Core apps, legacy Modernize apps, accelerate

Data in silos Deliver interactive analytics

Private Data Center Optimize in secure, fully

Security / Scale / Control

And helps you grow

API monetization, business VISION

Breakthrough customer Build global scale transaction

Predict business Democratize analytics

Global scale Scale globally with high

Security / Scale / Control

2 What makes Google Cloud Different