Scribd
Upload
80 views186 pages

007 GCP-ace

This document provides an overview of the Google Cloud Platform (GCP) Associate Cloud Engineer certification, including course details, costs, and essential topics covered. It emphasizes hands-on learning with over 90 labs, various GCP services, and the importance of understanding compute, storage, and networking options. Additionally, it outlines the exam format, registration process, and available resources for preparation.

Uploaded by

krishtejms
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
80 views186 pages

007 GCP-ace

This document provides an overview of the Google Cloud Platform (GCP) Associate Cloud Engineer certification, including course details, costs, and essential topics covered. It emphasizes hands-on learning with over 90 labs, various GCP services, and the importance of understanding compute, storage, and networking options. Additionally, it outlines the exam format, registration process, and available resources for preparation.

Uploaded by

krishtejms
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 186

GCP

Google Cloud

Associate Cloud Engineer

@ ANKIT MISTRY – GOOGLE CLOUD


Google Certified Associate
Cloud Engineer

@ ANKIT MISTRY – GOOGLE CLOUD


Associate Cloud Engineer
 Pay attention for 5 minutes, before we dive in.

 Challenging certification, and course is long so have patience.

 Good to have basic IT skill, but I will start from scratch in GCP

 Learn by Doing

 So with every exam objective, There is hand-on Lab – 90+

@ ANKIT MISTRY – GOOGLE CLOUD


GCP certifications

https://cloud.google.com/certification/guides/cloud-engineer

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Cost for this course
 $0 – for GCP account

 GCP Free trial

 $300 for next 3 months https://cloud.google.com/free

 Length: Two hours

 Registration fee: $125 (plus tax where applicable)

 Languages: English, Japanese, Spanish.

 Exam format: Multiple choice and multiple select,

@ ANKIT MISTRY – GOOGLE CLOUD


Udemy Tips

@ ANKIT MISTRY – GOOGLE CLOUD


ACE Exam Guide

@ ANKIT MISTRY – GOOGLE CLOUD


Create Free Tier GCP
Account

@ ANKIT MISTRY – GOOGLE CLOUD


What is GCP & Why

@ ANKIT MISTRY – GOOGLE CLOUD


WHAT IS GCP
 Suite of Cloud computing services offered by Google

 https://cloud.google.com

@ ANKIT MISTRY – GOOGLE CLOUD


WHY GCP
 Trust & Security
 Trust nothing by default

 Open Cloud Platform (Open API)


 https://cloud.google.com/open-cloud

 Global Network Infrastructure


 https://cloud.google.com/about/locations#network

 AI Driven Cloud
 https://cloud.google.com/products/ai

@ ANKIT MISTRY – GOOGLE CLOUD


GCP Regions & Zones

@ ANKIT MISTRY – GOOGLE CLOUD


Why Zones & Regions

 Low latency

 Follow Government rules


Singapore Singapore US West US West
 High availability Zone-a Zone-b Zone-a Zone-b

 Disaster recovery

@ ANKIT MISTRY – GOOGLE CLOUD


GCP (Zones & Region)
Fascinating Number: Google Is Now 40% Of The Internet (forbes.com)

 Zones – Independent data Center Global


Multi-regions
 Region – Geographical area Regions-1 Regions-2
Zone-a Zone-a
 Multi-region : Collection of Geographical
Zone-b Zone-b

 Global - Anywhere Zone-c Zone-c

Global Locations - Regions & Zones | Google Cloud

@ ANKIT MISTRY – GOOGLE CLOUD


1.1
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Creating Projects

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Assigning users to predefined IAM roles
within a project

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Managing users in cloud identity

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Identity

Cloud
Identity

Google Service G-Suite Cloud Identity Google


Account Account Domain Domain Group

@ ANKIT MISTRY – GOOGLE CLOUD


Enabling APIs within projects

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Provisioning one or more Stackdriver
workspaces

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


1.2
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Creating one or more billing accounts

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Linking projects to a billing account

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Establishing billing budgets and alerts

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Setting up billing exports to estimate
daily/monthly charges

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


1.3
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Installing and configuring the command
line interface (CLI), specifically the
Cloud SDK, Cloud Shell

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


2.1
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Planning and estimating GCP product use
using the Pricing Calculator

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


2.2
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Planning and configuring
compute resources.

 Different compute Options


 Compute Engine, Google Kubernetes Engine, App Engine, Cloud Run, Cloud Functions

 Selecting appropriate compute choices for a given workload

 Preemptible VMs

 Custom machine types

@ ANKIT MISTRY – GOOGLE CLOUD


Different Compute options
Compute  OS dependency
Engine
(GCE)
 Pass Solution – Fully Managed

Kubernetes
Cloud
Engine  Simple micro service
Function Different (GKE)
Compute  Event based trigger
Options
 Containerized App
App Engine
Cloud Run
(GAE)

@ ANKIT MISTRY – GOOGLE CLOUD


Google Compute Engine
 IAAS Solution

 Linux and windows based virtual machine

 Custom machine,
 RAM
 CPU
 Hard Drive

 Sustained & Committed Discount

@ ANKIT MISTRY – GOOGLE CLOUD


Google Kubernetes Engine
 Containerized applications

 Fully managed container orchestration

 Kubernetes = control plane + worker node

 Auto scaling, automatic upgrades

@ ANKIT MISTRY – GOOGLE CLOUD


Google App Engine
 PAAS solution

 Fully managed service

 Deploy web app at high scale

 Standard & Flexible Environment

 Flexible Environment use Docker.

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Run
 PAAS solution

 Containerized applications

 Best of (GAE + Container)

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Functions
 Server less

 Fully managed

 Build small micro service

 Event based trigger


 Http

 File upload etc.

@ ANKIT MISTRY – GOOGLE CLOUD


Selecting appropriate Compute options

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Start

NO Do you need IAAS Solution? Yes


OS Dependency
Custom Machine

No No
Containerized APP?
Event Driven?
Cloud Independent?
Yes Yes GAE

Require Orchestration?

Yes No GCE
GCF

GKE Cloud Run

@ ANKIT MISTRY – GOOGLE CLOUD


Preemptible VMs
 Just like Other virtual machine

 Workload is fault tolerant

 Not require 100% high availability

 80% discount

 max life is 24 hours

 Google give you 30 sec warning before auto shutdown

@ ANKIT MISTRY – GOOGLE CLOUD


Custom Machine Types

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


2.3
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Planning and configuring data
storage options

 Different Storage options


 Cloud Storage, Cloud SQL, BigQuery, Cloud Spanner, Cloud Bigtable

 Choosing storage options


 Standard, Nearline, Coldline, Archive

 Select proper storage options

@ ANKIT MISTRY – GOOGLE CLOUD


Data Storage options

Cloud SQL

DataStore Cloud
- FireStore Spanner

Different
Storage
Options
Cloud
Big Query
Storage

Big Table

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud SQL
 Fully managed RDBMS service
 MySQL

 PostgreSQL

 Microsoft SQL Server

 PAAS solution, managed alternative of VM with Database

 Security : can be provisioned inside VPC

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Spanner
 Relational database service

 Horizontal Scaling

 Best of relational and NoSQL databases

 Data is replicated synchronously strong consistency

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud BigTable
 Petabyte-scale, managed NoSQL

 Large-scale, low-latency

 billions of rows & thousands of columns

 Equivalent to Apache HBase column-oriented database

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud BigQuery
 It’s Data warehousing Solution

 Serverless

 Highly scalable

 Critical Query processing on petabyte scale data

 It has built in BI engine and ML capability

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Storage
 Object storage Solution
 Any kind of file (CSV, Image, Video, etc…)

 Scale to Exabyte's of data

 99.999999999% durability (https://uptime.is/)

 Store High frequency access data as well as low freq.

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Storage Location

Region Dual-region Multi-region


• Lowest latency within a • High availability and low • Highest availability across
single region latency across 2 regions continent area
• Replicated data across (Paired region)
multiple zone in single
region

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Storage Classes

Standard Nearline Coldline Archive


• High frequency • Low Frequency • Very low • Offline data
access access frequency to • backup
• Storage Costliest • Once in a 30 days access • Storage Cheapest
• Access cost is very • Cheaper than • Once in 90 days • Access cost very
low standard • Cheaper than high
• Low latency • Back up Nearline

@ ANKIT MISTRY – GOOGLE CLOUD


Select storage options

@ ANKIT MISTRY – GOOGLE CLOUD


2.4
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Planning and configuring
network resources

 Differentiating load balancing options

 Identifying resource locations in a network for availability

 Configuring Cloud DNS

@ ANKIT MISTRY – GOOGLE CLOUD


3.1
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Deploying and implementing
Compute Engine resources.
 Launching a compute instance using Cloud Console and Cloud SDK (gcloud) (e.g., assign disks,
availability policy, SSH keys)

 Creating an auto scaled managed instance group using an instance template

 Generating/uploading a custom SSH key for instances

 Assessing compute quotas and requesting increases

Configuring a VM for Stackdriver monitoring and logging

 Installing the Stackdriver Agent for monitoring and logging

@ ANKIT MISTRY – GOOGLE CLOUD


Launch your first Compute instance
using cloud console

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Launch your first Compute instance
using cloud Shell/SDK

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Attach Disk to existing VM

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Availability policy

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Assessing compute quotas and requesting
increases

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Generating/uploading a custom SSH key
for instances

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Instance Group & Load balancer

 Introduction to Instance Group

 Instance Template & Provision VM from template

 Provision Managed Instance Group

 Explore managed instance group

 Create HTTP Load balancer

@ ANKIT MISTRY – GOOGLE CLOUD


Instance Group
 Collection of VM instances

 Manage all instance group as single entity

 GCP offers 2 kinds of instance group.

 Managed instance group - MIG

 Unmanaged instance group

@ ANKIT MISTRY – GOOGLE CLOUD


Managed Instance Group
 All instance identical in nature

 Autoscaling, auto-healing, regional deployment, and auto updating

 Workload highly available and scalable

 VM instance can be created from instance template

 Can not change configuration of one VM

 Good for stateless workload like,


 Frontend of website

 Some image related operations

@ ANKIT MISTRY – GOOGLE CLOUD


Unmanaged Instance Group
 You need to manage instance yourself.

 Multiple heterogeneous VM instances.

 You can add, remove instance from group

 No Auto scaling, No auto-healing, regional deployment, and auto updating

@ ANKIT MISTRY – GOOGLE CLOUD


Instance template
 An instance template is a resource that you can use to create virtual machine (VM) instances and
managed instance groups (MIGs).

 Create VM from existing configuration.

 Compare like oops


 Instance template – class

 VM – Object

 No option to update

 Let’s create instance template

@ ANKIT MISTRY – GOOGLE CLOUD


Creating VM from instance template

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Creating an Managed instance group

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Explore managed instance group

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Create HTTP Load balancer

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Rolling Update - MIG

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


3.2
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Deploying and implementing Google
Kubernetes Engine resources

 Deploying a Google Kubernetes Engine cluster

 Deploying a container application to Google Kubernetes Engine using pods

 Configuring Google Kubernetes Engine application monitoring and logging

@ ANKIT MISTRY – GOOGLE CLOUD


Kubernetes
 Container orchestration engine GCP

 Open source
Clusters
 Features
Kubernetes
 Self healing

 Load balancer
Instances
 zero downtime

 Auto Scaling Pods

 Google created GKE – managed kubernetes services


Containers
@ ANKIT MISTRY – GOOGLE CLOUD
Kubernetes Cluster deployment
1. Create kubernetes cluster from Google cloud console

2. Deploy Workload

3. Create Docker images

4. Push it to container registry

5. Deploy docker image to cluster

6. Expose as services

@ ANKIT MISTRY – GOOGLE CLOUD


Configuring Google Kubernetes Engine
application monitoring and logging

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Explore Kubernetes

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Container Image repository

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Working with Nodepools

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Working with Pods & Services

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


3.3
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Deploying and implementing App Engine,
Cloud Run, and Cloud Functions resources

 Deploying an application, updating scaling configuration, versions, and traffic splitting

 Deploying an application that receives Google Cloud events (e.g., Cloud Pub/Sub events, Cloud
Storage object change notification events)

@ ANKIT MISTRY – GOOGLE CLOUD


Google App Engine

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Google App Engine

 PAAS solution

 Fully managed, no server management

 Http based web app

 Auto scaling

@ ANKIT MISTRY – GOOGLE CLOUD


Google App Engine

Google App
Engine

Standard Flexible
environment environment

https://cloud.google.com/appengine/docs/the-appengine-environments

@ ANKIT MISTRY – GOOGLE CLOUD


Google App Engine
GAE

Service Service

Version Version Version Version

Instance Instance Instance Instance Instance instance Instance Instance

@ ANKIT MISTRY – GOOGLE CLOUD


Google App Engine Demo

 Deploying application to App Engine


 Standard – Scale down to 0 instances

 Flexible – minimum 1 instance

 Auto scaling demo

 App versioning – canary deployment (Traffic splitting)

 Deploy another services

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Run

 Serverless – fully managed

 Containerized App

 Best of App Engine Standard + Container

 App versioning – canary deployment (Traffic splitting)

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Function

 Single purpose micro services

 Event based trigger


 Http

 Pub sub

 object upload in Cloud storage

 Deploy code as function

@ ANKIT MISTRY – GOOGLE CLOUD


Google Function

Pub Sub

HTTP

Cloud
Storage

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Function (Hands-on)

Http
Cloud Storage
Pubsub
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


3.4
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Deploying and implementing data
solutions.

 Initializing data systems with products (e.g., Cloud SQL, Cloud Datastore, BigQuery, Cloud
Spanner, Cloud Pub/Sub, Cloud Bigtable, Cloud Dataproc, Cloud Dataflow, Cloud Storage)

 Loading data (e.g., command line upload, API transfer, import/export, load data from Cloud
Storage, streaming data to Cloud Pub/Sub)

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Storage
 Object storage solution in GCP

 object resides inside bucket

 Location – Storage class (Standard, nearline, coldline, Archive)

 Object lifecycle

 Access control
 Fine grained - object level permission
 Uniform

 For temporary access – use signed URL

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Storage (Hands-on)

Create Bucket & upload object

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Storage (Hands-on)

Object Lifecycle

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Storage (Hands-on)

Access control

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Google Cloud Storage (Hands-on)

Signed URL

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud SQL

 Fully managed relational database service

 MySQL, PostgreSQL, SQL Server Support

 Vertical scalable

 99.95% SLA

 Support for both SSD & HDD

 Encryption, High availability, Failover, Read replicas, backup, Export etc…

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud SQL (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Spanner

 Fully managed mission critical relational database service

 Expensive

 Horizontal scalable for both read & write

 Regional & Multi regional

 99.999% SLA

 Scale to petabyte of data

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Spanner (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Memorystore
 Fully managed in-memory database

 99.9% SLA

 Only internal IP

 Redis and Memcached –supported

 Redis support persistence also

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Memorystore (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Datastore

 Highly scalable NoSQL database

 Document database like Mongo DB – flexible schema

 Automatic scaling

 Upto few TBs of data

 Tightly coupled with App Engine

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud firestore

 Next generation Datastore

 You can use in either datastore or firestore mode

 Multi device access – ios, web, Android

@ ANKIT MISTRY – GOOGLE CLOUD


Comparison with relational DB

Relational
Concept Datastore Firestore
database
Category of object Table Kind Collection group

One object Row Entity Document

Individual data for


Column Property Field
an object

Unique ID for an
Primary key Key Document ID
object

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Firestore (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Datastore (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud BigTable
 Wide column NoSQL database

 Petabyte scale

 Not Serverless

 Scale Horizontally

 Millions of transaction per seconds – Milliseconds latency

 HBase compatible

 No Multi row transactions

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud BigTable

Column Family 1 Column Family 2


Row ID
col1 col2 col3 col1 col2 col3

Column Family 2:col1

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Big table (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud BigQuery
 Data warehourse solution in GCP  Biquery can load data from various sources.
 CSV, JSON, Avro, SQL and many more
 Like Relational database – SQL schema

 Exabyte scale  Query is very expensive

 Query using  $5 approx. for 1 TB of data scanned

 Standard SQL  Before query execution do dry run.


 legacy SQL

 Big Query can query from external data source.


 Cloud storage, SQL, Big Table

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Big Query (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Dataflow

 Fully managed data processing service

 Apache beam inside GCP (Unified programming language for ETL)

 Batch + Stream processing

 Number of template are available

 If not use custom template


 Use Python, Java, SQL

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Dataflow (Hands-on)

PubSub BigQuery

Dataflow

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud DataProc

 Managed Hadoop & Spark inside GCP

 You can submit Spark, Hadoop job.

 DataProc – Demo

 Create DataProc cluster

 Submit Spark job to calculate Value of PI

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud PubSub

Application
DB

Application
DB

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud PubSub
 Fully-managed asynchronous messaging service

 Scale to billions of message per day

 Push & Pull way to access messages

Topic
 One to Many,
 Many to One,
 Many to Many
@ ANKIT MISTRY – GOOGLE CLOUD
Cloud Pubsub (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


3.5
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Deploying and implementing
networking resources.

 Creating a VPC with subnets (e.g., custom-mode VPC, shared VPC)

 Launching a Compute Engine instance with custom network configuration (e.g., internal-only IP
address, Google private access, static external and private IP address, network tags)

 Creating ingress and egress firewall rules for a VPC (e.g., IP subnets, tags, service accounts)

 Creating a VPN between a Google VPC and an external network using Cloud VPN

 Creating a load balancer to distribute application network traffic to an application (e.g., Global
HTTP(S) load balancer, Global SSL Proxy load balancer, Global TCP Proxy load balancer, regional
network load balancer, regional internal load balancer)

@ ANKIT MISTRY – GOOGLE CLOUD


Networking Resource
 VPC & Subnets

 CIDR

 VPC Firewall rules

 IP address – Static & ephemeral

 Default Network & Custom VPC

 Shared VPC & Network Peering

 VM IP address

 Cloud Load balancing

@ ANKIT MISTRY – GOOGLE CLOUD


VPC & Subnets
 No Network -> No Cloud VPC

 Virtual version of a physical network Subnet-1 Subnet-2


 To isolate resources

 VPC are global

 Placeholder to keep all your resources

 No IP are associated with VPC DB

 VPC must have atleast one subnet

@ ANKIT MISTRY – GOOGLE CLOUD


VPC & Subnets
 Subnet has IP ranges VPC

Expressed as CIDR notation


Subnet-1 Subnet-2
 With every project default VPC
 Contains subnet in each region

 Types of VPC
Firewall
 Auto mode
DB
 Custom mode

@ ANKIT MISTRY – GOOGLE CLOUD


CIDR notation
Classless Inter-Domain Routing 123.52.36.0
123.52.36.1

123.52.36.47 123.52.36.2
123.52.36.3
123.52.36.4
123.52.36.5 123.52.36.0 24
123.52.36.6
123.52.36.7
123.52.36.8
123.52.36.9 123.52.36.0/24

123.52.36.10
123.52.36.11

@ ANKIT MISTRY – GOOGLE CLOUD


CIDR notation
123.52.36.0
123.52.36.0/24 123.52.36.1
123.52.36.2
123.52.36.3
123.52.36.4
||
||
||
||
||
123.52.36.254
123.52.36.255
CIDR Notation

123.52.36.0/28 28 bits are fixed 4 bits are variable Total IP address – 24 = 16

123.52.36.0/31 31 bits are fixed 1 bit is variable Total IP address – 21 = 2

0.0.0.0/32 32 bits are fixed 0 bits are variable Total IP address – 20 = 1

0.0.0.0/0 0 bits are fixed 32 bits are variable Total IP address – 232
= 4,294,967,296

@ ANKIT MISTRY – GOOGLE CLOUD


Firewall rules
 Trust nothing by default

 Some default rule :


 Allow all outgoing traffic - egress

 Deny all incoming traffic - ingress

 Rule has priority number : (0-65535)


 Lower the number higher priority

 Common port/protocol
 22 – SSH, 3389 - RDP

 ICMP – ping

 80 - HTTP/HTTPS

@ ANKIT MISTRY – GOOGLE CLOUD


Types of IP

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Internal IP – External IP

External IP
123.52.36.52
10.0.0.1 10.0.0.2

INTERNET Internel IP

DB

@ ANKIT MISTRY – GOOGLE CLOUD


Static vs ephemeral IP
 Ephemeral IP
 Short Lived

 Changes after VM restarts

 Static IP
 Not Free

 Constant – Can be exposed to outside

@ ANKIT MISTRY – GOOGLE CLOUD


VPC & Subnet (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Shared VPC
 Host Project - Shared VPC Org

 Multiple Service Project


Project - 1 Project - 2
 Large organization use shared VPC

 Max Host project – 100

 Max Service Project – up to 100

 Shared VPC is only available for projects within


an organization node only

@ ANKIT MISTRY – GOOGLE CLOUD


VPC peering

VPC - 1 VPC - 2

@ ANKIT MISTRY – GOOGLE CLOUD


VPC Peering(Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


3.6
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Deploying a solution using Cloud
Marketplace.

 Browsing Cloud Marketplace catalog and viewing solution details

 Deploying a Cloud Marketplace solution

@ ANKIT MISTRY – GOOGLE CLOUD


Browsing Cloud Marketplace catalog and
viewing solution details

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Deploying a Cloud Marketplace solution

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


3.7
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Deploying application infrastructure
using Cloud Deployment Manager.

 Developing Deployment Manager templates

 Launching a Deployment Manager template

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Deployment Manager
 Infrastructure as code

 Create and manage cloud resources with simple templates

resources:
- name : bucketname
type : storage.v1.bucket Config.yaml
properties :
storageClass : STANDARD

https://cloud.google.com/deployment-manager/docs/configuration/supported-resource-types

@ ANKIT MISTRY – GOOGLE CLOUD


4.1
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Managing Compute Engine
resources.
 Managing a single VM instance (e.g., start, stop, edit configuration, or delete an instance)

 SSH/RDP to the instance

 Attaching a GPU to a new instance and installing CUDA libraries

 Viewing current running VM inventory (instance IDs, details)

 Working with snapshots (e.g., create a snapshot from a VM, view snapshots, delete a snapshot)

 Working with images (e.g., create an image from a VM or a snapshot, view images, delete an image)

 Working with instance groups (e.g., set autoscaling parameters, assign instance template, create an instance
template, remove instance group)

 Working with management interfaces (e.g., Cloud Console, Cloud Shell, GCloud SDK)

@ ANKIT MISTRY – GOOGLE CLOUD


Managing a single VM instance

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


RDP to Windows machine

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Viewing current running VM inventory
(instance IDs, details)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Snapshots
 Disk backup

 Create while instance are running

 Snapshot are incremental

 Use within same project only

 Smaller in size

@ ANKIT MISTRY – GOOGLE CLOUD


Custom Images
 Complete clone of virtual machine

 Can not Create while instance are running

 Images are always complete copy – bigger in size

 Available to use for other project also

@ ANKIT MISTRY – GOOGLE CLOUD


Attaching a GPU to a new instance and
installing CUDA libraries

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


@ ANKIT MISTRY – GOOGLE CLOUD
4.2
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Managing Google Kubernetes
Engine resources
 Viewing current running cluster inventory (nodes, pods, services)

 Browsing the container image repository and viewing container image details

 Working with node pools (e.g., add, edit, or remove a node pool)

 Working with pods (e.g., add, edit, or remove pods)

 Working with services (e.g., add, edit, or remove a service)

 Working with stateful applications (e.g. persistent volumes, stateful sets)

 Working with management interfaces (e.g., Cloud Console, Cloud Shell, Cloud SDK)

@ ANKIT MISTRY – GOOGLE CLOUD


4.3
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Managing App Engine and Cloud
Run resources.
 Adjusting application traffic splitting parameters

 Setting scaling parameters for autoscaling instances

 Working with management interfaces (e.g., Cloud Console, Cloud Shell, Cloud SDK)

@ ANKIT MISTRY – GOOGLE CLOUD


4.4
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Managing storage and database
solutions.
 Moving objects between Cloud Storage buckets

 Converting Cloud Storage buckets between storage classes

 Setting object life cycle management policies for Cloud Storage buckets

 Executing queries to retrieve data from data instances (e.g., Cloud SQL, BigQuery, Cloud Spanner, Cloud
Datastore, Cloud Bigtable)

 Estimating costs of a BigQuery query

 Backing up and restoring data instances (e.g., Cloud SQL, Cloud Datastore)

 Reviewing job status in Cloud Dataproc, Cloud Dataflow, or BigQuery

 Working with management interfaces (e.g., Cloud Console, Cloud Shell, Cloud SDK)

@ ANKIT MISTRY – GOOGLE CLOUD


4.5
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Managing networking
resources
 Adding a subnet to an existing VPC

 Expanding a subnet to have more IP addresses

 Reserving static external or internal IP addresses

 Working with management interfaces (e.g., Cloud Console, Cloud Shell, Cloud SDK)

@ ANKIT MISTRY – GOOGLE CLOUD


4.6
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Monitoring and logging.
 Creating Stackdriver alerts based on resource metrics

 Creating Stackdriver custom metrics

 Configuring log sinks to export logs to external systems (e.g., on-premises or BigQuery)

 Viewing and filtering logs in Stackdriver

 Viewing specific log message details in Stackdriver

 Using cloud diagnostics to research an application issue (e.g., viewing Cloud Trace data, using Cloud Debug
to view an application point-in-time)

 Viewing Google Cloud Platform status

 Working with management interfaces (e.g., Cloud Console, Cloud Shell, Cloud SDK)

@ ANKIT MISTRY – GOOGLE CLOUD


Operations

Operations

Error
Monitoring Logging Trace Debugger Profiler
reporting

@ ANKIT MISTRY – GOOGLE CLOUD


Monitoring
 Single Place to monitor all your resources.

 Is my application is running fine ??

 CPU Utilization or Network Traffic sufficient ??

 Measure different Metrics


 CPU, Disk, Network etc…

 Monitor GCP project as well as AWS Project

 Create Alert based on condition

@ ANKIT MISTRY – GOOGLE CLOUD


Explore Monitoring tool

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Monitoring agent
 Optional but recommended

 To access additional system resources and application services

 Cloud Monitoring agent


 https://cloud.google.com/monitoring/agent/monitoring/installation

@ ANKIT MISTRY – GOOGLE CLOUD


Uptime check & Alerting
(Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Uptime check & Alerting
 Create VM Instance – allow http

 Deploy Hello world app

 Create uptime check

 Create Alert

 Stop VM or Shutdown app

 Check Email as Alert

 Observe incident

 Start App Again

 Close incident & check alerting email


@ ANKIT MISTRY – GOOGLE CLOUD
Cloud Logging
 Log Management tool

 Fully managed

 Massive volume of data can be store

 Is it free ?

@ ANKIT MISTRY – GOOGLE CLOUD


Types of Logging

Admin activity System Event Data Access Policy Denied


Logs Logs Logs Logs
By Default Not By Default Not
By Default Enabled By Default Enabled
Enabled Enabled

400 days 400 days 30 days 30 days

Free Free Not Free Not Free

Create VM, Delete Create Object in


VM Migration Security violation
VM Bucket

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Logging (Hands-on)

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Logging Agent
 More logs needs to capture

 Cloud Logging agent


 https://cloud.google.com/logging/docs/agent/logging/installation

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Trace
 Google App Engine, Load balancer

 With each service – provide latency report

 near realtime

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Debugger
 Live debugging

 Inspect App without stopping it

 Supported language – Java, Python, Go, PHP, .NET core etc…

@ ANKIT MISTRY – GOOGLE CLOUD


Cloud Platform
Status
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


5.1
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Managing identity and access
management (IAM)
 Viewing IAM role assignments

 Assigning IAM roles to accounts or Google Groups

 Defining custom IAM roles

@ ANKIT MISTRY – GOOGLE CLOUD


Viewing IAM role assignments

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


5.2
BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Managing service accounts.
 Managing service accounts with limited privileges

 Assigning a service account to VM instances

 Granting access to a service account in another project

@ ANKIT MISTRY – GOOGLE CLOUD


Managing service accounts with
limited privileges

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Assigning a service account to VM
instances

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


Granting access to a service
account in another project

BY ANKIT MISTRY

@ ANKIT MISTRY – GOOGLE CLOUD


THANK YOU

@ ANKIT MISTRY – GOOGLE CLOUD

You might also like