1. Google Cloud Fundamentals
Google Cloud Platform (GCP) is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, Gmail, and YouTube. GCP offers a wide range of services, including computing, storage, machine learning, big data analytics, networking, and security.
Key GCP Concepts:
- Regions and Zones: GCP resources are organized into regions and zones. A region is a specific geographical location, and each region has one or more isolated locations known as zones. Resources can be deployed within a zone or across multiple zones for high availability.
- Example: us-central1 (region), us-central1-a (zone).
- Projects: GCP resources are organized under projects. A project serves as a container for billing, APIs, and other settings. Each project has:
- Project ID: Unique identifier for the project.
- Project Number: A unique number assigned automatically by GCP.
- Project Name: A user-friendly name that you can change.
- Billing Accounts: Google Cloud offers a pay-as-you-go model. Billing accounts are linked to projects, and costs are tracked at the project level.
- Service Accounts: Service accounts allow applications to authenticate and interact with GCP services. They are used to run API calls and perform actions on behalf of an application, service, or VM.
GCP IAM (Identity and Access Management):
IAM provides the ability to manage access control by defining who (identity) has what access (role) for which resource.
- Principals: Can be users, service accounts, or groups that interact with GCP resources.
- Roles: Define a collection of permissions.
- Primitive Roles: Basic roles like Owner, Editor, and Viewer.
- Predefined Roles: More granular roles specific to a service (e.g., Compute Instance Admin).
- Custom Roles: You can create custom roles to provide specific permissions.
2. GCP Compute Services
Google Compute Engine (GCE):
Google Compute Engine (GCE) is an Infrastructure as a Service (IaaS) that allows you to create and run virtual machines (VMs) on Google’s infrastructure.
Key Concepts:
- VM Instances: GCE allows you to deploy virtual machines with a variety of operating systems. You can configure the CPU, memory, and storage capacity.
- Instance Templates: Predefined configurations that allow you to quickly launch VMs with specific settings.
- Preemptible VMs: Cost-effective instances that are short-lived and can be terminated by GCP at any time (ideal for batch jobs).
Common Operations:
- Create a VM Instance (CLI):
gcloud compute instances create my-instance \
--zone=us-central1-a \
--machine-type=n1-standard-1 \
--image-family=debian-9 \
--image-project=debian-cloud
gcloud compute ssh my-instance --zone=us-central1-a
- Stopping and Starting an Instance:
gcloud compute instances stop my-instance --zone=us-central1-a
gcloud compute instances start my-instance --zone=us-central1-a
Google Kubernetes Engine (GKE)
Google Kubernetes Engine (GKE) is a managed service for running containerized applications using
Kubernetes. It automates tasks like provisioning, managing, and scaling Kubernetes clusters.
Key Concepts:
- Clusters: A set of worker machines, or nodes, that run containerized applications.
- Pods: The smallest deployable units in Kubernetes that can contain one or more containers.
- Node Pools: Groups of nodes within a cluster that share the same configuration (machine type, etc.).
Common Operations:
gcloud container clusters create my-cluster \
--zone us-central1-a \
--num-nodes=3
- Deploy an Application to GKE:
kubectl create deployment nginx --image=nginx
kubectl expose deployment nginx --port=80 --type=LoadBalancer
kubectl scale deployment nginx --replicas=5
Google App Engine (GAE):
Google App Engine (GAE) is a Platform as a Service (PaaS) that allows developers to build and deploy applications without worrying about infrastructure. GAE supports a variety of programming languages, including Python, Java, Go, PHP, and Node.js.
Key Concepts:
- Standard Environment: Auto-scaling, sandboxed runtime environments for web applications.
- Flexible Environment: Allows custom runtimes and full access to the underlying infrastructure.
Common Operations:
- Set App Engine as Default:
Google Cloud Functions:
Google Cloud Functions is a serverless compute service that lets you run event-driven functions. It is ideal for short-lived, stateless functions triggered by events such as HTTP requests, pub/sub messages, or file changes.
Key Concepts:
- Triggers: Events that invoke the function (HTTP requests, Cloud Storage events, etc.).
- Runtime: Supported programming languages like Node.js, Python, Go, and Java.
Common Operations:
gcloud functions deploy my-function \
--runtime nodejs10 \
--trigger-http \
--allow-unauthenticated
gcloud functions call my-function --data '{"message":"Hello, world!"}'
3. GCP Storage Services
Google Cloud Storage (GCS):
Google Cloud Storage is an object storage service designed to store and retrieve any amount of data. It’s similar to AWS S3 and is commonly used for storing media files, backups, and big data.
Key Concepts:
- Buckets: Containers for storing objects (files).
- Objects: The files stored in Cloud Storage.
- Storage Classes: Defines the availability and pricing of storage.
- Standard: Optimized for “hot” data.
- Nearline: Low-cost, for infrequently accessed data.
- Coldline: Lower cost, for rarely accessed data.
- Archive: The lowest cost, for archival storage.
Common Operations:
- Upload a File to a Bucket:
gsutil cp my-file.txt gs://my-bucket
gsutil acl ch -u AllUsers:R gs://my-bucket/my-file.txt
Persistent Disks (PD):
Persistent Disks are block storage for use with GCE instances. They come in different types depending on performance and cost needs:
- Standard Persistent Disks: Lower-cost, HDD-backed block storage.
- SSD Persistent Disks: Higher performance, SSD-backed block storage.
Common Operations:
- Create a Persistent Disk:
gcloud compute disks create my-disk --size=200GB --zone=us-central1-a
gcloud compute instances attach-disk my-instance --disk=my-disk --zone=us-central1-a
Google Cloud Filestore:
Google Cloud Filestore provides fully-managed file storage, which can be mounted to Google Compute Engine VMs or Kubernetes clusters. It is optimized for file-based applications and supports the NFS protocol.
Common Operations:
- Create a Filestore Instance:
gcloud filestore instances create my-filestore \
--zone=us-central1-a \
--tier=STANDARD \
--file-share=name="my-share",capacity=1TB \
--network=name="default"
sudo mount -o nfsvers=4.1 -t nfs [IP_ADDRESS]:/my-share /mnt/my-mount
4. GCP Networking Services
VPC (Virtual Private Cloud):
VPC is a virtual network that allows you to define your own IP ranges, subnets, and configure routing rules for GCP resources.
Key Concepts:
- Subnets: Subdivides the VPC into smaller networks.
- Routes: Controls how traffic is directed within the VPC.
- Firewall Rules: Configures security rules to allow/deny traffic based on source IP, protocol, and port.
Common Operations:
gcloud compute networks create my-vpc --subnet-mode=custom
gcloud compute networks subnets create my-subnet \
--network=my-vpc \
--region=us-central1 \
--range=10.0.1.0/24
gcloud compute firewall-rules create allow-ssh \
--network=my-vpc \
--allow=tcp:22 \
--source-ranges=0.0.0.0/0
Cloud Load Balancing:
Google Cloud Load Balancing is a fully-distributed, software-defined managed service that supports HTTP(S), TCP/SSL, and UDP traffic. It allows you to distribute traffic across multiple backends (VMs, containers, etc.).
Common Operations:
- Create a Load Balancer: Load balancing setup requires a combination of backend services, health checks, and frontends.
gcloud compute backend-services create my-backend \
--protocol=HTTP --port-name=http --global
gcloud compute url-maps create my-map --default-service=my-backend
gcloud compute target-http-proxies create my-proxy \
--url-map=my-map
gcloud compute forwarding-rules create my-forwarding-rule \
--global --target-http-proxy=my-proxy --ports=80
Cloud Interconnect:
Cloud Interconnect provides a physical connection between your on-premises network and Google Cloud’s infrastructure, allowing you to extend your on-prem network to GCP securely.
Key Concepts:
- Dedicated Interconnect: Provides a dedicated physical connection between your on-prem network and Google.
- Partner Interconnect: Connects your network to GCP via supported service providers.
Common Operations:
- Create a Dedicated Interconnect: (Done via GCP Console by creating interconnect attachments and requesting a dedicated circuit.)
5. GCP Database Services
Cloud SQL:
Google Cloud SQL is a fully-managed relational database service that supports
MySQL,
PostgreSQL, and
SQL Server.
Common Operations:
- Create a Cloud SQL Instance:
gcloud sql instances create my-instance --database-version=MYSQL_8_0 --tier=db-f1-micro --region=us-central1
- Connect to a Cloud SQL Instance:
gcloud sql connect my-instance --user=root
Cloud Spanner:
Cloud Spanner is a fully-managed, scalable, and globally distributed relational database that supports strong consistency and SQL queries.
Key Concepts:
- Regional and Multi-Regional Configurations: Allows you to deploy Cloud Spanner databases in a single region or across multiple regions for high availability.
Common Operations:
- Create a Spanner Instance:
gcloud spanner instances create my-instance \
--config=regional-us-central1 \
--nodes=1 \
--description="My Spanner Instance"
5.3. Firestore and Datastore
Google Firestore (formerly Datastore) is a NoSQL document database that simplifies data storage for web and mobile applications.
Common Operations:
- Create a Firestore Database:
gcloud firestore databases create --region=us-central
- Insert a Document (via SDK):
db.collection('users').doc('alovelace').set({
first: 'Ada',
last: 'Lovelace',
born: 1815
});
6. GCP Monitoring and Management
Google Cloud Monitoring:
Google Cloud Monitoring provides visibility into the performance, uptime, and overall health of GCP resources.
Common Operations:
- Set up Monitoring for a GCE Instance:
gcloud beta monitoring policies create \
--display-name="Instance CPU Monitoring" \
--conditions="[{
'displayName': 'High CPU Usage',
'conditionThreshold': {
'filter': 'metric.type="compute.googleapis.com/instance/cpu/utilization" resource.type="gce_instance"',
'comparison': 'COMPARISON_GT',
'thresholdValue': 0.9
}
}]"
- Create a Custom Dashboard: (Can be created using the GCP Console in the Monitoring > Dashboards section.)
Google Cloud Logging:
Cloud Logging allows you to store, search, analyze, and monitor log data from applications running on GCP.
Common Operations:
gcloud logging read "resource.type=gce_instance AND logName=projects/my-project/logs/syslog" --limit 5
- Export Logs to Cloud Storage:
gcloud logging sinks create my-sink storage.googleapis.com/my-bucket --log-filter='logName="projects/my-project/logs/syslog"'
7. GCP Security and Compliance
Security Best Practices:
- Use IAM Roles: Apply the principle of least privilege by granting users only the roles and permissions they need.
- Service Accounts: Use service accounts to allow applications to authenticate with GCP securely.
- Firewall Rules: Implement least-privilege firewall rules to control inbound and outbound traffic.
- VPC Peering: Use VPC peering for secure internal communications between VPCs.
Google Cloud Armor:
Cloud Armor protects applications against Distributed Denial of Service (DDoS) attacks and other threats.
Common Operations:
- Create a Cloud Armor Security Policy:
gcloud compute security-policies create my-policy --description="My Security Policy"
gcloud compute security-policies rules create 1000 \
--security-policy=my-policy \
--expression="origin.ip == '1.2.3.4'" \
--action="allow"
8. Pricing and Billing
Pricing Models:
- Pay-as-You-Go: Most GCP services are billed based on actual usage (e.g., compute time, storage space, or API requests).
- Sustained Use Discounts: Automatically applied discounts based on the sustained use of certain resources (like VMs).
- Committed Use Contracts: Allow you to commit to using a specific amount of resources in exchange for discounted pricing.
Cost Management:
- Budgets and Alerts: Set budgets for your GCP projects and configure alerts to be notified when costs exceed the budget.
- Billing Reports: View detailed billing reports and usage data in the Google Cloud Console.
9. Conclusion
Google Cloud Platform (GCP) offers a broad range of services that cater to diverse computing needs, from infrastructure services like Compute Engine and Kubernetes Engine to data analytics services like BigQuery and machine learning services like AI Platform. It’s provides an extensive overview of GCP’s core services, but it’s crucial to dive deeper into individual topics as you prepare for GCP.
By mastering these services and following GCP best practices, you can build, deploy, and manage scalable, secure, and high-performance applications in the cloud, making the most of GCP’s powerful infrastructure and tools.
