Module 3

Lecture 4
Google Cloud
Services
Google Cloud Services

Google Cloud consists of a set of physical assets and virtual

resources that are contained in data centers around the globe.

Each data center location is in a region - each region is a

collection of zones - each zone is identified by a unique name
(For example: asia-east1-a)

This distribution of resources provides several benefits,

including redundancy in case of failure and reduced latency by
Google Cloud Services
Google Compute Engine
(GCE)
Google Cloud Compute, officially known as Google Compute
Engine (GCE), is a part of Google Cloud Platform (GCP).

It's an Infrastructure as a Service (IaaS) offering that provides

virtual machines (VMs) running on Google’s infrastructure.

It provides a scalable number of virtual machines to serve as

large compute cluster.
Google Compute Engine
(GCE)
GCE can be managed through a RESTful application program
interface (API), command line interface or web console.

Compute Engine pricing is on a pay-per-

usage basis with a one minute minimum, charged on a
per-second basis.
Google Compute Engine
types
Two Types: Predefined and Custom machines
Users can choose from predefined machine types
optimized for specific workloads or create custom machine
types with specific amounts of CPU and memory to suit their
needs.

Each predefined machine type has a fixed combination of

virtual CPUs (vCPUs) and memory. For example, the n1-
standard-4 predefined machine type consists of 4 vCPUs and
Google Compute Engine
(GCE)
It is suitable for many general-purpose and memory-intensive
applications. It is convenient, as users can simply select the
desired configuration without having to specify individual vCPU
and memory values.

Custom machine types allow users to create machine types

with a specific number of vCPUs and memory that best suit
their workloads. This flexibility enables users to fine-tune
the virtual machine's resource allocation to optimize
Google Compute Engine
(GCE)
For example, a user can create a custom machine type with 8
vCPUs and 32 GB of memory.

It is useful for workloads that have specific resource

requirements or do not fit well into the predefined machine
types.
Key Features

1. Virtual Machines: GCE allows users to create and run customizable

virtual machines, either Linux or Windows-based, on Google's
infrastructure.
2. Predefined and Custom Machine Types: Users can choose
from predefined machine types optimized for specific workloads or
create custom machine types with specific
amounts of CPU and memory to suit their needs.
3. Scalability: GCE supports the scaling of virtual machines
vertically (by increasing resources) and horizontally (by adding more
instances) to meet the demands of your application.
Key Features

[Link] Load Balancing: It offers integrated load balancing services

that can distribute traffic across multiple virtual machines across
different regions, ensuring high availability and redundancy.
[Link]: GCE provides strong security features, including encryption
at rest, Identity and Access Management (IAM), and integration with
Google Cloud’s security services.
[Link]: GCE can automatically adjust the number of virtual
machines in response to changing workloads, helping to manage costs
and ensure performance.
[Link]: GCE includes advanced networkingcapabilities,
Machine type families

[Link]-purpose machines are used for Day-to-day computing at a lower cost

and for balanced price/performance across a wide range of VM.
Example usecase includes web serving, app serving, back office applications,
databases, cache, media-streaming, microservices, virtual desktops, development
environments.

[Link]-Optimized machine are recommended for ultra high-memory

workloads such as in-memory analytics and large in-memory databases such as SAP
HANA
Machine type families

[Link]-Optimized machines are recommended for ultra high

performance workloads such as High Performance Computing (HPC),
Electronic Design Automation (EDA), gaming, video transcoding, single-threaded
applications.

[Link]-Optimized machines are optimized for high performance

computing workloads such as Machine learning (ML), Massive parallelized
computations and High Performance Computing (HPC)
How does it work?
 Create a VM instance using a boot disk image, a boot disk snapshot, or a
container image. The image can be a public operating system (OS) image or
a custom one.
 Define the zone of the virtual machine to be created.
 Define the machine type (cpu and memory)
 Use snapshot schedules (hourly, daily, or weekly) to back up your Compute
Engine workloads.
 Compute Engine offers live migration to keep your virtual machine instances
running even when software or hardware update occurs.
How does it work?
 The running instances can be migrated to another host in the
same zone.
 Support for High Availability (HA) Compute Engine - offers
automatic failover
 Managed instance groups (MIGs) help keep the instances running
by automatically replicating instances from a predefined image.
 Autohealing health checks - If an application is not responding on a VM, the
auto healer automatically recreates that VM for you.
 Regional MIGs spread app load across multiple zones to protect
How does it work?
 Compute Engine offers autoscaling to automatically add or
remove VM instances from a managed instance group based
on increases or decreases in load.
 Define the autoscaling policy for automatic scaling based on the
measured load, CPU utilization, requests per second or other metrics.
 Predictive autoscaling - Compute Engine forecasts future load based
on
your Managed Instance Group’s (MIG) history and scales it out in advance
of predicted load
How does it work?
Pricing
 Advantage on pricing - Sustained use saving are automatic discounts applied
for running instances
 Committed use discounts
 Right size recommendations
 Pre-emptible VM’s
How does it work?
Security
 Identity and Access Management (IAM) lets administrators authorize
who can take action on specific resources
 Use of VPC networks
 Trusted Images Policy
 All VM families are Shielded VMs
Google App
Engine
Google App Engine
Google App Engine is a fully managed serverless platform provided by Google
Cloud that allows developers to build and deploy scalable web applications and
APIs.

It handles all the work of uploading and running the code on Google Cloud.

GAE's flexible environment provisions all the necessary infrastructure based on

the CPU and memory requirements specified by the developer.
Google App Engine
GAE supports automatic scaling for web applications, allocating more resources
to the web application as the amount of requests increases.

Applications written in Go, PHP, Java, Python, [Link], .NET, and Ruby are
supported by the App Engine.

It provides a wide range of developer tools to simplify app development, testing,

debugging, deployment and performance monitoring.
Google App Engine
GAE is ideal for applications designed using a microservices architecture, a
development paradigm where an application consists of multiple small, loosely
coupled services that can communicate with each other.

GAE will provision all the required servers and also scale app instances based
on demand.
Users can route traffic to different application versions to A/B test them and see
which version performs better under various workloads.
Key Features
• Managed Infrastructure: App Engine handles the infrastructure, including server
management, load balancing, and scaling, allowing developers to focus on writing code.
• Automatic Scaling: The platform automatically scales your application based on the
traffic, ensuring that it can handle spikes and reduce costs during low-traffic periods.
• Supports Multiple Languages: App Engine supports various programming languages,
including Python, Java, [Link], Go, Ruby, PHP, and .NET. It also allows custom
runtimes if you need to use a different language or framework.
• Integrated Development Tools: App Engine integrates with popular development tools
and CI/CD pipelines, making it easier to develop, test, and deploy applications.
Key Features
Security Features: Google App Engine offers built-in security features, including
authentication and authorization, to help protect your applications.
Flexible Environment: You can choose between a Standard Environment, which is ideal for
stateless applications with quick startup times, and a Flexible Environment, which is more
suited for complex applications with longer startup times and the need for custom libraries.
Versioning and Rollbacks: App Engine supports versioning, allowing you to deploy multiple
versions of your application and roll back to previous versions if necessary.
Built-in Monitoring and Logging: The platform integrates with Google Cloud's monitoring
and logging services, giving you insight into your application's performance and health.
Google App Engine
Architecture
How is Google App
Engine used?
1. Create a GAE account,
2. Set up an SDK
3. Write application source code using any programming languages,
libraries and frameworks.
4. Use GAE tools to test and deploy the code in the cloud
An overview of App
Engine
 An App Engine app is made up of a single application resource that consists
of one or more services.
 Each service can be configured to use different runtimes and to operate with
different performance settings.
 Within each service, deploy versions of that service. Each version then runs
within one or more instances, depending on how much traffic you configured
it to handle.
Components of an
application
Components of an
application
 App Engine app is created under the Google Cloud project when you create
an application resource
 The App Engine application is a top-level container that includes the service,
version, and instance resources that make up your app.
 When an App Engine app was created, all the resources are created in the
region that you choose, including your app code along with a collection of
settings, credentials, and your app's metadata.
Components of an
application
 Each App Engine application includes at least one service, the default
service, which can hold many versions, depending on your app's billing
status.
 Services in App Engine are the logical components of the large App that can
securely share App Engine features and communicate with one another.
 One can run their whole app in a single service or can design and deploy
multiple services to run as a set of microservices.
Components of an
application
For example, an app that handles the customer requests might include separate services that
each handle different tasks, such as:
 API requests from mobile devices
 Internal, administration-type requests
 Backend processing such as billing pipelines and data analysis
 Each service in App Engine consists of the source code from your app and the
corresponding App Engine configuration files.
 The set of files that you deploy to a service represent a single version of that service and
each time that you deploy to that service, you are creating additional versions within that
same service.
Components of an
application
Versions
Multiple versions of the app within each service allows to quickly switch
between different versions of that app for rollbacks, testing, or other temporary
events.

Route all traffic to a specific version of the app by "migrating traffic" or route to
multiple versions of the app by "splitting traffic"
Components of an
application
Instances
 The versions within your services run on one or more instances.
 By default, App Engine scales your app to match the load.
 This apps will scale up the number of instances that are running to provide
consistent performance, or scale down to minimize idle instances and
reduces costs.
 In the App Engine flexible environment, instances are backed by Compute
Engine resources such as disk, CPU, and memory.
Components of an
application
Application requests
 Each of the app's services and each of the versions within those services must
have a unique name.
 Those unique names are used to target and route traffic to specific resources
using URLs.
 Incoming user requests are routed to the services or versions that
are configured to handle traffic
 It can also target and route requests to specific services and versions
Benefits
• Reduced Operational Overhead: Since Google manages the infrastructure, you can focus
on coding rather than server management.
• Scalability: The automatic scaling feature ensures that your application can handle varying
levels of traffic without manual intervention.
• Global Reach: Your applications can be deployed across multiple regions, ensuring low
latency for users worldwide.
• Cost Efficiency: You only pay for the resources your application uses, with the ability to
scale down during low traffic periods.
Usecases
• Web Applications: Ideal for developing scalable web applications that
can grow as your user base expands.
• APIs: Perfect for building and deploying APIs that need to handle high traffic
with minimal latency.
• Mobile Backends: App Engine can be used to develop backends for mobile
applications, providing a reliable and scalable platform.
Google Kubernetes
Engine
Google Kubernetes
Engine
• GKE is a managed Kubernetes service offered by Google Cloud.
• GKE provides a managed environment for deploying, managing, and scaling
your containerized applications using Google infrastructure.
• It is an open source container management and orchestration
platform developed by Google.
Google Container Engine
Organizations use GKE to automate and manage container deployment and
orchestration tasks, such as the following:
• create or resize clusters;
• create pods, replication controllers, jobs, services or load balancers;
• resize application controllers; and
• update, upgrade and debug clusters.
Users can interact with GKE using the Google Cloud command-line interface or
the Google Cloud Console.
Google Container Engine
Organizations use GKE to automate and manage container deployment and
orchestration tasks, such as the following:
• create or resize clusters;
• create pods, replication controllers, jobs, services or load balancers;
• resize application controllers; and
• update, upgrade and debug clusters.
Users can interact with GKE using the Google Cloud command-line interface or
the Google Cloud Console.
GKE cluster architecture
GKE cluster architecture
 A GKE cluster consists of a control plane and worker machines called nodes.
 The control plane and nodes make up the Kubernetes cluster
orchestration system.
 GKE Autopilot manages the entire underlying infrastructure of
clusters, including the control plane, nodes, and all system components.
 Under GKE Standard mode, GKE manages the control plane and
system components, and you manage the nodes.
GKE cluster architecture
Control Plane
 The control plane runs processes such as the Kubernetes API
server, scheduler, and core resource controllers.
 GKE manages the control plane lifecycle from cluster creation to deletion.
 This includes upgrades to the Kubernetes version running on the
control plane, which GKE performs automatically, or manually based on the
request
GKE cluster architecture
Control Plane and the Kubernetes API
 The control plane is the unified endpoint for your cluster. Interact with the
control plane through Kubernetes API calls.
 The control plane runs the Kubernetes API server process to handle
API requests.
 Kubernetes API calls can be made in the following ways:
 Direct calls: HTTP/gRPC
 Indirect calls: Kubernetes command-line clients such as kubectl,
or the Google Cloud console.
GKE cluster architecture
Control Plane and the Kubernetes API
 The API server process is the hub for all communication for the cluster. All
internal cluster components such as nodes, system processes, and application
controllers act as clients of the API server.
 The API requests tell Kubernetes what your desired state is for the objects in
your cluster.
 Kubernetes attempts to constantly maintain that state. Kubernetes lets to
configure objects in the API either imperatively or declaratively.
GKE cluster architecture
Control plane and node interaction
 The control plane manages what runs on all of the cluster's nodes.
 The control plane schedules workloads and manages the
workloads' lifecycle, scaling, and upgrades.
 The control plane also manages network and storage resources for
those workloads.
 The control plane and nodes communicate with each other using Kubernetes
APIs.
GKE cluster architecture
Control plane interactions with Artifact Registry
To create or update a cluster, GKE pulls container images for the Kubernetes system software
running on the control plane and nodes from the Artifact Registry or the Container Registry.
An outage affecting these registries might cause the following actions to fail:
1. New cluster creation
2. Cluster version upgrades

Disruptions to workloads might occur even without your intervention, depending on the
specific nature and duration of the outage. If the Artifact Registry or the Container Registry
outage is regional, then redirect requests to a zone or region that isn't affected by the outage.
About the Nodes
 Nodes are the worker machines that run your containerized applications and
other workloads.
 The individual machines are Compute Engine virtual machines (VMs)
that GKE creates.
 The control plane manages and receives updates on each node's self-reported
status.
 A node runs the services necessary to support the containers that make
up your cluster's workloads.
About the Nodes
These include the runtime and the Kubernetes node agent (kubelet), which
communicates with the control plane and is responsible for starting and running
containers scheduled on the node.

GKE also runs a number of system containers that run as per-node agents, called
DaemonSets, that provide functionality such as log collection and intra-cluster
network connectivity.
GKE modes of operation
GKE offers the following modes of operation for clusters:
Autopilot mode: GKE manages the underlying infrastructure such as node
configuration, autoscaling, auto-upgrades, baseline security configurations, and
baseline networking configuration.

Benefits: Cost efficiency, Automation, improved security posture and reliability

GKE modes of operation
Standard mode: Manage the underlying infrastructure, including configuring the individual
nodes.
Settings that you manage include the following:
• Node pools
• Security
• Scheduling
• Scaling
• Resource Management
• Version Management
GKE Features
• Managed Kubernetes: GKE provides a fully managed Kubernetes service where Google
handles the infrastructure, including upgrades, maintenance, and scaling of the
Kubernetes cluster.
• Automatic Scaling:
• Cluster Autoscaler: Automatically adjusts the size of the cluster based on the resource
demands of your applications.
• Horizontal Pod Autoscaler: Adjusts the number of running pods based on CPU
utilization or other custom metrics.
• High Availability: GKE supports multi-zone and regional clusters for increased
redundancy and uptime.
GKE Features
• Integrated Monitoring and Logging: GKE integrates with Google Cloud's operations
suite (formerly Stackdriver) to provide logging, monitoring, and alerts for your
Kubernetes clusters and applications.
• Security Features:
• Role-Based Access Control (RBAC): Allows you to define fine-grained
access controls for your Kubernetes resources.
• Private Clusters: Provides an additional layer of security by ensuring that nodes and
the Kubernetes API server communicate over private IP addresses.
• Network Policies: Controls the traffic flow between different pods,
adding an additional security layer.
• Customizable Node Pools: GKE allows you to define multiple node pools within a
cluster, each with different machine types, auto-scaling settings, and other
configurations.
• GKE Autopilot: A mode of operation where Google manages the entire infrastructure,
optimizing for security, cost, and operational best practices, leaving developers to
focus solely on their applications.
GKE Benefits
Simplified Kubernetes Management: GKE automates many complex tasks
such as cluster upgrades and node management, reducing operational overhead.

Scalability: GKE is designed to efficiently scale containerized applications

horizontally to meet the demands of varying workloads.

Enhanced Security: With built-in security features like RBAC, private clusters,
and network policies, GKE provides a secure environment for running your
applications.

Cost Efficiency: With features like auto-scaling, preemptible VMs, and node
pool management, GKE helps optimize costs while maintaining performance.
Cloud Run Function
Cloud Run functions is a serverless execution environment for building and
connecting cloud services.
• With Cloud Run functions, a single-purpose functions are developed and are
attached to events emitted from your cloud infrastructure and services.
• The function is triggered when an event being watched is fired.
• The code executes in a fully managed environment in Cloud Run. There is no
need to provision any infrastructure or managing any servers.

Cloud Run functions supports many programming languages. It can take your
function and run it in any standard runtime environment for one of the supported
languages, which makes both portability and local testing possible.
Cloud Run Function
Developers can use Cloud Functions to build a range of
applications, including webhooks, chatbots, and data
processing pipelines, among others.

Cloud Functions provides a flexible and scalable infrastructure

for building and deploying serverless applications, allowing
developers to focus on writing code and delivering features
rather than managing infrastructure.
Cloud Run Function – an
use case
Cloud Functions can be used by a customer to surface their
own microservices via HTTP APIs or integrate with third-
party services that offer webhook integrations to quickly
extend the application with powerful capabilities such as
sending a confirmation email after a successful Stripe payment.
Cloud Run Function -
Features
• Serverless Computing
• Event driven computing
• Scalability
• Support for Multiple Languages
• Integration with other Google Cloud Services
• Cost efficient
• Easy to deploy
• High availability and security
Referen
ces
• [Link]

• [Link]