Cloud Architecture Framework:
Optimize cost: Networking: Cost-optimization controls for your networking resources in Google Cloud
When a company planning to transfer from on-premise to the cloud they often forget the network price component or think about cloud egress only. In a cloud network infrastructure, some components (like LB, IP, VPN, etc) and some types of internal traffic have their own price
Network tier
Egress traffic leaves Google’s network by two possible tiers:
- Premium Tier — Use Google’s premium backbone to carry traffic to and from your external users. Internet traffic incoming to the GCP backbone in the nearest customer POP, transferred from here to your server, and the same way goes back. It’s making your connection more stable, faster, and predictable.
Use case: Performance optimized, Global network, Global network services
HTTP(S) Load Balancing, TCP or SSL proxy: Global, backend VMs in any region, uses a single IP address worldwide — Terminates TCP as close to the user as possible, worldwide
- Standard Tier — delivers traffic from external systems to Google Cloud resources by routing it over the internet. Traffic transferred to the Internet from the nearest GCP data center POP
Use case: Cost optimized, Regional network, Regional network
HTTP(S) Load Balancing, TCP or SSL proxy: Regional, backend VMs in a single region, region pool IP terminates TCP in the destination region
Cloud Storage access: you must configure your storage bucket as the backend of the HTTPS LB Standard Tier. The Cloud Storage bucket must be in the same region as the forwarding rule. If they are in different regions, requests to the bucket produce an error. To use multi-regional Cloud Storage buckets as backends, you must use Premium Tier.
Not supported: internal TCP/UDP load balancers, Cloud CDN, Cloud VPN gateways, Cloud NAT gateways
If all your clients and resources are located in one region and your Internet egress traffic, you can check Standard Tier. But you should remember about limitations and possible redundancy problems.
CDN — When your customers connect to the static web and video content CND can make it faster and cheaper.
- Cloud CDN uses Cloud Load Balancing. Data can be delivered from GCE, GCS, or GKE
- Configure caching behavior by origin that allows you to have fine-grained control over cache keys, TTLs, and other caching features based on the content type being served. Use dynamic compression to reduce the data size by over 60% and improve page performance. Changing TTL settings for long-stored content can dramatically reduce the cost of Internet traffic and traffic to cache renewal. Using versioned URLs and invalidation to remove content can help you get updated data with long TTL
- You can use Google CDN partners — CDN Interconnect in Premium Tier interconnect traffic price ~50% less GCP internet Egress traffic
Connectivity to GCP options
When you need to push a large volume of data (TBs or PBs) frequently from on-premises environments to Google Cloud, consider using Dedicated Interconnect or Partner Interconnect. A dedicated connection can be cheaper when compared with costs associated with traversing the public internet or using a VPN.
Inter-Zone traffic
Dividing your resource into separate zones of one region can be the best practice to improve the HA of your application and is really important when you use Spot VM. But, you have to forecast and check your internal inter-zone traffic, it can be very expensive for active applications.
- Make your internal traffic zone oriented — connect your application components per zone, don’t use full mesh structures. The outgoing connection can be made over LB
- Use active/passive HA scheme — you can build your main infrastructure in one zone and use one other as backup. GKE and MIG can help you do it effectively and automatically.
- Logging — VPC Flow Logs, Firewall Rule Logging, and Cloud NAT logging let you analyze network logs and identify opportunities to reduce costs. Unfortunately for effective log analyses, you should build your own instruments
Optimize cost: Cloud operations: recommendations to help you optimize the cost of monitoring and managing your resources in Google Cloud.
- Google Cloud’s operations suite includes Cloud Monitoring, Cloud Logging, Error Reporting, Cloud Trace, and Cloud Profiler. One of the benefits of managed services in Google Cloud is that the services are usage-based. You can filter and route the volume of data to the monitoring system, with free monthly data-usage allotments, and unlimited access to Google Cloud metrics and audit logs; or transfer it to GCS, BigQuery, Pub/Sub, or Splunk.
- Use monitoring billing/monthly_bytes_ingested metric to find the biggest log sources
- Offload and export logs to lower-cost storage. When you utilize GCS buckets as route destinations, information will be aggregated and saved as JSON files with a delay. If you need a real-time log for debugging, security or metrics alerts use Pub/Sub or BigQuery
