Google Cloud Platform — Technology Nuggets — November 16–30, 2021 Edition

Welcome to the November 16–30, 2021 edition of Google Cloud Platform Technology Nuggets.

Hybrid and Multi-cloud

The availability of powerful computing options available today along with the needs to localize processing has made architects think beyond the confines of traditional data centers. Edge Computing is often considered as a way to address these architectures but what exactly is Edge Computing, what are some of the considerations to take into account and what are the options available today across Google Cloud solutions to make this happen. In a 3-part series of Edge Computing, these points are explored in detail:

  • Part 1 : Edge Computing — Past and Current State
  • Part 2 : Architecting applications for Edge Computing
  • Part 3 : Google Cloud solutions for Edge Computing


Black Friday sales are a great indicator of how leading brands get their technical infrastructure ready to handle the huge load that is typically seen during this period. In this episode, the kind of scale that Shopify, a leading provider for internet infrastructure for commerce achieved during the Black Friday Cyber Monday (BFCM) sales period is simply mind-boggling.

I quote from the blog post, “peak sales of $3.1 million per minute”, “averaged about 30TB/min of egress traffic across our infrastructure” and more. The Twitter thread here has some more interesting stats and it is interesting to see the scale that MySQL servers handled.

Read more in this blog post.

Identity & Security

Security Command Center (SCC) is Google Cloud’s security and risk management platform. It provides visibility into cloud assets, discovering misconfigurations and vulnerabilities, detecting threats, and helping to maintain compliance with industry standards and benchmarks. If you have used SCC to scan your environments, you would have noticed that the findings are reported into hundreds of items. This is likely to result in either some critical findings not surfacing right to the top and most likely will result in the tool not meeting its prime objective.

Just like we have alert fatigue as one of the areas to address in operations support, it is important to mute some of the findings of SCC and instead focus on the ones that matter. Some examples of findings that you might want to mute would include assets in non-production environments, recommendations for using a customer managed key in projects that don’t contain critical data, etc. With mute findings in SCC, you can now setup rules to mute certain findings while still retaining control to manage those settings as needed.

Our next topic to discuss is about interesting work being done to bring more Site Reliability Engineering (SRE) principles to your day to day Security Operations work. The research particularly looks at toil, which is repeatable manual work that you do to address the task. In other words, if you left the system in the same state that it was after the work, it is likely to be toil. What you instead need to look at is to bring one of the guiding principles of SRE i.e. reduce toil. In this blog post, the authors highlight how you can bring SRE principles to your Security Operations Center (SOC) team in a gradual phased manner that is likely to see multiple benefits.

Continuing on Security, sign up for a live online event on December 15th titled Google Cloud Security Talks of 2021. Come and learn about the Zero Trust approach to employees, users and user data.

Data Analytics

Google Cloud has made available more than 30 Data Analytics Design Patterns, a set of technical solutions that help customers to use referenceable architecture, models and deployable source code, to jump start their journey. The need for this has come up due to the fact that organizations still struggle to tap into various data sources to gain insights and a set of solutions to address typical domain problems can definitely help here.

The blog post highlights 3 such patterns: Anomaly Detection, Price Optimization and Unified App Analytics but you can definitely reference the entire set here.

Machine Learning

If you are looking to understand Machine Learning and have found it difficult to navigate the sheer amount of material available on the Internet, here is a course that I can recommend. The 4-part course titled Making Friends with Machine Learning by Cassie Kozyrkov, which was originally an internal-only Google course, is available to everyone.

The course is designed to give you the tools you need for effective participation in machine learning for solving business problems. It aims to give you a correct understanding of core machine learning concepts, methods, avoid common errors in machine learning, steps to take in leading machine learning projects from conception to launch and improve your ability to communicate with ML experts and non-experts alike.

Here is the entire tutorial (several hours but worth your time):

  • Part 1: Introduction to ML
  • Part 2: Life of a Machine Learning Project
  • Part 3: AI from Prototype and Production
  • Part 4: Opening the Black Box

When it comes to AI, the move to ethical AI outcomes is becoming a priority to ensure that the models are fair in their outcomes. What does it entail to create a framework to ensure that organizations are on their way to delivering fair outcomes. Lopez Research gives a 4-step process framework SEED (Security, Ethics, Explainability and Data) to ensure that:

Read more in the blog post.

Serverless App Development

First up is the blog post that looks at the next big evolution in Serverless Computing. It is a given that Serverless Computing is here to stay and Functions as a Service (FaaS) has completely changed how developers look at architecting modern event-driven applications. However, developers are pushing the limits in terms of the type of workloads that they would like to fit within a Serverless architecture, are looking at pricing innovations, support for open standards, securing the software supply chain and more. The post takes a look at this evolution and how Cloud Run is well positioned to address this next evolution in Serverless Computing. Cloud Run is one of the most successful products in the last 2 years and has seen significant adoption. If you are a Cloud Run user or planning to learn more about it, this is an essential read.

Moving on, the Serverless series on addressing anti-patterns in Google Cloud continues with new episodes. Two additional posts have been added:

  • Part 4 : How to handle Promises correctly in your Node.js cloud function?
  • Part 5 : How to run background processes correctly in Python?

Let’s learn about GCP

Google Cloud Certification is one of the most sought after certifications out there in the market. There are several Professional level certifications in addition to an associate level certification. The official certification page is available here and it could get confusing to navigate the path in terms of which certification you should do.

Check out this blog post that gives an overview of each of the certifications in a minute.

We have a couple of sketch notes for you to take a look at in this episode of the newsletter.

The first note provides an overview of what Microservices architecture is all about. Take a look.

The second note covers Cloud CDN and what it is all about?

Stay in Touch!

Have questions, comments, or other feedback. Do send it across.

Looking to keep a tab on new Google Cloud product announcements? We have a handy page that you should bookmark → What’s new with Google Cloud.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Romin Irani

Romin Irani

My passion is to help developers succeed. ¯\_(ツ)_/¯