Google Cloud Technology Nuggets — Sep 16–30, 2022 Edition

Welcome to the September 16–30, 2022 edition of Google Cloud Technology Nuggets.

Register for Google Cloud Next ‘22

Google Cloud Next ’22 is less than 2 weeks away. Join in for the biggest event of the year on October 11–12 PDT with a global digital broadcast, featuring live keynotes from five locations across the globe — New York, Sunnyvale, Tokyo, Bengaluru, and Munich.

Check out the Google Cloud Next website for more details and register today. The blog post summarizes the event format, physical events happening across the world and more.

Networking

If you are looking to configure a single central and global Load Balancer that can manage services across both Internal HTTP(s) Load Balancing and Regional External HTTP(s) Load Balancing, you can do that now. This feature can surely help in reducing the operational complexity and provide much better control to Administrators to manage service access across teams and specific policies around their usage. Check out the blog post for more details.

Containers and Kubernetes

GKE Autopilot has received a boost with two features: GPU support and larger Pods. The GPU support allows NVIDIA T4 and A100 GPUs processors and all it needs is a few lines in the YAML. Since AutoPilot charges based on the Pod running, you don’t need to worry about the cost when the Pod is not running. For larger workloads, the newly introduced Balanced compute class supports Pod resource sizes up to 222vCPU and 851Gi. Check out the blog post for more details.

Custom Organization Policy is now available in preview mode for integration with GKE.

Storage and Data Analytics

Do you have a challenge performance testing your Dataflow pipeline? With integration of PerfKit Benchmarker (PKB), testing Dataflow jobs should be easier now. Check out this blog post that covers how you can setup and test out a Dataflow job using PKB. The specific Dataflow pipeline selected is the Pub/Sub subscription to BigQuery template.

Data Quality is a critical part of Data Governance and Dataplex provides support for validating your data across Google Cloud Storage and BigQuery resources.

Check out this blog post that highlights the features of Dataplex Data Quality Task and how American Eagle, one of the leading clothing providers, shares their experience on the same.

Identity and Security

There are quite a few updates on Security in this edition of the newsletter. Check out the CISO Perspectives for September 2022 where a key discussion is around Google Cloud’s acquisition of Mandiant and how it matters. If Security is your key area of interest, check out Q2 2022 key Security stories roundup.

Google Cloud Firewall service has introduced new features. In addition to Hierarchical Firewall Policies, there is a new policy structure, Network Firewall Policies, with two types: Global and Regional Network Firewall Policies. Also introduced is support for IAM Tags, which in conjunction with Network Firewall policies offers a much better management than just network tags and service accounts. There have also been improvements to the Firewall insights in the Network Intelligence Center. Check out the blog post for more details.

Google Cloud’s Organization Policy Service is a framework that allows Security Administrators to set rules on what specific users can do vis-a-vis configuration of resources. The blog post makes the case for organizations to tap into the Organization Policy service with specific examples and resources.

Workforce Identity Federation is now available in Preview. This is a key development in letting organizations have a centralized view and management of their ID providers in one place. As the blog post states “eliminates the need to maintain separate identities across multiple platforms. This means that organizations using Workforce Identity Federation no longer need to synchronize workforce user identities from their existing identity management solutions to Google Cloud. “

Machine Learning

Google Cloud Natural Language (NL) API with a new LLM-based model for Content Classification. These LLMs have been trained on larger datasets, which expand their content classification capabilities. Check out the NLP API reference and the blog post for more details.

Vertex AI Matching Engine and Feature Store will now support real-time streaming ingest in Preview. Check out the blog post that covers the details on these features and the specific use cases that it helps enable.

BISE is a particularly big, dry and troublesome wind. What has that got to do with this newsletter? In an interesting case study, BISE severely impacts aircraft operations in Zurich, Switzerland due to which aircrafts are forced at times to change runaways, which cascade into multiple logistical, timing and customer satisfaction issues. This case study shows how Lufthansa took this problem head on and worked with Google Cloud ML technologies to help predict in advance this kind of wind and hence preempt their planning processes to mitigate this.

In another interesting ML case study, Volkswagen worked with Google Cloud to research how ML technologies can help calculate drag coefficient effectively for different car models, to help them design more energy efficient cars.

SRE and DevOps

The 2022 Accelerate State of the DevOps Report has been published by the DORA program. DORA, as you know, is the one of the longest running research programs that studies what makes elite software delivery organizations create/deliver software at scale and stability. In 2021, one of the key areas that emerged was a direct correlation between organizations that did well on the 4 Key DORA Metrics and Reliability. This year, the focus was on identifying the relationship between Security and the key DORA Organization and Delivery performance metrics. Check out the blog post for a summary and download the entire 2022 report.

Cloud Deploy saw key significant updates. First up, was the addition of Cloud Run as a deployment target. Next was the ability to add deployment verification, which means that you can now specify one or more (testing) containers to execute immediately when an application is successfully deployed. Check out the blog post for more details on these two features and a post deployment verification feature blog post..

Log Analytics is now available in Preview in Cloud Logging. This feature powered by BigQuery allows you to use the power of SQL to perform ad hoc analysis and visualizations on your logs. The process also offers a standard and secure way for you to ingest your logs via the LogRouter and centralize it for querying and compliance purposes. Check out the blog post for more details.

Pub/Sub is a key integration service in Google Cloud. Various metrics around Pub/Sub used to be available before but they were difficult to locate and use. Out of the Box Pub/Sub Dashboards are now available that help you set up observability for this service in snap. Check out the detailed blog post that not only covers how to set it up but also provides various scenarios of how you can diagnose issues.

Developers and Practitioners

Cold Start is often a bottleneck in the use of services like Cloud Run and Cloud Functions. It refers to the latency encountered in the processing of a request that is due to the startup of a new container instance to serve that request. A new feature Startup CPU Boost aims to significantly reduce the Cold Start problem. Benchmarks conducted with this feature enabled across your services is almost 30–50%. Check out the blog post for more information on this and the kind of applications that best benefit from this. And best of all is the fact that just a single command is all you need to enable CPU Boost across your services. Keep in mind that this feature is in Preview mode.

Cloud Run is an excellent service to host a public website or even a public service that you would like anyone to invoke. While Cloud Run allows that via the “Allow Unauthenticated Requests”, there are a few organization level best practices like Domain Restricted Sharing that disallows that. Check out this blog post, which is a good way for us to learn about the multiple layers of security in Cloud Run i.e. ingress settings and IAM Policies and how we can configure and manage this across different requirements yet keeping the organization guidelines in place.

Query Insights for MySQL is now GA. As the documentation states, “Query insights helps you detect, diagnose, and prevent query performance problems for Cloud SQL databases. “. In this detailed blog post, you get to deploy the PetClinic application in Java Spring on Cloud Run and MySQL and put Query Insights to the test.

If you are using Cloud Workflows, how do you apply GitOps to the whole process of deploying your workflow in a test environment, performing tests, promoting the workflow to a production environment and more. Additionally, as you switch between environments, what are the mechanisms by which you can substitute environment specific settings like URLs, etc. Check out this two part series that first covers how to GitOps your service orchestrations and then how to manage multi-environment workflows.

Lets learn about Google Cloud

AI and ML technologies are often expensive and time-consuming to develop. Check out a Cloud Wisdom Weekly edition that highlights 4 ways in which organizations can leverage AI and ML using Google Cloud and continue to focus on transformation while keeping costs in check.

Looking to understand and/or communicate to others on how key Serverless offerings on Google Cloud i.e. Cloud Functions and Cloud Run can help in improving developer efficiency and cost optimization, check out this Cloud Wisdom Weekly issue.

Test your Google Cloud Knowledge

Google Clout is a series of challenges that you can do to test out your knowledge of Google Cloud. As part of the run up towards Google Cloud NEXT, which is just two weeks away, you can get early access to Google Cloud challenges that are designed for NEXT attendees. Check out the blog post for more details.

Stay in Touch

Have questions, comments, or other feedback on this newsletter? Please send Feedback.

Looking to keep a tab on new Google Cloud product announcements? We have a handy page that you should bookmark → What’s new with Google Cloud.