Skip to main content

Posts

GCP: Instance group

Managed instance group contains identical instnaces, created from an instance template. Supports auto scaling, auto healing, rolling updates, load balancing. VM instances are stateless and disks are deleted on VM recreation. It is possible for load balancer to send traffic to instance group through a named port.

Configure autoscaling on and autoscaling policy. Auto scaling policy directs when to auto-scale, based on CPU utlization, HTTP load balancing utilization, Stack driver metric, or combination of the above. It is possible to specify maximum number of instances that can be in instance group. Enable auto healing through healhcheck configuration.

Instance group while running, you can add/remove labels. You can do modifications just as you can do with an instance running.

With instance group you can have rolling update, rolling restart/replace actions. When performing rolling update, perform canary deployment, and make sure that no rollback is needed. If rollback is needed, turn th…
Recent posts

Cloud Architecture consideration

Thorough understanding of cloud architecture and Google technology
Understand business objectives; Strategize cloud solution design inline with archtiecture best practices
Design and Develop
Manage robust, secure, scalable, highly available and dynamic solutions
Proficient with multi-tiered distributed application - multi-cloud and hybrid environments
Designing and Planning a cloud solution architecture
- Business use cses
- Product strategy
- Cost optimization
- Supporting application design
- Data movement
- Trade-offs
- Build, buy or modify decisions
- KPI and ROI metrics
- Compliance and observability
- HA and fail-over design
- Elasticity
- Scalability to meet growth requirements
- Network integrations
- Native networking - VPC peering, firewalls, container networking
- Identifying data processing pipeline
- Matching characteristics of storage systems
- Data flow diagrams
- Storage system structure
- Mapping compute needs to platform products
- License mapping
- Network and manageme…

Essential GCP services for a new age application

Identity and resource management

IAM Identity aware proxyResource Manager
Stackdriver Monitoring

Stackdriver Monitoring: Infrastructure and application monitoringStackdriver Logging: Centralized loggingStackdriver Error Reporting: Application error reportingStackdriver Trace: Application performance insights (latency)Stackdriver Debugger: Live production debugging
Development management

Cloud Deployment Manager: Templated Infrastructure deploymentCloud Console: Web based management consoleCloud shell: Browser based terminal/CLI
Development tools

Cloud SDK: CLI for GCPContainer registry: Private container registryContainer builder: Build/Package container artifactsCloud source repository: Hosted private git repository
Database services

Cloud SQL: Managed MySQL and PostgreSQLCloud BigTable: HBase compatible non-relational DBCloud Datastore: Horizontally scalable non-relational (ACID)Cloud Spanner: Horizontally scalable relational DB
Bigdata analytics services

BigQuery: DWDataflow: Stream or Batch …

GCP - BigQuery Roles

GCP: GAE - Memcache best practices

Memcache is a distributed in-memory data cache in front of or in place of robust persistent storage for some tasks.
GAE includes a memory cache service for this purpose.

Best practices for using memcache:
1. Handling memcache API failures gracefully; Do not expose errors to the end users
2. Use batching capability of the API when possible
3. Distribute load across your memcache keyspace


Use sharding and aggregating for improving performance efficiency.Use TTL (expiration policy) to make sure the memcache does not fill-up indefinitelyUse getIdentifiable() and putIfUntouched() for managing the values that may get affected by concurrent updatesUse batching (getMulti ("comments", "commented_by") ) to fetch related values together instead of one by oneUse graceful error handling

GCP_QuickRef01

1. Signed URL is a method of granting temporary access to cloud storage/object via a link
2. How long all non-admin activity logs are kept - 7 days (Basic tier), 30 days (Premium tier)
3. What kind of access is preferred on GCS buckets - IAM Roles, to control access at the object level ACL permissions would come handy
4. VPN routing options - Dynamic BGP based, Route based, Policy based
5. If the object versioning is enabled, when the object is deleted, the deleted object is archived
6. What are the available file formats for exporting billing info to cloud storage - csv,json
7. Service accounts are the non-human IAM account, used for programmatic and application access on GCP resources
8. Environments that Stackdriver can natively monitor are - GCP and AWS
9. Persistent disks (Standard and SSD) and Local SSD
10. Method for automatically applying conditions on cloud storage buckets for deletion and changing storage class is Lifecycle management
11. Organization owner is a role that i…

Infrastructure specific terms

SAN: Enhance storage devices - Disk arrays and tapes
SANs make disk arrays and tape libraries accessible to servers so that the devices appear to the OS as locally attached devices; SAN is a separate network of storage devices not accessible through LAN by other devices.

NAS: A single device or server or computing appliance, sharing its own storage over the network.

iSCSI: Transports block-level data between an iSCSI initiator on a server and and iSCSI target on a storage device. The protocol encapsulates SCSI commands, assembles the data packets for the TCP/IP layer. Packets are transferred using point-to-point connection.

Bastion host is a special purpose computer on a network specifically designed and configured to withstand attacks, generally hosts single application. Ex. a proxy server, and all other services are removed or limited to reduce the threat to the computer.

Source: Wikipedia