Skip to main content

Posts

GCP: Instance group

Managed instance group contains identical instnaces, created from an instance template. Supports auto scaling, auto healing, rolling updates, load balancing. VM instances are stateless and disks are deleted on VM recreation. It is possible for load balancer to send traffic to instance group through a named port. Configure autoscaling on and autoscaling policy. Auto scaling policy directs when to auto-scale, based on CPU utlization, HTTP load balancing utilization, Stack driver metric, or combination of the above. It is possible to specify maximum number of instances that can be in instance group. Enable auto healing through healhcheck configuration. Instance group while running, you can add/remove labels. You can do modifications just as you can do with an instance running. With instance group you can have rolling update, rolling restart/replace actions. When performing rolling update, perform canary deployment, and make sure that no rollback is needed. If rollback is needed, t
Recent posts

Cloud Architecture consideration

Thorough understanding of cloud architecture and Google technology Understand business objectives; Strategize cloud solution design inline with archtiecture best practices Design and Develop Manage robust, secure, scalable, highly available and dynamic solutions Proficient with multi-tiered distributed application - multi-cloud and hybrid environments Designing and Planning a cloud solution architecture - Business use cses - Product strategy - Cost optimization - Supporting application design - Data movement - Trade-offs - Build, buy or modify decisions - KPI and ROI metrics - Compliance and observability - HA and fail-over design - Elasticity - Scalability to meet growth requirements - Network integrations - Native networking - VPC peering, firewalls, container networking - Identifying data processing pipeline - Matching characteristics of storage systems - Data flow diagrams - Storage system structure - Mapping compute needs to platform products - License map

Essential GCP services for a new age application

Identity and resource management IAM  Identity aware proxy Resource Manager Stackdriver Monitoring Stackdriver Monitoring: Infrastructure and application monitoring Stackdriver Logging: Centralized logging Stackdriver Error Reporting: Application error reporting Stackdriver Trace: Application performance insights (latency) Stackdriver Debugger: Live production debugging Development management Cloud Deployment Manager: Templated Infrastructure deployment Cloud Console: Web based management console Cloud shell: Browser based terminal/CLI Development tools Cloud SDK: CLI for GCP Container registry: Private container registry Container builder: Build/Package container artifacts Cloud source repository: Hosted private git repository Database services Cloud SQL: Managed MySQL and PostgreSQL Cloud BigTable: HBase compatible non-relational DB Cloud Datastore: Horizontally scalable non-relational (ACID) Cloud Spanner: Horizontally scalable relational D

GCP - BigQuery Roles

GCP BigQuery Roles (Quick view)

GCP: GAE - Memcache best practices

Memcache is a distributed in-memory data cache in front of or in place of robust persistent storage for some tasks. GAE includes a memory cache service for this purpose. Best practices for using memcache: 1. Handling memcache API failures gracefully; Do not expose errors to the end users 2. Use batching capability of the API when possible 3. Distribute load across your memcache keyspace Use sharding and aggregating for improving performance efficiency. Use TTL (expiration policy) to make sure the memcache does not fill-up indefinitely Use getIdentifiable() and putIfUntouched() for managing the values that may get affected by concurrent updates Use batching (getMulti ("comments", "commented_by") ) to fetch related values together instead of one by one Use graceful error handling

GCP_QuickRef01

1. Signed URL is a method of granting temporary access to cloud storage/object via a link 2. How long all non-admin activity logs are kept - 7 days (Basic tier), 30 days (Premium tier) 3. What kind of access is preferred on GCS buckets - IAM Roles, to control access at the object level ACL permissions would come handy 4. VPN routing options - Dynamic BGP based, Route based, Policy based 5. If the object versioning is enabled, when the object is deleted, the deleted object is archived 6. What are the available file formats for exporting billing info to cloud storage - csv,json 7. Service accounts are the non-human IAM account, used for programmatic and application access on GCP resources 8. Environments that Stackdriver can natively monitor are - GCP and AWS 9. Persistent disks (Standard and SSD) and Local SSD 10. Method for automatically applying conditions on cloud storage buckets for deletion and changing storage class is Lifecycle management 11. Organization owner is a ro

Infrastructure specific terms

SAN: Enhance storage devices - Disk arrays and tapes SANs make disk arrays and tape libraries accessible to servers so that the devices appear to the OS as locally attached devices; SAN is a separate network of storage devices not accessible through LAN by other devices. NAS: A single device or server or computing appliance, sharing its own storage over the network. iSCSI: Transports block-level data between an iSCSI initiator on a server and and iSCSI target on a storage device. The protocol encapsulates SCSI commands, assembles the data packets for the TCP/IP layer. Packets are transferred using point-to-point connection. Bastion host is a special purpose computer on a network specifically designed and configured to withstand attacks, generally hosts single application. Ex. a proxy server, and all other services are removed or limited to reduce the threat to the computer. Source: Wikipedia