Welcome to issue #184 April 6th, 2020

A new product: Service Directory, Memcached as a new memory storage option on Memorystore, COVID-19 public dataset program and other interesting articles and releases. 



Cloud Memorystore Official Blog

Powering up caching with Memorystore for Memcached - In-memory data stores can act as a caching layer for databases for speed and simplicity. The Memorystore for Memcached service is now in beta.

Networking Official Blog Service Directory

Introducing Service Directory: Manage all your services in one place at scale - Service Directory provides a single pane of glass for all your network services.

GCP Certification Official Blog

Expanding at-home learning with 30 days of training at no cost - Google Cloud learning resources, including training courses, Qwiklabs, and interactive webinars at no cost for 30 days, so you can gain hands-on cloud experience no matter where you are.

BigQuery Data Analytics Official Blog

Introducing BigQuery column-level security: new fine-grained access controls - Cloud data warehouse column-level security controls let you put policies on data classes for compliance reasons -- new in BigQuery.

BigQuery Data Analytics Official Blog Public Datasets

COVID-19 public dataset program: Making data freely accessible for better public outcomes - Explore valuable data related to COVID-19 with free public datasets, available in Google Cloud’s BigQuery.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Networking Official Blog

Connecting to Google Cloud: your networking options explained - The Google Cloud network connectivity option that’s right for you.


Define New Paths with Routing - An in-depth overview of network routing on Google Cloud.

Beginner IAM Security Tutorial

Using service accounts across projects in GCP - Configuring service account to have access to resources in other GCP projects.

Compute Engine Security

Mounting LUKS encrypted Disks using Google Secrets Manager - A simple procedure that attaches a GCE persistent disk to a VM where the disk itself is encrypted by a key you define.

IAM Identity platform Security

Achieving identity and access governance on Google Cloud - How you can achieve identity and access governance when using Google Cloud.

Go Security

Easily generate Google signed id-token with token-generator - Tool in Go to generate id_token based on a service account.

Google Kubernetes Engine

How to Secure Your Kubernetes Cluster on GKE - Google Kubernetes Engine is easy to get going with, but requires additional security controls which this article addresses.

App Development, Serverless, Databases, DevOps

Billing Compute Engine

How to Use Google Preemptible VMs to Get 80% Savings - FAQ about using preemptible VMs on GCP.

Compute Engine

The WordPress Project - Straightforward tutorial on how to deploy Wordpress on Google Cloud Platform.

.NET Compute Engine Windows

How to deploy ASP.NET Core 3.x to Google Compute Engine / IIS - Detailed article about deploying ASP.NET application on Google Compute Engine.


GridDB Achieves 5 Million Writes Per Second & 60 Million Reads Per Second with only 20 Nodes on Google Cloud - In the article is described setup with which it was able to achieve 5 million writes per second & 60 million reads per second with only 20 GridDB nodes on Google Cloud. GridDB is a Open Source Time Series Database for IoT.

Cloud SQL

Cloud SQL: Recovering from Regional failure in 10 minutes or less (MySQL) - Enabling and automating a heightened level of HA for your most critical Cloud SQL workloads.

Cloud Firestore Firebase

The secrets of Firestore’s FieldValue.serverTimestamp() — REVEALED! - Everything you need to know about Firestore server timestamps, including writes, queries, security rules, and time travel safety tips.

Artifact Registry Container Registry

Manage your build artifacts with Artifact Registry - An overview of Artifact Registry, a new container management tool based upon Container Registry.

Cloud CDN Networking

Google Cloud CDN Best Practice Series: Live Traffic Migration - This article discusses a workaround for situation when Google can’t provision a Google-managed SSL certificate if the DNS record is pointing to a non-Google IP address when there is already live traffic.

Networking Tutorial

Load balancer on Google Cloud With Google-managed SSL Certificates - The article goes through a process of setting up a Load Balancer with SSL certificates.

Cloud Identity Aware Proxy Cloud Scheduler IAM Security

Making GCP Serverless Talk to On-premises Resources - Adding credentials information in Cloud Scheduler to get access through Identity Aware Proxy.

Cloud Run Knative

Is Google Cloud Run really Knative? - A walk through parts of Knative API that work and that are not yet supported on Cloud Run.

Cloud Run Knative

Inside gcloud run deploy - Looking under the hood of deployment command for Cloud Run.

Big Data, Analytics, ML&AI


Tutorial: Migrating from MySQL to BigQuery for Real-Time Data Analytics - Using Striim (continues real-time data integration solution) to replicate data from MySQL database to BigQuery.

BigQuery Public Datasets

Google Cloud Launches freely accessible COVID-19 Public Datasets program - An overview of COVID-19 BigQuery Public datasets.

BigQuery Data Studio GIS Machine Learning Public Datasets Visualization

Analyzing COVID-19 with BigQuery - Exploring, visualizing and predicting COVID-19 data using BigQuery.

BigQuery Data Analytics Machine Learning Official Blog

Filling the NCAA void: Using BigQuery to simulate March Madness - Check out how to simulate college basketball brackets with BigQuery and BigQuery ML, using ML predictions, in a year where March Madness isn’t happening.


Playing with Sharded tables in BigQuery - Doing a backup of sharded BigQuery tables.

BigQuery Billing Cloud Logging Stackdriver

Exporting BigQuery usage logs to… BigQuery - A brief article that describes how to setup Logs export to BigQuery and how to query BigQuery related data.


Arrays in BigQuery — How to improve query performance and optimise storage - Demonstrating advantages of using BigQuery arrays to harness the power of BigQuery for analytical use cases over traditional data models.

BigQuery Data Analytics Visualization

Building a Custom Jira Reporting Solution with BigQuery, Stitch & Tableau - Using BigQuery as a data lake for Jira data and a source for visualization.

BigQuery Data Studio Visualization

3 Ways to add Annotations to Data Studio time series chart - Learn to add annotations by using either a calculated field, or a CSV, or reusing a Google Sheet for annotating across multiple reports.


Official Blog

How Google Cloud is helping during COVID-19 - All over the world, businesses and users depend on Google Cloud to help them stay connected and get work done. Today, we’re sharing many of the ways we’re working to support businesses, government institutions, researchers and one another.

Slides, Videos, Audio

GCP Podcast - #214 AI in Healthcare with Dale Markowitz.

Kubernetes Podcast - #97 Jaeger, with Yuri Shkuro.

Adventures with Yufeng - A Youtube channel from Yufeng (GCP Developer Advocate) where he chats with other GCP DAs.


Level Up - Automated Subtitles with AI

AI Platform

Distributed TensorFlow model training on Cloud AI Platform (TF Dev Summit '20)



Access Context Manager - Beta release of the Access Context Manager Bulk API.

AI Platform - Notebooks - AI Platform Notebooks is now Generally Available.

Google Cloud Armor - Google Cloud Armor integration with Cloud Security Command Center is generally available. Google Cloud Armor Service Level Agreement is released.

AutoML Tables - Integration with VPC Service Controls is now in beta stage.

BigQuery - BigQuery Reservations is now available in all BigQuery regions. INFORMATION_SCHEMA views for BigQuery reservations are now in public alpha. Scripting and stored procedures are now Generally Available.

Cloud Composer - The new Composer monitoring dashboard is now in beta.

Config Connector - Fixed the ComputeInstance idempotency issue.

Dataproc - Added Presto and SparkR job type support to Dataproc Workflows. Fixed an Auto Zone Placement bug that incorrectly returned INVALID_ARGUMENT errors as INTERNAL errors, and didn't propagate these error messages to the user. Announcing the General Availability (GA) release of Dataproc Presto job type, which can be submitted to a cluster using the gcloud dataproc jobs submit presto command.

Deployment Manager - If your Python templates use features that are only for Python 2.x, your templates will now continue to work until June 2020.

Dialogflow - When using fulfillment, the WebhookResponse.payload field can now only be used for two cases: Custom data sent from your webhook service to a Dialogflow API caller.

Cloud Functions - Cloud Functions now supports Connecting to Cloud SQL at the General Availability release level.

GKE on Prem - When upgrading from version 1.2.2 to 1.3.0 by using the Bundle download in the alternate upgrade method, a timeout might occur that will cause your user cluster upgrade to fail.

IAM - When you use a service account key to access Google Cloud, your audit logs now identify the key that was used.

Google Kubernetes Engine Rapid - 1.16.8-gke.4 is now available in the Rapid release channel.

Google Kubernetes Engine Regular - 1.15.9-gke.24 is now available in the Regular release channel.

Marketplace Partners - If you sell Kubernetes apps on Google Cloud Marketplace, you can now configure your app to target clusters where at least one node has a GPU.

Anthos Migrate - v1.3.0. New migctl CLI for deploying Migrate for Anthos, creating and operating migrations using a structured workflow and a migration processing cluster. Introducing a unified migration workflow across all supported VM sources -- VMware, AWS EC2, Azure VMs and Compute Engine VMs. Migrations are defined and operated using a Kubernetes CRD. Automated generation of a suggested migration plan (specified in a CRD), CI/CD artifacts and deployment specs. The Migrate for Anthos software runtime layer now offers a compatibility feature for older Java versions that are not container aware by reflecting the correct resource allocations in the container's /proc file system. Migrate for Anthos v1.0 Marketplace deployment is now removed. Preview features -- contact your Google Sales representative to enroll. 151505531, 150052607: In some cases, migration can be stuck with no progress. 147211918: In some cases, migration from AWS or Azure as a source can be stuck with no progress. 146699220: When the source VM has a systemd service with a NICE config property, the service might not start when running in a container. 144896313: Migration of Security-Enhanced Linux (SELinux) is not supported. 149900626: Some file systems not listed in Compatible VM operating systems may fail to migrate. 152194161: Your migrated workload container fails when running a cluster with GKE nodes of type "COS". 148334068: When Migrating a physical VM from on-premises connected via Migrate for Compute Engine, Migrate for Anthos attempts to optimize network utilization and discards (rather than stream) blocks that are not in use on the source VM file system. GKE on-prem preview: If a source was created with migctl source create using the wrong credentials, migrations will fail.

Cloud Monitoring - You can now write time-series data for custom and Prometheus metrics at the rate of 1 data point every 10 seconds. Data for custom and Prometheus metrics is now retained for 24 months.

Cloud NAT - Cloud NAT monitoring is available in General Availability.

AutoML Natural Language - Integration with VPC Service Controls is now in beta stage.

Recommender - Insights is now available in beta.

Cloud Run - The Cloud Run revision details panel now surfaces build information if the Container Analysis API has been enabled and the container has been built with Cloud Build, as well as source repository information if the container has been built by a Cloud Build Trigger.

Cloud Spanner - A beta version of the Cloud Spanner emulator is now available, enabling you to develop and test Cloud Spanner applications locally.

Cloud Talent Solution - As of this date, Cloud Talent Solution Job Search v2 is no longer available.

Cloud Trace - You can now use OpenTelemetry with Go and Node.js to instrument your applications running on GKE and Compute Engine.

AutoML Translation - Integration with VPC Service Controls is now in beta stage.

Cloud Video Intelligence API - The following GA feature is available in the Video Intelligence API version v1: Logo recognition: Detect, track, and recognize the presence of over 100,000 brands and logos in video content.

Cloud AutoML Vision - Integration with VPC Service Controls is now in beta stage.

Cloud AutoML Vision Object Detection - Integration with VPC Service Controls is now in beta stage.

VPC Service Controls - Beta support for bulk changes to service perimeters. Beta stage support for the following integrations: Container Analysis. Beta stage support for the following integrations: AutoML Natural Language AutoML Tables AutoML Translation AutoML Video Intelligence AutoML Vision Artifact Registry.

Anthos GKE deployed on-prem - When upgrading from version 1.2.2 to 1.3.0 by using the Bundle download in the alternate upgrade method, a timeout might occur that will cause your user cluster upgrade to fail.

Dialogflow Enterprise - When using fulfillment, the WebhookResponse.payload field can now only be used for two cases: Custom data sent from your webhook service to a Dialogflow API caller.

Service Mesh - 1.4.7-asm.0 Contains the same fixes as OSS Istio 1.4.7.

AI Platform Training - You can now use customer-managed encryption keys (CMEK) to protect data in your AI Platform Training jobs.

Anthos GKE on-prem - When upgrading from version 1.2.2 to 1.3.0 by using the Bundle download in the alternate upgrade method, a timeout might occur that will cause your user cluster upgrade to fail.


Latest Issues


Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]