Welcome to issue #208 September 21st, 2020

News

Official Blog

Analyze your logs quickly with suggested queries beta in Cloud Logging - New suggested queries in Cloud Logging help highlight important logs, so you can troubleshoot issues faster.

Cloud SQL Data Analytics Official Blog

Export data from Cloud SQL without performance overhead - We’re launching export offloading in Cloud SQL so you can export data from your MySQL and PostgreSQL database instances without impacting performance or risking your production workloads.

Official Blog Windows

Making it easier to manage Windows Server VMs - Announcing a smattering of new capabilities to simplify running your Windows workloads on Google Cloud.

Jupyter Notebook Machine Learning Official Blog

Forrester names Google Cloud a Leader in Notebook-based Predictive Analytics and Machine Learning - Forrester evaluated 12 notebook-based predictive analytics and machine learning solutions against a set of pre-defined criteria. In addition to being named a leader, Google Cloud received the highest possible score in eleven evaluation criteria including explainability, security, open source, and partners.

Official Blog Storage

GKE powers new software-defined NetApp Cloud Volumes Service - NetApp’s new Cloud Volumes Service (CVS) enterprise file storage service is powered by Google Kubernetes Engine.

Cloud Run Official Blog Serverless

Streamlining Cloud Run development with Cloud Code - Cloud Run is now integrated with Cloud Code, making it easier to create new Cloud Run services from your favorite IDE.

Official Blog

What you can learn in our Q3 2020 Google Cloud Security Talks - Better understand the resources at your disposal to protect your users, applications, and data by joining our Google Cloud Security Talks on September 23rd.

Infrastructure Official Blog

Announcing ‘round-the-clock clean energy for cloud - Google Cloud sets goal for all services to be powered by carbon-free energy sources, all the time, by 2030.

 

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Cloud KMS Official Blog Security

New Google Cloud whitepaper: Getting the most out of your Cloud Key Management Service - The Google Cloud security team published a whitepaper titled “Cloud Key Management Service Deep Dive” to help you get the most out of cloud key management.

Google Kubernetes Engine Official Blog Security

gVisor: Protecting GKE and serverless users in the real world - Many Google Cloud compute platforms are based on gVisor, and thus impervious to a recently discovered container vulnerability.

Go Google Kubernetes Engine Kubernetes

PV usage as metrics on GKE - Go program which can be used to collect and export statistics to Monitoring in Persistent Volumes.

API Go Google Kubernetes Engine Tutorial

Deploying a Go-swagger service using Google Kubernetes Engine (GKE) - This tutorial goes through the process of deploying Go swagger project on GKE.

Cloud Functions Security Terraform

Automating Response to Security Events on Google Cloud Platform - Remediating access misconfigurations by detecting and automatically responding to specific Cloud Logging events in real-time.

Anthos Google Kubernetes Engine

Ingress for Anthos — Multi-cluster Ingress and Global Service Load Balancing - Example of using Ingres for Anthos for multi-cluster environment.

Anthos AWS Kubernetes

Realizing Multi-Cloud Kubernetes with Google Anthos and AWS (part 1) - A preview of running Google’s Anthos GKE on Amazon Web Services and how you can manage k8s clusters on AWS from GCP console.

App Development, Serverless, Databases, DevOps

Cloud Logging Official Blog

Tips and tricks for using new RegEx support in Cloud Logging - Learn how to optimize your Cloud Logging queries to find the logs you need, faster.

CI Cloud Run Official Blog

Now, setting up continuous deployment for Cloud Run is a snap - You can now automatically build and deploy your code to your Cloud Run services.

Compute Engine Official Blog

Compute Engine explained: Best practices for OS updates at scale - Learn techniques for applying OS patches to your Compute Engine VM instances.

Cloud Monitoring Monitoring Python

Creating Custom Metrics in Google Cloud with Python - Python script to send custom metrics.

Cloud Storage Compute Engine

FUSE for Google Cloud Storage - Setting up Cloud Storage bucket as a mounting point on a server.

API API Gateway Beginner Google Kubernetes Engine

API Management (Endpoint-OpenAPI) GCP & GKE - Step by step tutorial to deploy OpenAPI endpoints on GKE managed through API Gateway.

Cloud Endpoints Security

Cloud Endpoints + Auth0 — For serving your service - Looking on option using Auth0 to auth in Cloud Endpoints in GCP.

App Engine Security

Attackers are abusing Google’s App Engine to circumvent Enterprise Security Solutions…Again! - How App Engine property of multiple hostnames support can be misused for phishing and malware purposes.

Cloud SQL Monitoring

Monitoring GCP Cloud SQL PostgreSQL with Percona PMM - Monitor CloudSQL PostgreSQL with Percona PMM. An opensource tool to monitor the GCP CloudSQL PostgreSQL based on postgres_exporter.

Cloud Storage Compute Engine

Optimize data transfer between Compute Engine and Cloud Storage - Are you experiencing slow transfer speeds between your GCE VM and a Cloud Storage bucket? Read on to learn how to maximize throughput.

App Engine Beginner Tutorial

Deploying your React App With Google App Engine - Step by step tutorial to deploy React App on App Engine.

Big Data, Analytics, ML&AI

BigQuery Cloud Run Data Analytics gRPC Serverless

Serverless Log Data Ingestion Pipelines - Manage your data, not infrastructure & I like protobuf for real-time analytics!

BigQuery Data Analytics Official Blog

Data warehouse migration tips: preparation and discovery - In this post, we’ll explore a few important questions that come up during the initial preparation and discovery phase for data warehouse migration.

BigQuery

BigQuery Explained: Data Ingestion - Know your options to load data into BigQuery. This post dives into batch ingestion and introduce streaming, data transfer service and more.

BigQuery Data Science GIS

A beginner’s Guide to Google’s BigQuery GIS - Get started free with Google Big Query GIS with this step by step tutorial.

BigQuery

Analyze BigQuery Query performance with Query Visualiser - Visualize Query execution flow to identify bottlenecks.

BigQuery

BigQuery UPSERT with EXECUTE IMMEDIATE - Using dynamic UPDATE or INSERT queries in BigQuery.

BigQuery Jupyter Notebook Public Datasets Python

Python Bar Chart Race Animation: COVID-19 Cases - Analyzing and visualizing the COVID-19 public dataset.

Cloud Functions Cloud Speech API Machine Learning Python

Analyze Your Call Recordings With Google AI - An example of how Cloud Speech can be used to transcribe call center phone calls.

Various

GCP Experience Official Blog Windows

Driving change: How Geotab is modernizing applications with Google Cloud - Over time, Geotab converted production servers running Windows Server to containers and open source, saving hundreds of thousands of dollars.

GCP Certification Machine Learning

Craving for ML: My Reflection on GCP Professional Machine Learning Engineer Exam - Preparing for the Machine Learning certification exam.

Slides, Videos, Audio

GCP Podcast - #236 IKEA Retail (Ingka Group) with Matthew Lawson.

Kubernetes Podcast - #121 TiKV, TiDB and PingCAP, with Ed Huang.

 

Releases

Anthos - Anthos 1.4.3 is now available. Anthos 1.3.4 is now available.

BigQuery - Beginning in late 2020, all BigQuery predefined roles with permission to create jobs, including queries, will also be able to get information about their own jobs and cancel their own jobs. The BigQuery Data Transfer Service is now available in the following regions: Los Angeles (us-west2), São Paolo (southamerica-east1), South Carolina (us-east1), Hong Kong (asia-east1) and Osaka (asia-northeast2).

BigQuery Transfer - The BigQuery Data Transfer Service is now available in the following regions: Los Angeles (us-west2), São Paolo (southamerica-east1), South Carolina (us-east1), Hong Kong (asia-east1) and Osaka (asia-northeast2).

CDN - Cache Modes, TTL overrides and custom response headers are now supported on backend buckets and backend services, and are available in beta. External HTTP(S) Load Balancing now supports setting custom response headers on backend buckets and services.

Cloud Composer - New versions of Cloud Composer images: composer-1.12.0-airflow-1.10.3, composer-1.12.0-airflow-1.10.6, composer-1.12.0-airflow-1.10.9, and composer-1.12.0-airflow-1.10.10. Airflow 1.10.10 is now available. Validation has been added to prevent setting DAG serialization and async DAG bag loading at the same time.

Compute Engine - You can now migrate a VM instance from one network to another. Troubleshoot VMs by capturing a screenshot from the VM. SSD persistent disks attached to certain VMs with at least 64 vCPUs can now reach 100,000 write IOPS. Compute-optimized (C2) machine types are now available in Sydney, Australia australia-southeast1-a.

Dataproc - New sub-minor versions of Dataproc images: 1.3.69-debian10, 1.3.69-ubuntu18, 1.4.40-debian10, 1.4.40-ubuntu18, 1.5.15-debian10, 1.5.15-ubuntu18, 2.0.0-RC11-debian10, and 2.0.0-RC11-ubuntu18. All image versions Upgrade Conscrypt to version 2.5.0. Image 2.0 preview Enable outbound private IPv6 Google APIs access from cluster nodes by default.

Datastore - You can now use the goog-firestoremanaged billing report label to view costs related to export and import operations. The gcloud datastore index create and gcloud datastore index cleanup commands now require gcloud version 279.0.0 or greater.

Cloud Firestore - You can now use the goog-firestoremanaged billing report label to view costs related to import and export operations.

GKE on Prem - Anthos GKE on-prem 1.4.3-gke.3 is now available. Fixes: Fixed CVE-2020-14386 described in Security Bulletin. Anthos GKE on-prem 1.3.4-gke.3 is now available. Fixes: Fixed CVE-2020-14386 described in Security Bulletin.

Cloud Healthcare API - v1beta1. You can now configure a ParserVersion in an HL7v2 store, which allows you to set the version of the unschematized parser.

IAM - The issue with undeleting service accounts has been resolved.

Istio on GKE - 1.4.x. There is a known issue with the upgrade from GKE 1.16 to 1.17.

Google Kubernetes Engine - If you have the Istio on GKE add-on enabled on a cluster, there is a known issue with the upgrade from GKE 1.16 to 1.17. GKE cluster versions have been updated. The following Kubernetes versions are now available for new clusters and for opt-in master upgrades and node upgrades for existing clusters. No channel Note: Your clusters might not have these versions available. GKE cluster versions have been updated. The following Kubernetes versions are now available for new clusters and for opt-in master upgrades and node upgrades for existing clusters. No channel Note: Your clusters might not have these versions available. A vulnerability was recently discovered in the Linux kernel, described in CVE-2020-14386, that may allow container escape to obtain root privileges on the host node.

Load Balancing - Added total latency to external HTTP(S) load balancer Cloud Logging entries. The External HTTP(S) Load Balancer now supports setting custom response headers on backend buckets and services.

Cloud Logging - In the Logs Viewer (Preview), you can now pin log entries within the Query results and Histogram panes. In the Logs Viewer (Preview), you can now view a log entry in its resource context. You can now copy a link to a log entry in the Logs Viewer (Preview). Cloud Logging now offers the ability to view a history of your ran queries through the Recent queries tab.

Cloud SQL Postgres - Cloud SQL now offers serverless export. The following PostgreSQL minor versions have been upgraded: PostgreSQL 9.6.16 is upgraded to 9.6.18.

Cloud Video Intelligence API - "Bug fix for shot change detection API: Tuned internal model parameters to reduce false positives under certain scenarios.

Migrate for Compute Engine 4.8 - 4.11. There is no longer a requirement that the subnet of the deployment cluster is under the same network as the Cloud Extension.

Anthos GKE on-prem - Anthos GKE on-prem 1.4.3-gke.3 is now available. Fixes: Fixed CVE-2020-14386 described in Security Bulletin. Anthos GKE on-prem 1.3.4-gke.3 is now available. Fixes: Fixed CVE-2020-14386 described in Security Bulletin.

 

Latest Issues




Contact

Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: zdenko@gcpweekly.com