Welcome to issue #215 November 9th, 2020

News

Cloud SQL Official Blog

Cloud SQL now supports PostgreSQL 13 - Fully managed Cloud SQL cloud database service now supports PostgreSQL 13.

Document AI Official Blog

Introducing Document AI platform, a unified console for document processing - Document AI Platform is a unified console for document processing in the cloud.

Cloud CDN Networking Official Blog

Cache me if you can with latest Cloud CDN features - New features in Cloud CDN make it easier to start caching content, or manage your settings.

Google Cloud Platform Official Blog

What’s new with Google Cloud - Find newest updates, announcements, resources, events, learning opportunities, and more in one handy location.

 

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Official Blog Security

The Cloud trust paradox: To trust cloud computing more, you need the ability to trust it less - Cloud providers should build technologies that allow organizations to benefit from cloud computing while decreasing the amount of trust they need to place into the providers themselves.

Container Registry Official Blog

Hack your own custom domains for Container Registry - By deploying a serverless reverse proxy, you can customize the behavior of your Container Registry and achieve things like serving images on a custom domain.

Kubernetes Networking

Content-based routing using Kubernetes Ingress - In this article, we will see the features Kubernetes Ingress provides for content-based routing and traffic control inside the cluster.

Terraform

Multi GCP environments with Terraform: from local backend to TF Cloud - An example of how you can manage multiple GCP environments with Terraform Cloud.

Google Kubernetes Engine Kubernetes Monitoring

Troubleshooting services on GKE - Using a new GKE monitoring dashboard to troubleshoot an incident.

Security

Using Short Lived Credentials for GCP - Solving the problem of accidentally leaking your GCP Credentials.

Cloud Identity Aware Proxy IAM Terraform

Reducing your attack surface in GCP with IAP - Reducing attack surface by using Google Identity Aware Proxy.

AWS Security

Exchange AWS Credentials for GCP Credentials using GCP STS Service - Sample procedure and referenced library that will exchange a long term or short term AWS credential for a GCP credential.

Security

Exchange Generic OIDC Credentials for GCP Credentials using GCP STS Service - Procedure and referenced library that will exchange an arbitrary OIDC id_token for a GCP credential.

App Development, Serverless, Databases, DevOps

Apigee Official Blog SAP

Apigee: Your gateway to more manageable APIs for SAP - Google Cloud tools including Apigee API management help companies to do more with their SAP systems, from data monetization to faster innovation.

Cloud Operations Cloud Profiler DevOps GCP Experience Official Blog

How Mercari reduced request latency by 15% with Cloud Profiler - Tools like Cloud Profiler and Cloud Trace helped DevOps teams at Mercari track down problems and improve latency of their service.

AI Dialogflow GCP Experience

Big companies love Google Cloud for building the ultimate chat stack, and why we do, too. - How Botcopy is using Dialogflow.

Cloud Run Official Blog

3 Ways to optimize Cloud Run response times - Learn three simple ways to optimize Cloud Run response times by tuning services and creating leaner container images.

CI Cloud Run Python

Deploy To Google Cloud Run Using Github Actions - A CI/CD solution with GitHub Actions and Cloud Run.

Cloud Storage

Google Cloud SFTP/FTP Gateway - Couchdrop is a solution that lets you connect to your Google Cloud storage via SFTP/FTP connection.

Cloud Build

How to send Telegram Notifications with Google Cloud Build - This article is a quick how-to after struggling with Google Cloud Build about how to send notifications when a build has failed or is successful.

Docker Security

Use Google Cloud user credentials when testing containers locally - Testing container locally requires authentication and bad practices are easy to achieve. Here a simple solution to test securely.

Cloud Functions Javascript Networking NoSQL VPC

Connecting Google Cloud Functions With MongoDB Atlas - Connect your serverless architecture on GCP using Cloud Functions to your MongoDB Atlas database using network peering and private clouds.

Cloud Spanner

Google Cloud Spanner — Critical Concepts - This article details some of the concepts worth understanding when working with Cloud Spanner.

Cloud Spanner

Google Cloud Spanner Nodes - An in-depth explanation of Cloud Spanner Nodes.

Big Data, Analytics, ML&AI

BigQuery Cloud Dataflow Cloud Dataproc Python

BigFlow — a Python framework for data processing on GCP - BigFlow is a Python framework for big data processing on GCP.

BigQuery Cloud SQL Kubernetes

Automate your Cloud SQL data synchronization to BigQuery with Airflow - Secure your data and workloads using private IP connectivity and Cloud SQL proxy.

Apache Beam Cloud Dataflow Tutorial

Getting Started with Snowflake and Apache Beam on Google Dataflow - Getting started with data processing pipelines on GCP using Apache Beam together with Snowflake.

Apache Beam

It’s All Just Wiggly Air: Building Infrastructure to Support Audio Research - Klio is a framework from Spotify based on Apache Beam designed for building smarter data pipelines for audio and other binary files.

AWS BigQuery

Move data from AWS RDS PostgreSQL to GCP BigQuery with Data Pipeline — Part 1 - The article (Part 1 or 2) describes how to automatically move data from RDS PostgreSQL database to a dataset hosted on Google Cloud so that you can manipulate your data through BigQuery.

AWS BigQuery

Move data from AWS RDS PostgreSQL to GCP BigQuery with Data Pipeline — Part 2 - The article (Part 2 or 2) describes how to automatically move data from RDS PostgreSQL database to a dataset hosted on Google Cloud so that you can manipulate your data through BigQuery.

Big Data Data Analytics Docker

A step-by-step guide deploying Amundsen on Google Cloud Platform - Amdunsen is Lyft’s Data Discovery Platform and metadata engine. It helps the data team to be more productive by saving time spent in the discovery phase — less time searching, more time finding.

BigQuery

Simple automated data cleaning in BigQuery - A query to remove outliers in data.

AI Data Science Machine Learning

Google Cloud AI Platform: Hyper-Accessible AI & Machine Learning - In this first article of the series, we present an over of Google AI Platform, exploring the services available to modern data science.

Data Analytics Official Blog

The democratization of insights: Empowering data analysts and business users - We explore how what it means to be “data-driven” has changed over time, and how Google Cloud is helping customers push those boundaries today.

Various

GCP Certification

Udemy courses from Dan Sullivan for free until 11/10/2020 15:11 PM PST - A url for the first course is in the title, second one here: https://www.udemy.com/course/google-certified-associate-cloud-engineer-2019-prep-course/?couponCode=378492C9C64770D1F9B0.

DevOps GCP Certification

Notes from my Google Cloud Professional DevOps Engineer Certification Exam - Preparing for, writing, and passing the Google Cloud Professional DevOps Engineer Certification.

GCP Certification

Pass GCP Cloud Architect and Data Engineer Professional Certifications in 30 days - Passing both the Google Cloud Platform Professional Data Engineer and Architect Certification exams within 30 days.

DevOps GCP Certification

How I prepared for GCP Professional DevOps certification exam - Topics to go through when preparing for the DevOps certificate exam.

GCP Certification

Preparing for the Associate Cloud Engineer Exam ☁️ - A short course of journey about appearing for the Associate Cloud Engineer exam.

Slides, Videos, Audio

Kubernetes Podcast - #128 Antrea, with Antonin Bas.

GCP Podcast - 2020 Year End Wrap Up.

 

Releases

Anthos - Anthos 1.4.4 is now available. Anthos 1.3.5 is now available.

BigTable - The default data points used for disk load charts on the Cloud Bigtable Monitoring page have changed to reflect the maximum for a displayed alignment period.

CDN - Added a new tutorial for configuring Cloud CDN with a serverless app: Setting up Cloud CDN with Cloud Run, Cloud Functions, or App Engine. You can now configure cache modes, cache TTLs and set custom response headers in the Cloud Console, in addition to the existing gcloud and REST API support.

Cloud Build - Users can now build containers without a Dockerfile or a Cloud Build config file using Cloud Native Buildpacks.

Config Connector - Config Connector version 1.29.0 is now available. Field descriptions now document immutability. DataflowJob labels are now mutable.

Cloud Dataflow - Dataflow now supports Dataflow Shuffle, Streaming Engine, FlexRS, and the following regional endpoints in GA: us-west2 (Los Angeles) southamerica-east1 (São Paulo) europe-west6 (Zurich) asia-south1 (Mumbai). Pub/Sub I/O metrics in the Dataflow and Cloud Monitoring UIs may be unavailable for Dataflow jobs using Streaming Engine.

Dialogflow - Dialogflow CX now supports the same languages as Dialogflow ES. Since October 2020, Dialogflow ES no longer automatically creates service accounts upon agent creation.

GKE on Prem - Anthos GKE on-prem 1.4.4-gke.1 is now available. Fixes: Updated Istio Ingress (Kubernetes) Custom Resource Definitions (CRDs) to use v1beta1. Anthos GKE on-prem 1.3.5-gke.2 is now available. Fixes: Fixed CVE-2020-8558 described in Security Bulletin.

Cloud Healthcare API - v1. The Cloud Healthcare API offers single-region support in the europe-west6 (Zurich, Switzerland) region.

Google Kubernetes Engine - The following GKE features are now available. Node pools running GKE 1.18 and higher can now be configured to use local SSD for ephemeral storage with emptyDir volumes. GKE cluster versions have been updated. The following Kubernetes versions are now available for new clusters and for opt-in master upgrades and node upgrades for existing clusters. No channel Note: Your clusters might not have these versions available. Support for Legacy Logging and Monitoring for Google Kubernetes Engine is extended to GKE 1.15. GKE cluster versions have been updated. The following Kubernetes versions are now available for new clusters and for opt-in master upgrades and node upgrades for existing clusters. No channel Note: Your clusters might not have these versions available. The following versions are no longer available for new clusters or cluster upgrades: 1.17.12-gke.1501. 1.18.9-gke.1501. There is a known issue with Config Connector component versions 1.24.0 and 1.25.0. GKE cluster versions have been updated. The following Kubernetes versions are now available for new clusters and for opt-in master upgrades and node upgrades for existing clusters. No channel Note: Your clusters might not have these versions available. The following versions are no longer available for new clusters or cluster upgrades: 1.17.9-gke.1504. 1.17.9-gke.6300.

Cloud Logging - By using the new gcloud command and API for live tailing, you can now stream your logs in real time as your applications write them to the Cloud Logging API. Beta release: You can set the region in which you want to store your logs data.

Cloud Monitoring - Enhancements to the VM Details page.

Cloud SQL Postgres - PostgreSQL version 13 is now generally available.

VPC Service Controls - Preview support for the following integration: Transfer Appliance.

Anthos GKE deployed on-prem - Anthos GKE on-prem 1.4.4-gke.1 is now available. Fixes: Updated Istio Ingress (Kubernetes) Custom Resource Definitions (CRDs) to use v1beta1. Anthos GKE on-prem 1.3.5-gke.2 is now available. Fixes: Fixed CVE-2020-8558 described in Security Bulletin.

Dialogflow Enterprise - Dialogflow CX now supports the same languages as Dialogflow ES. Since October 2020, Dialogflow ES no longer automatically creates service accounts upon agent creation.

Service Mesh - 1.7.x. 1.7.3-asm.6 is now available. Anthos Service Mesh 1.7 is compatible with and has the feature set of Istio 1.7, subject to the list of Anthos Service Mesh supported features. Added support for on-premises secure key management, provided by Thales Luna HSM 7+ and Hashicorp Vault. Added a shell script to automate Anthos Service Mesh installation and migration from Istio 1.6. Added revision label support to sidecar injection for greater control over various scenarios, such as canary upgrades and more. The beta validation tool asmctl is retired and the lessons learned are built into the new, streamlined Anthos Service Mesh install script. If you use unsupported Istio features in your Anthos Service Mesh deployment, see Istio upgrade notes for changes that might affect you.

Secret Manager - Secret Manager support for Customer-Managed Encryption Keys (CMEK) is available to all customers via public preview.

Anthos GKE on AWS - Anthos GKE on AWS 1.5.1-gke.1 is now available and clusters run on 1.16.15-gke.701 and v1.17.9-gke.2801. You can now use Private Google Access to provision images for your GKE on AWS environment. Bug fixes and performance improvements.

 

Latest Issues




Contact

Zdenko Hrček
Třebanická 183
Prague, Czech Republic
Phone: +420 777 283 075
Email: [email protected]