Google Cloud Platform Newsletter

Check Archive for older issues

News

Introducing Cloud SQL Enterprise Plus: New edition delivers up to 3x MySQL performance - Announcing the Cloud SQL Enterprise Plus edition for MySQL and PostgreSQL, boosting performance, availability and data protection capabilities.

Improve training time of distributed machine learning with NCCL Fast Socket - NCCL Fast Socket uses a number of techniques to achieve better and more consistent NCCL performance.

Introducing the latest in cloud-based maps styling - Starting today we will be rolling out a new Experimental release of cloud-based maps styling for the Maps JavaScript API to give you more control over the look and feel of your maps than ever before.

Operational goodies for your IPv4/IPv6 dual-stack Kubernetes clusters - New features to GKE networking expand protection for inbound and outbound IPv6 traffic, making your workloads more available, secure, and observable.

DevOps Awards Winner VMO2 on how to achieve continuous improvement with DORA - To overcome its technical debt, VMO2 partnered with Google Cloud around three key pillars: DevOps, MLOps, and Analytics Engineering.

DevOps Awards winner Sabre on nurturing team culture - Sabre worked closely with Google Cloud to transform its system and company culture to make better use of the cloud.

New ways for Google Cloud partners to develop and demonstrate deep product expertise - Google Cloud partners can take advantage of new incentives and product-specific Premier levels to support customer success.

---

DoiT

Expert support, on demand. Imagine having a direct line to over 150 senior cloud architects for any cloud-related question or issue you encounter. With thousands of cloud questions and issues resolved, DoiT is your gateway to world-class cloud expertise. All from a Google Cloud Partner.

---

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Buy or build? A Framing Up FinOps case study on advanced reporting - When UKG decided it needed to clarify the organization’s cloud costs, they formed a FinOps team and began reporting on their Google Cloud spend.

Setting resource requests: the key to Kubernetes cost optimization - Easily optimize your Kubernetes workloads with GKE's Workloads At Risk dashboard; detect and address risk before performance.

Simplify troubleshooting in Google Kubernetes Engine with new playbooks - New playbooks can help detect issues automatically and provide support when troubleshooting your GKE environment.

Controlling Pod Egress Traffic with FQDN Network Policies on GKE Dataplane V2 - This blog will show you how to use the new FQDN Network Policy to control egress communication between Pods and resources outside the GKE cluster.

External Secrets Operator: A Cloud Native Secret Management Solution - This blog post aims to shed light on the advantages of adopting External Service Operator and offers a guide to help you get started.

Access Cloud Storage buckets as Volumes in GKE - This blog post explores the process of utilizing the FUSE driver to mount Cloud Storage buckets as persistent volumes.

App Development, Serverless, Databases, DevOps

Accelerate your Multiplayer Game Development with the Global Scale Multiplayer Demo - Global Scale Multiplayer Demo provides guidelines, architecture patterns and building blocks that you can use to build your next game.

Managed containers: An enterprise standard at Colgate-Palmolive - Teams at Colgate can choose between GKE and Cloud Run for cloud-based applications.

Save time, money and modernize your legacy database estate .... but first assess - Announcing an enterprise-grade open-source database migration assessment tool for Oracle, SQL Server to Google Cloud databases.

Buffer workflow executions with a Cloud Tasks queue - Manage your workflow executions by utilizing cloud tasks queues and avoid exceeding quotas.

Deploying a Golang Web App to Google Cloud Run: A Step-by-Step Guide - In this guide, we will walk through the process of deploying a Golang web app to Google Cloud Run using Docker.

CloudSQL Editions - An overview of new CloudSQL Editions.

Spring Native and Serverless with Spring Boot apps on Google Cloud! - This blog is part 3 of the 5-part Spring Boot on Google Cloud series. Read Part 1 and Part 2 if you missed it previously.

Minimize your ecommerce data TCO with Local SSD and Isima’s bi(OS) - Isima’s bi(OS) data stack uses Compute Engine instances and Local SSD to deliver a competitive offering for ecommerce and retail.

Big Data, Analytics, ML&AI

How Bank Jago optimized its customer onboarding system with GPU time-sharing and spot instances - To enhance its customer onboarding process, Bank Jago implemented an OCR system on Google Cloud, tapping GPU time-sharing to drive higher performance.

Join optimizations with BigQuery primary keys and foreign keys - Understand how unenforced Key Constraints can benefit queries in BigQuery.

ETL Batch pipeline with Cloud Storage, Cloud Run and BigQuery orchestrated by Airflow/Composer - This article shows a complete use case with an ETL Batch Pipeline on Google Cloud.

How we cut BigQuery costs by 80% by identifying and optimizing costly query patterns - A guide to identifying your costliest users, building interactive dashboards, root-causing and optimizing queries, and ongoing alerting.

Using BigQuery Omni with AWS - BigQuery Omni lets you run BigQuery analytics on data stored in AWS S3.

MLOps With Kubeflow Pipelines (Part 1) - Accelerating Machine Learning Operations with Kubeflow Pipelines.

Summarize Audio Like a Maestro with Langchain, Chirp, PaLM2 on Vertex AI - This article shows you how to build audio summarization app using LangChain in combination with PaLM 2 API and Chirp.

Generative AI - Learn the LangChain Basics by Building a Berlin Travel Guide - LangChain is a framework that’s like a Swiss army knife for large language models (LLMs).

Various

How to build an optimized infrastructure without burning out your IT team - How to build an optimized infrastructure that meets today’s and tomorrow’s needs without burning out your IT team in the process.

Slides, Videos, Audio

Security Podcast - #129 How CISO Cloud Dreams and Realities Collide.

Releases

Anthos clusters on Azure - You can now launch clusters with the following Kubernetes versions: 1.24.14-gke.1400 1.25.10-gke.1200 1.26.5-gke.1200. 1.25 Migrated node pool metrics agent and metrics server to authenticated kubelet port. 1.26 Fixed an issue where Kubernetes 1.26.2 incorrectly applied the default StorageClass to PersistentVolumeClaims with the deprecated annotation volume.beta.kubernetes.io/storage-class. This release fixes the following vulnerabilities: CVE-2023-2727 CVE-2023-2728 CVE-2023-0468. Applications may experience timeouts due to netfilter connection tracking (conntrack) table insertion failures.

Anthos clusters on VMware - Anthos clusters on VMware 1.15.2-gke.44 is now available. The following issues are fixed in 1.15.2-gke.44: Fixed a bug where after an upgrade to 1.15, clusters used the non-high-availability (HA) Connect Agent. The following vulnerabilities are fixed in 1.15.2-gke.44: High-severity container vulnerabilities: CVE-2023-1999 Container-optimized OS vulnerabilities: CVE-2023-2609.

Apigee X - On July 12, 2023, we released an updated version of Apigee X. Preview release of non-VPC peering option for Apigee provisioning Apigee now supports a provisioning option that does not require VPC peering. On July 10, 2023, we released an updated version of Apigee X (1-10-0-apigee-5). Bug ID Description 289254725 Implemented fix to prevent failure of proxy deployments that include the OASValidation policy. Bug ID Description 273693152 Fixed SAMLAssertion policy parsing to limit the number of entities that will be parsed to 10000.Any attempt to parse more than 10000 entities will generate an error.

AppEngine Flexible PHP - PHP 7.4, 8.1, and 8.2 are now generally available.

Artifact Registry - Cleanup policies for Artifact Registry are now in Preview. Starting July 11, 2023, Artifact Registry write requests and delete requests have their own quotas.

Assured Workloads for Goverment - v1. The following compliance programs now support the list of products below: Australia Regions with Assured Support Canada Regions and Support Canada Protected B Israel Regions and Support US Regions and Support The following products are now supported.

Bare Metal Solution - To create a client network, the Google Cloud console intake form now accepts VLAN attachment names and project number instead of pairing keys if your VLAN attachments are in a different project.

BigQuery ML - The following BigQuery ML feature preprocessing functionality is now generally available (GA). Custom holiday modeling for time series forecasting is now in preview.

BigTable - Committed use discounts are now generally available (GA) for Cloud Bigtable in exchange for a commitment to continuously spend a certain amount on Bigtable nodes for one year or three years.

CDN - The Cloud CDN private origin authentication capability for Amazon Simple Storage Service (Amazon S3) and compatible object stores is now Generally Available.

Chronicle - The following supported default parsers have changed. Chronicle Curated Detections has been enhanced with new detection content for Linux threats. Chronicle provides multiple methods to define how data in original raw logs are parsed and normalized to a Unified Data Model (UDM) record.

Cloud Composer - Cloud Composer 2.3.4 release started on July 12, 2023. Airflow 2.5.3 is available in Cloud Composer images. Fixed the retrying of transient errors in Composer Agent when creating Cloud Composer 2 environments. (Available without upgrading) The default amount of memory available to the web server, schedulers, and workers is changed from 3.75 GB per CPU core to 4 GB per CPU core. (Available without upgrading) Improved the performance of DAG UI in Private IP environments. Cloud Composer 2.3.4 images are available: composer-2.3.4-airflow-2.5.3 (default) composer-2.3.4-airflow-2.5.1 (default) composer-2.3.4-airflow-2.4.3. Cloud Composer versions 2.0.20 and 1.19.3 have reached their end of full support period.

Compute Engine - Generally available: You can enable faster network packet processing by using the Data Plane Development Kit (DPDK). Preview: You can use instant snapshots to take in-place disk backups that can be restored to new disks under a minute.

Config Connector - Config Connector version 1.106.0 is now available. Added support for customization on cnrm-webhook-manager pods resource requests/limits. Added support for RunJob resource. Optimized HPA rule for cnrm-webhook-manager with new memory targetAverageUtilization. Added support for KMS key deletion when being orphaned. Disabled abandon-on-uninstall webhook. Resource VPCAccessConnector(v1beta1): Added status.selfLink field. Resource ComputeDisk(v1beta1): Added spec.guestOsFeatures field. Resource ComputeImage(v1beta1): Added spec.storageLocations field. Resource DataflowFlexTemplateJob(v1beta1): Added status.type field. Resource DatastreamStream(v1alpha1): Added spec.sourceConfig.mysqlSourceConfig.maxConcurrentBackfillTasks field. Resource GKEHubFeature(v1beta1): Added spec.spec.fleetobservability field. Resource MonitoringAlertPolicy(v1beta1): Added spec.alertStrategy.notificationChannelStrategy field. Resource SQLInstance(v1beta1): Added spec.settings.advancedMachineFeatures field. Resource StorageTransferJob(v1beta1): Added spec.transferSpec.awsS3DataSource.path field.

Dataproc - New Dataproc on Compute Engine image versions: 2.0.69-debian10, 2.0.69-rocky8, 2.0.69-ubuntu18 2.1.17-debian11, 2.1.17-rocky8, 2.1.17-ubuntu20.

Datastore - Support for Firestore in Datastore mode point-in-time recovery (PITR) feature that provides protection against accidental deletion or writes is now available in Preview. Support for the northamerica-northeast2 (Toronto) region.

Cloud Deploy - Cloud Deploy now supports Skaffold version 2.6.

Dialogflow - Dialogflow CX now supports speech recognition model selection.

Cloud Firestore - Support for Firestore point-in-time recovery (PITR) feature that provides protection against accidental deletion or writes is now available in Preview. Support for the northamerica-northeast2 (Toronto) region.

Google Kubernetes Engine - New Autopilot clusters created with version 1.27.3-gke.100 or later are now provisioned with e2-small default nodes, which are removed immediately after cluster creation. The managed Cloud Storage FUSE CSI driver for GKE is now GA in versions 1.26.5 and later. GKE Dataplane V2 observability is now available in Public Preview starting in GKE versions 1.26.4-gke.500 or later, or 1.27.1-gke.400 or later. Revision for the release note announced on June 26, 2023 Starting August 2023, Cloud DNS will become the default DNS provider for new GKE Autopilot clusters created with version 1.25.9-gke.400 or later, or version 1.26.4-gke.500 or later (effectively replacing kube-dns). In GKE version 1.24 and later, new beta APIs are, by default, disabled in new clusters. You can now troubleshoot common GKE issues by using the new "interactive playbook" dashboards in Cloud Monitoring: unschedulable pods and crashlooping containers. Starting in GKE version 1.27, cluster autoscaler always considers Compute Engine Reservations when making the scale-up decisions. The new release of the GKE Gateway controller (2023-R2) is now generally available.

Load Balancing - Global external Application Load Balancers now support Shared VPC configurations where the load balancer's forwarding rule, target proxy, and URL map, can be created in a host or service project, while the backend services and backends can be distributed across multiple service projects in the Shared VPC environment.

Cloud Logging - Time ranges are now synchronized between select Logging and Monitoring pages.

Network Connectivity Center - Connecting VPC networks by using Network Connectivity Center is now available in Preview.

Security Command Center - Recommendations from the IAM recommender are now available as findings in Security Command Center in a Preview release.

SAP Solutions - Preview: Guided Deployment Automation in Workload Manager for SAP The preview release of the Guided Deployment Automation tool in Workload Manager is available.

Cloud SQL MySQL - Cloud SQL now offers two editions of Cloud SQL to support your various business and application needs: Cloud SQL Enterprise Plus edition and Cloud SQL Enterprise edition. Cloud SQL now supports cancelling the import and export of data into Cloud SQL for MySQL instances. MySQL 5.7.40 has been upgraded to 5.7.42.

Cloud TPU - Cloud TPU now supports TensorFlow 2.13.0.

Traffic Director - Read Envoy Security Bulletin CVE-2023-35945 about Envoy security vulnerabilities and update Envoy proxies in your Traffic Director installation to Envoy release 1.24.9, 1.25.8 or 1.26.3.

Transcoder API - Content encryption (DRM) is now supported. Job processing optimizations can now be disabled. You can now set the priority of individual jobs in batch mode.

Vertex AI - Support for batch text (text-bison) requests is now available in (GA). Support for PaLM 2 for Chat (chat-bison) is now available in (GA).

VPC Service Controls - The Quota page displays only the default quota limits and doesn't include any additional quotas provided by Google.