google cloud platform intro why gcp
play

Google Cloud Platform Intro Why GCP? Student-friendly Credits - PowerPoint PPT Presentation

Jul 23, 2023 •1.16k likes •1.64k views

Google Cloud Platform Intro Why GCP? Student-friendly Credits without credit-cards Ability to use pdx.edu accounts for credits Per-second billing Supports open-source APIs and tools to avoid vendor lock-in Go Kubernetes

  1. Google Cloud Platform Intro

  2. Why GCP?  Student-friendly  Credits without credit-cards  Ability to use pdx.edu accounts for credits  Per-second billing  Supports open-source APIs and tools to avoid vendor lock-in  Go  Kubernetes  TensorFlow*  Carbon-neutral since 2007  Abstractions the same across cloud providers Portland State University CS 410/510 Internet, Web, and Cloud Systems

  3. Why GCP?  Generous free-tier  App Engine  28 instance-hours per day  Cloud Datastore  1GB storage, 50k reads, 20k writes, 20k deletes  VisionAPI  1k units/month  Unit == feature (e.g. facial detection)  BigQuery  Arbitrary loading, copying, exporting  First TB of processed data in queries free  But, $0.02 per GB per month storage Portland State University CS 410/510 Internet, Web, and Cloud Systems

  4. Projects  Many companies with multiple sites  Each site needs its own  Security/access control policies, permissions, and credentials  Billing account with separate credit-card/bank accounts  Resource and quota tracking  Set of enabled services and APIs (most are default OFF and turn on once first used)  Project abstraction encapsulates this collection  Google has 100,000+ projects on GCP to run its sites  Contains all resources associated with site and the ability to set permissions on them Portland State University CS 410/510 Internet, Web, and Cloud Systems

  5. Regions and zones in GCP  Regions: geographic areas where data centers reside  us-west, us-east, us-central  Consist of collections of zones  Zones: isolated location within region  https://cloud.google.com/compute/docs/regions-zones/ Portland State University CS 410/510 Internet, Web, and Cloud Systems

  6. Access to resources  Also programmatic access in many languages (JavaScript, Python, Go, Java, Ruby) Portland State University CS 410/510 Internet, Web, and Cloud Systems

  7. Command-line GCP  Install SDK on your local VM ( google-cloud-sdk) to get commands  https://cloud.google.com/sdk/docs/quickstart-debian- ubuntu  gcloud  gsutil (Cloud Storage)  bq (Big Query)  Docker image docker pull google/cloud-sdk Portland State University CS 410/510 Internet, Web, and Cloud Systems

  8. Command-line GCP  Google Cloud Shell  Command-line access to cloud resources via web browser  Containerized version of Linux with the latest gcloud SDK running on a ComputeEngine instance  Has nano , vim , emacs , python2/3 , virtualenv , etc. Portland State University CS 410/510 Internet, Web, and Cloud Systems

  9. Google Cloud Storage

  10. Google file system (GFS) 2003  Google search engine  Retrieving, storing, and querying of web pages at massive scale  Performance requirements  Management costs  File system designed to support Google Search  Massive data sets  High-throughput, low-latency querying  Durability and availability  Very little management overhead  Dead disks simply replaced and system seamlessly adapts  https://research.google.com/archive/gfs-sosp2003.pdf  But, initially proprietary  Yahoo! later reverse-engineered GFS  Released as Hadoop Distributed File System (HDFS).  Open-sourced and distributed by Apache  More later… Portland State University CS 410/510 Internet, Web, and Cloud Systems

  11. Google Cloud Storage (gcs)  Commercial iteration of GFS  AWS equivalent is S3  Storage done via "buckets"  Fully-managed, no-ops storage service  No administration or capacity management  Backed up and versioned automatically  Replicated and cached over multiple zones/regions  Can be fixed to a region based on location of computation  Can set multi-region if serving multimedia files to a global population  Replicas automatically adapt to load and access patterns to achieve high availability and throughput  Low latency: 10s of ms on first use, then faster via migration  Data encrypted at rest when not being used and in flight  Key sharding with parts of keys in multiple jurisdictions  But, unencrypted when being used  Massive scale  Autism Speaks: 1300 genomes and > 100 TB of data  Projected to 10,000 genomes > 1 PB of data Portland State University CS 410/510 Internet, Web, and Cloud Systems

  12. Applications  Good for large unstructured data that does not need to be queried  Images, Video, Zip files  Structured data that needs to be queried should use DBs  Used to feed and store data and logs from all cloud services  BigQuery, App Engine, Cloud SQL, ComputeEngine, Dataflow/Dataproc, Etc..  Access via many methods  gcloud SDK, Web interface, REST API  Client libraries in Python, Java, PHP, Go Portland State University CS 410/510 Internet, Web, and Cloud Systems

  13. Security, IAM

  14. Cloud security  In this context, enterprise security  Security of the infrastructure running the applications  Developers, operations, accounting access to cloud resources  Securing the applications  See CS 495/595: Web Security  Some things shared Portland State University CS 410/510 Internet, Web, and Cloud Systems

  15. Traditional enterprise security  Castle-moat model where trusted access only from within internal networks  Firewalls filter external traffic entering enterprise network  VPNs for accessing internal services from an external device  Implicit trust for machines within internal network  Issues  Enterprise laptops infected on home networks and then moved inside enterprise (WannaCry)  Rogue insider with full-access to network and intranet (Edward Snowden)  Rogue scripts accessing internal network (DNS rebinding) Portland State University CS 410/510 Internet, Web, and Cloud Systems

  16. Cloud security  Deperimiterization of network  Valid access to cloud resources can come from anywhere  Network boundaries that separate “internal” and “external” no longer applicable  Crux of "zero- trust networks" and Google’s BeyondCorp approach https://www.beyondcorp.com/  Building applications on top of networks you can not trust  Reaction against Aurora operation 2009  Trust built not from where you connect from (e.g. internal network or VPN), but on strong authentication of user and integrity of the device  Restrict kinds of access based on your overall security posture Portland State University CS 410/510 Internet, Web, and Cloud Systems

  17. IAM (Identity and Access Management)  AWS and GCP approach for implementing cloud security policies  Largely similar (i.e. copied) Portland State University CS 410/510 Internet, Web, and Cloud Systems

  18. Identity (Authentication)  Validating users and applications  For users, done via  What you know (password)  What you have (YubiKey/phone, WebAuthn)  Who you are (fingerprint sensor, FaceID)  Where you are (network, geographic location)  For applications (e.g. external web application, internal web application, database)  Done via API keys, service-account keys (which must be kept safe!) Portland State University CS 410/510 Internet, Web, and Cloud Systems

  19. Access Management (Authorization)  Policy to set which users are allowed which actions on which objects  Users given roles that grant them specific privileges for access Portland State University CS 410/510 Internet, Web, and Cloud Systems

  20. Types of access management policies  Discretionary Access Control (object owner decides)  Object owner decides  Linux model of owner setting coarse permissions on user, group, other  Mandatory Access Control (system/administrator decides)  System or administrator decides  Mandated in high-security environments (e.g. government) Portland State University CS 410/510 Internet, Web, and Cloud Systems

  21. Types of access management policies  Role-Based Access Control (system decides based on user role)  Role determines privileges afforded  Examples  IT admin  Software developer  Billing administrator  Third-party integrator  Partner users  End-users  Partner applications  Principle of least privilege  Ensure the minimal level of access that a task or user needs  Must apply regardless of the type of policy Portland State University CS 410/510 Internet, Web, and Cloud Systems

  22. Access management via IAM  Based on Role-based Access control  Policy determines who can do what action to which resource  Action permissions assigned by role  Primitive pre-defined roles with permissions  Curated roles so you do not need to roll your own  Owner (create, destroy, assign access, read, write, deploy)  Editor (read, write, deploy)  Reader (read-only)  Billing administrator (manage billing)  On specified resources that include  Virtual machines, network, database instances  Cloud storage buckets (gs ://…)  BigQuery stores  Projects Portland State University CS 410/510 Internet, Web, and Cloud Systems

  23. GCP example https://cloud.google.com/compute/docs/access/iam https://cloud.google.com/compute/docs/access/iam-permissions Portland State University CS 410/510 Internet, Web, and Cloud Systems

  24. Example Who? What resources? What actions? Portland State University CS 410/510 Internet, Web, and Cloud Systems

Recommend

Containers At Scale At Google, the Google Cloud Platform and Beyond Joe Beda jbeda@google.com

Containers At Scale At Google, the Google Cloud Platform and Beyond Joe Beda jbeda@google.com

Containers At Scale At Google, the Google Cloud Platform and Beyond Joe Beda jbeda@google.com @jbeda google.com/+JoeBeda Senior Staff Software Engineer, Google Cloud Platform GlueCon - May 22, 2014 Google and Containers Everything

574 views • 18 slides
No Shard Left Behind Straggler-free data processing in Cloud Dataflow Eugene Kirpichov Senior

No Shard Left Behind Straggler-free data processing in Cloud Dataflow Eugene Kirpichov Senior

No Shard Left Behind Straggler-free data processing in Cloud Dataflow Eugene Kirpichov Senior Software Engineer Workers Time Google Cloud Platform 2 Google Cloud Platform 3 Plan 01 Intro 04 Autoscaling Setting the stage Why dynamic

826 views • 55 slides
Tutorial on using the Google Cloud Platform (GCP) Tutorial on using the Google Cloud Platform

Tutorial on using the Google Cloud Platform (GCP) Tutorial on using the Google Cloud Platform

Tutorial on using the Google Cloud Platform (GCP) Tutorial on using the Google Cloud Platform (GCP) Courtesy to the following helpful resources online: Courtesy to the following helpful resources online: http://cs231n.github.io/gce-tutorial/

551 views • 41 slides
Big Data on Google Cloud Using Cloud Dataflow, BigQuery, and friends to process data the Cloud

Big Data on Google Cloud Using Cloud Dataflow, BigQuery, and friends to process data the Cloud

Big Data on Google Cloud Using Cloud Dataflow, BigQuery, and friends to process data the Cloud way William Vambenepe, Lead Product Manager for Big Data, Google Cloud Platform @vambenepe / vbp@google.com Agenda 1 Big Data at Google 2

969 views • 38 slides
ICANN 57 Tech Day Nomulus What is Nomulus The registry platform that powers Googles TLDs

ICANN 57 Tech Day Nomulus What is Nomulus The registry platform that powers Googles TLDs

ICANN 57 Tech Day Nomulus What is Nomulus The registry platform that powers Googles TLDs and takes advantage of the scalability and easy operation of Google Cloud Platform Runs on Google App Engine and backed by Google Cloud

372 views • 12 slides
Is Docker Infrastructure or Platform? & Cloud Foundry intro A Lecture for InstallFest 2017

Is Docker Infrastructure or Platform? & Cloud Foundry intro A Lecture for InstallFest 2017

Is Docker Infrastructure or Platform? & Cloud Foundry intro A Lecture for InstallFest 2017 by Ing. Tom Vondra Cloud Architect at Outline Virtualization and IaaS PaaS Docker Problems with Docker Cloud Foundry

956 views • 62 slides
Beta Presentation Document Management Using Google Cloud Platform The Capstone Experience Team

Beta Presentation Document Management Using Google Cloud Platform The Capstone Experience Team

Beta Presentation Document Management Using Google Cloud Platform The Capstone Experience Team Technology Services Group Ali Alaali Luke Kline Justin Newman Rohit Sen Joe Wan Department of Computer Science and Engineering Michigan State

278 views • 9 slides
Machine Intelligence at Google Scale: Vision/Speech API, TensorFlow and Cloud ML Kaz Sato Staff

Machine Intelligence at Google Scale: Vision/Speech API, TensorFlow and Cloud ML Kaz Sato Staff

Machine Intelligence at Google Scale: Vision/Speech API, TensorFlow and Cloud ML Kaz Sato Staff Developer Advocate +Kazunori Sato Tech Lead for Data & Analytics @kazunori_279 Cloud Platform, Google Inc. What well cover Deep learning

919 views • 45 slides
Digital Forensics of Data Theft on the Google Cloud Platform TJEERD SLOKKER | FRANK WIERSMA

Digital Forensics of Data Theft on the Google Cloud Platform TJEERD SLOKKER | FRANK WIERSMA

Digital Forensics of Data Theft on the Google Cloud Platform TJEERD SLOKKER | FRANK WIERSMA SUPERVISOR: KORSTIAAN STAM Monday February 3 th Introduction MITRE ATT&CK Matrix 2 Research questions What design, utilizing exclusively GCP

737 views • 20 slides
FROM ANALYTICS TO DATA SCIENCE How to build your data maturity on Google Cloud Platform AGENDA

FROM ANALYTICS TO DATA SCIENCE How to build your data maturity on Google Cloud Platform AGENDA

ANTTI ERONEN | @AEVARR | APRIL 17, 2018 FROM ANALYTICS TO DATA SCIENCE How to build your data maturity on Google Cloud Platform AGENDA 1 2 3 DATA MATURITY MODEL BUSINESS CASE EXAMPLES ARCHITECTURE Characteristics of each What did we do?

654 views • 22 slides
HTCondor with Google Cloud Platform Michiru Kaneda The International Center for Elementary

HTCondor with Google Cloud Platform Michiru Kaneda The International Center for Elementary

HTCondor with Google Cloud Platform Michiru Kaneda The International Center for Elementary Particle Physics (ICEPP), The University of Tokyo 22/May/2019, HTCondor Week, Madison, US 1 The Tokyo regional analysis center The computing center

801 views • 40 slides
Real-Time Decisions Using ML on the Google Cloud Platform Przemysaw Pastuszka & Carlos

Real-Time Decisions Using ML on the Google Cloud Platform Przemysaw Pastuszka & Carlos

Real-Time Decisions Using ML on the Google Cloud Platform Przemysaw Pastuszka & Carlos Garcia QCon London 7th March 2018 How many of you are interested in machine learning? but how many of you are running real-time machine

900 views • 59 slides
What is Google App Engine? Wesley Chun Developer Advocate, Google

What is Google App Engine? Wesley Chun Developer Advocate, Google

What is Google App Engine? Wesley Chun Developer Advocate, Google http://code.google.com/appengine @wescpy / @Google / @App_Engine Cloud Computing What is it (besides being buzzword-compliant)? 1 What is Cloud Computing? "Cloud

517 views • 48 slides
JAVA IN THE CLOUD PAAS PLATFORM IN COMPARISON Eberhard Wolff Architecture and Technology Manager

JAVA IN THE CLOUD PAAS PLATFORM IN COMPARISON Eberhard Wolff Architecture and Technology Manager

JAVA IN THE CLOUD PAAS PLATFORM IN COMPARISON Eberhard Wolff Architecture and Technology Manager adesso AG, Germany 12.10. 11 Agenda A Few Words About Cloud Java and IaaS PaaS Platform as a Service Google App Engine

601 views • 37 slides
Go Tooling in Action Francesc Campoy Francesc Campoy Developer Advocate Google Cloud Platform

Go Tooling in Action Francesc Campoy Francesc Campoy Developer Advocate Google Cloud Platform

Go Tooling in Action Francesc Campoy Francesc Campoy Developer Advocate Google Cloud Platform Go @francesc github.com/campoy Agenda Who are you? Lets code Ask me questions! Demo time! We saw go go - build - fmt - run - vet

455 views • 8 slides
Full Stack Kotlin on Google Cloud Brent Shaffer, Google Cloud DPE bshaffe r Brent Shaffer No

Full Stack Kotlin on Google Cloud Brent Shaffer, Google Cloud DPE bshaffe r Brent Shaffer No

KotlinConf, Amsterdam Oct 4, 2018 Full Stack Kotlin on Google Cloud Brent Shaffer, Google Cloud DPE bshaffe r Brent Shaffer No language makes you feel more like a cog in a machine than Java Google Employee who will remain anonymous 3

818 views • 55 slides
Infrastructure as Code - Terraformujeme cloud Viliam Pik DevOps Tech Lead ZOOM

Infrastructure as Code - Terraformujeme cloud Viliam Pik DevOps Tech Lead ZOOM

Infrastructure as Code - Terraformujeme cloud Viliam Pik DevOps Tech Lead ZOOM International On Premise vs Cloud On Premise Cloud Major Cloud Providers Amazon Google Microsoft Web Cloud Azure Services Platform Complex

1.22k views • 30 slides
Networking Challenges for the Next Decade Amin Vahdat On behalf of Google Technical

Networking Challenges for the Next Decade Amin Vahdat On behalf of Google Technical

Networking Challenges for the Next Decade Amin Vahdat On behalf of Google Technical Infrastructure and Google Cloud Platform APRIL 4, 2017 Google Network More than a collection of data centers FASTER (US, JP, TW) 2016 SJC (JP, HK, SG) 2013

926 views • 37 slides
cloud platform for sap business one Cloudiax is the fully managed cloud platform From 35 per

cloud platform for sap business one Cloudiax is the fully managed cloud platform From 35 per

cloud platform for sap business one Cloudiax is the fully managed cloud platform From 35 per user per month* no setup costs for SAP Business One MS SQL and SAP HANA. SQL and SAP HANA the same price Both RDP and HTML5 web client

411 views • 11 slides
1 Synnefo cloud platform LinuxCon/CloudOpen North America 2014 vkoukis@grnet.gr An all-in-one

1 Synnefo cloud platform LinuxCon/CloudOpen North America 2014 vkoukis@grnet.gr An all-in-one

LinuxCon/CloudOpen North America 2014 vkoukis@grnet.gr SYNNEFO: A COMPLETE CLOUD PLATFORM OVER GOOGLE GANETI WITH OPENSTACK APIs VANGELIS KOUKIS, TECH LEAD, SYNNEFO 1 Synnefo cloud platform LinuxCon/CloudOpen North America 2014

565 views • 44 slides
INFINITY ECM PLATFORM Unique multifunctional Cloud SW platform that every World Company needs.

INFINITY ECM PLATFORM Unique multifunctional Cloud SW platform that every World Company needs.

INFINITY ECM PLATFORM Unique multifunctional Cloud SW platform that every World Company needs. About Us Unique Cloud/On-Premise platform. We provide cutting edge SW IT products for global markets . INFINITY ECM Short Info 2

276 views • 10 slides
Google Cloud for Data Crunchers Patrick Chanezon, Developer Advocate, Cloud @chanezon,

Google Cloud for Data Crunchers Patrick Chanezon, Developer Advocate, Cloud @chanezon,

Google Cloud for Data Crunchers Patrick Chanezon, Developer Advocate, Cloud @chanezon, chanezon@google.com Ryan Boyd, Developer Advocate, Apps @ryguyrg, rboyd@google.com Kirrily Robert, Data Engineer, Freebase.com @skud, skud@google.com

853 views • 68 slides
Advanced ML in Google Cloud Abhay Agarwal (MS Design 19) Agenda General Notes on

Advanced ML in Google Cloud Abhay Agarwal (MS Design 19) Agenda General Notes on

CS341: Project in Mining Massive Datasets Advanced ML in Google Cloud Abhay Agarwal (MS Design 19) Agenda General Notes on Pipelining Some History Distributed Processing in Tensorflow Cloud ML Engine in Google Cloud

381 views • 22 slides
OET Cloud Services Google Docs, Sheets & Slides Another part of OET Cloud Services is Google

OET Cloud Services Google Docs, Sheets & Slides Another part of OET Cloud Services is Google

OET Cloud Services Google Docs, Sheets & Slides Another part of OET Cloud Services is Google Docs, Sheets, and Slides. These are now an integral part of Google Drive. They are productivity apps that let you create different kinds of online

412 views • 5 slides

More recommend