Google Cloud Platform: Difference between revisions

Latest revision as of 04:53, 8 May 2024

Basics

See here

Regions (Asia, Australia, Europe, North America, South America)
- Collection of zones (isolated) eg "asia-east-a"
- Redundancy, lower latency when close to use
- Zones are a single failure domain with a region: FT application should be deployed over mulitople zones
- At least 3 zones per region
Software/Hardware -> Services
- Global Resources, eg disk images
- Multiregional Resources, Container Registry, Cloud Storage. Reduntant and distributed within/across regions.
- Regional Resources, eg static external IPs, App Engine resources. Redultantly deployed over multiple zones.
- Zonal resources, eg VM instances, their disks
Project: all resources must belong to one
- Can't share between projects without VPC (Virtual Private Cloud)
- Name, Project ID, Project Number
- Most resource names are unique to a project

Common Dependaencies for all services:

Identity data plane for authentication and authorization
Internal services that provide logging, metadata storage, and workflow management
Access to Google Cloud APIs depends on DNS, globally-distributed load balancers, and points of presence (PoPs)
The configuration of global resources: For example, IAM policies, global firewall rules, global load balancer configurations, and Pub/Sub topics are stored in replicated databases
When Google Cloud services makes requests to customer-controlled endpoints, for example, Cloud EKM fetching customer keys, or Pub/Sub delivering messages, those requests depend on our global network infrastructure to access those customer-controlled endpoints.

Quotas, to protect users and services form unforseen spikes or limit unforseen costs.

Rate Quatoa: limit the number of requests that can be made to an AP or service
Allocation Quota: eg number of VMs used by a project at a given time
Concurrent Quota: used to restrict number of concurrent operations in flight at any given time. Eg for long running operations that are expected to last an hour.

Other

Organisation -> Folders -> Projects -> Resources
gcloud config set project npgs-test-1

IAM:

Permissions -> roles -> members
Policy: collection of bindings of members to roles
Identities: Google accounts created outside of of GCP (not just gamil)
- Google accounts (engineers, administrators, etc)
- Service accounts (applications, services, VMs. Authentication by account keys)
- Google Groups (Collection of Google and service accounts)
- allAuthenticatedUsers
- allUsers

Google Cloud Storage:

Standard: Most common, optimised for performance and HF access
Nearline: Fast, durable for data accessed < once per month
Coldline: Less than once per quarter
Archive: Less than once per year

Delete a Project:

IAM and admin -> Settings -> Project -> Shutdown

Google CLI: Locally installable client or via Web
- eg: gcloud compute instance create

@@ Line 1: / Line 1: @@
-== Introduction ==
+== Basics ==
+See [https://cloud.google.com/docs/overview here]
 * Regions (Asia, Australia, Europe, North America, South America)
 ** Collection of zones (isolated) eg "asia-east-a"
 ** Redundancy, lower latency when close to use
+** Zones are a single failure domain with a region: FT application should be deployed over mulitople zones
+** At least 3 zones per region
 * Software/Hardware -> Services
 ** Global Resources, eg disk images
-** Regional Resources, eg static external IPs
+** Multiregional Resources, Container Registry, Cloud Storage. Reduntant and distributed within/across regions.
+** Regional Resources, eg static external IPs, App Engine resources. Redultantly deployed over multiple zones.
 ** Zonal resources, eg VM instances, their disks
 * Project: all resources must belong to one
@@ Line 12: / Line 17: @@
 ** Name, Project ID, Project Number
 ** Most resource names are unique to a project
+Common Dependaencies for all services:
+* Identity data plane for authentication and authorization
+* Internal services that provide logging, metadata storage, and workflow management
+* Access to Google Cloud APIs depends on DNS, globally-distributed load balancers, and points of presence (PoPs)
+* The configuration of global resources: For example, IAM policies, global firewall rules, global load balancer configurations, and Pub/Sub topics are stored in replicated databases
+* When Google Cloud services makes requests to customer-controlled endpoints, for example, Cloud EKM fetching customer keys, or Pub/Sub delivering messages, those requests depend on our global network infrastructure to access those customer-controlled endpoints.
+Quotas, to protect users and services form unforseen spikes or limit unforseen costs.
+* Rate Quatoa: limit the number of requests that can be made to an AP or service
+* Allocation Quota: eg number of VMs used by a project at a given time
+* Concurrent Quota: used to restrict number of concurrent operations in flight at any given time. Eg for long running operations that are expected to last an hour.
+== Other ==
+* Organisation -> Folders -> Projects -> Resources
+* gcloud config set project npgs-test-1
+IAM:
+* Permissions -> roles -> members
+* Policy: collection of bindings of members to roles
+* Identities: Google accounts created outside of of GCP (not just gamil)
+** Google accounts (engineers, administrators, etc)
+** Service accounts (applications, services, VMs. Authentication by account keys)
+** Google Groups (Collection of Google and service accounts)
+** allAuthenticatedUsers
+** allUsers
+Google Cloud Storage:
+* Standard: Most common, optimised for performance and HF access
+* Nearline: Fast, durable for data accessed < once per month
+* Coldline: Less than once per quarter
+* Archive: Less than once per year
 Delete a Project:

Google Cloud Platform: Difference between revisions

Latest revision as of 04:53, 8 May 2024

Basics

Other

Navigation menu

Search