Welcome to issue #294 May 16th, 2022

News

Google Cloud at I/O: Everything you need to know - From keynotes to demos to breakouts to workshops, there was a bright light on Google Cloud and Google Workspace at Google I/O this year.

Introducing AlloyDB for PostgreSQL: Free yourself from expensive, legacy databases - AlloyDB for PostgreSQL combines the best of Google with full PostgreSQL compatibility to achieve superior performance, availability, and scale.

Google Cloud unveils world’s largest publicly available ML hub with Cloud TPU v4, 90% carbon-free energy - Google Cloud unveils world’s largest publicly available machine learning cluster with up to 9 exaflops of computing power.

Cloud TPU VMs are generally available - Cloud TPU VMs with Ranking & Recommendation acceleration are generally available on Google Cloud. Customers will have direct access to TPU host machines.

New observability features for your Splunk Dataflow streaming pipelines - Splunk Dataflow operators can now more easily monitor performance of their log export pipelines with new observability metrics and fine-grained logging.

Introducing Open Source Insights data in BigQuery to help secure software supply chains - To help secure software supply chains at scale, Google Cloud now includes Open Source Insights data in BigQuery.

Sharpen your machine learning skills at Google Cloud Applied ML Summit - Improve your machine learning skills and learn from leading experts at Google Cloud Applied ML Summit, coming June 9, 2022.

Extending BigQuery Functions beyond SQL with Remote Functions, now in preview - Remote Functions are user-defined functions (UDF) that let you extend BigQuery SQL with your own custom code, written and hosted in Cloud Functions, Google Cloud’s scalable pay-as-you-go functions as a service.

---

Vultr's new Optimized Cloud Instances deliver all of the power of the cloud without the Big Tech bloat. Instantly deploy worldwide for as low as $28/mo. Exclusive for GCP Weekly readers: Redeem $150 in free credit!

---

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Security through collaboration: Building a more secure future with Confidential Computing - Google Cloud, Project Zero, and AMD collaborated for several months to conduct a detailed review of the technology that powers Confidential Computing.

Tick data analytics performance in Google Cloud improves up to 18x in latest STAC benchmark - Tick data analytics on Google Cloud runs up to 18x faster in latest STAC benchmark.

Helping global governments and organizations adopt Zero Trust architectures - Google details how it helps governments embark on a Zero Trust journey as the anniversary of the Biden Zero Trust Executive Order approaches.

Metrics Management with Google Cloud Managed Service for Prometheus - Maisons du Monde is a furniture and home decor company that was founded in France over 25 years ago. We have 360 stores across France….

Running HashiCorp Vault in Google Cloud Platform - Setting up HashiCorp Vault on Compute Engine as personal secrets management tool.

Scaling nodes in Kubernetes on a schedule. - When autoscaling can’t solve all of your problems.

App Development, Serverless, Databases, DevOps

Our I/O 2022 announcements: In demo form - In the Cloud PA Keynote at I/O Aparna Sinha walked through the backend for an application that connects volunteers with volunteer opportunities in their area. In this blog post we'll walk through each component of that application, explaining the new products that Google Cloud has released, the pros and cons of the architecture we chose, and other nerdy technical details we didn't have time for in the talk.

3co reinvents the digital shopping experience with augmented reality on Google Cloud - Learn how 3co is reinventing the digital shopping experience with augmented reality and Google Cloud.

How Google Cloud and SAP solve big problems for big companies - On the occasion of SAP Sapphire, here’s a rundown of the key Google Cloud and SAP initiatives we’ll be talking to customers about at the show.

Minimalizing the mainframe - The importance of removing obsolete and inactive components from the mainframe application inventory and discusses the various strategies to do that.

AlloyDB for PostgreSQL under the hood: Intelligent, database-aware storage - In this technical deep dive, we take a look at the intelligent, scalable storage system that powers AlloyDB for PostgreSQL.

First Look at AlloyDB for PostgresSQL - An overview of the most important things regarding AlloyDB.

How to Set Up a Custom Domain for Different GCP Applications Using a Load Balancer - An in-depth tutorial on setting Load Balancer with various backends setting SSL certificate and connecting to a custom domain.

Adding custom roles to JWT on login with Google Identity Platform - Learn how to user Cloud Functions to add custom claims to a user on sign in and sign up in Identity Platform.

Building Smart Home IoT Devices with the Google Cloud Platform - How to connect your first device to IoT Core.

How to upload files to Google Cloud Storage using Javascript on only the browser - This article shows how to upload files to Google Cloud Storage using Javascript on only the browser.

Big Data, Analytics, ML&AI

Accelerating Cloud Migration with Data Mesh Solution Patterns - The article introduces the notion of a data gravity well to describe a consistent pattern: applications and use-cases will be developed closer to where the data they need can be accessed.

Google’s open-source solution to DFDL Processing - A guide to leveraging Google Cloud resources to process data defined by DFDL.

A guide to auditing Cloud Dataflow jobs cost via BigQuery billing export - Analyzing Cloud Dataflow job costs in BigQuery billing export.

Looker and BigQuery ML: create control charts for your KPIs - Or how to monitor your actual vs target KPI values on a highly-dimensional dataset.

Churn Prediction with PySpark and Google Cloud Dataproc - Using PySpark on Cloud Dataproc to predict users' churn.

Stop Worrying About BigQuery PII: How to Automate Data Governance at Scale. - PII Discovery, Classification and Access Control for BigQuery.

Google Analytics data transfer to BigQuery - Step by step tutorial to set data ingestion from Google Analytics to BigQuery.

BigQuery transactions over multiple queries, with sessions - Example of using transactions in BigQuery.

Accelerate your machine learning journey by preprocessing your Vertex AI datasets with Vision API and BigQuery - A Jupyter Notebook that is using data from Cloud Vision to train a ML model on Vertex AI.

Various

Your guide to sessions at Google Cloud Security Summit 2022 - Here’s a helpful guide to sessions at Google Cloud’s Security Summit 2022.

Google Cloud Ground School by SADA May 18th - 19th, 2022 - This deep dive into Google Cloud includes two days of sessions hosted by cloud industry leaders from SADA, Google, our joint customers, and alliance partners.

Thomas Kurian: Why Google Cloud Bests AWS, Azure In The Channel

How to Pass the Google Cloud Associate Cloud Engineer Cert Exam with No Prior Cloud Experience - This article was written for those who would like to add some structure to their studying and contains 5 steps that you can take to ensure exam readiness.

Slides, Videos, Audio

Kubernetes Podcast - #179 Docker, with Scott Johnston.

Security Podcast - #64 EP64 Security Operations Center: The People Side and How to Do it Right.

SRE Podcast - #6 - Automation with Pierre Palatin. Pierre Palatin dives into different automation strategies, how to build confidence in your system, and why designing the UI may be your biggest challenge.

GCP Life - #14 - “Make your own future” – In this episode we discuss; Kelsy Hightower Talk, Google I/O, Coursea Google Courses, SWIFT on GCP, GCP vs MS Q1 Results.

Releases

Cloud SQL - New maintenance versions are now available through self-service maintenance.

Cloud Talent Solution - Jobs within same state will rank higher in results when search jobs in a state level location with TELECOMMUTE_ALLOWED option. (v4) keywordSearchable will be returned correctly in Job instance responses (v4) Fix compensation histogram query to return correct histogram result.

Vertex AI - M91 release The M91 release of Vertex AI Workbench managed notebooks includes the following: Log streaming to the consumer project via Logs Viewer is now supported Added the net-tools package Regular package refreshments and bug fixes. Fixed an issue that caused Spark server networking errors when using Dataproc Serverless Spark and VPC Peering.

VPC Service Controls - General availability for the following integration: Database Migration Service.

Virtual Private Cloud - For auto mode VPC networks, added a new subnet 10.204.0.0/20 for the Madrid europe-southwest1 region. Reserving static regional external IPv6 addresses is available as a limited Preview feature.

Workflows - v1. The following functions have been added: default and if support conditions within expressions map.get performs a safe lookup on a map, returning null if a key is not found. A Status field that tracks the current steps and progress of an execution is available in Preview.

Anthos clusters on Azure - You can now launch clusters with Kubernetes versions 1.21.11-gke.1100 and 1.22.8-gke.1300. In 1.22.8-gke.1300, fixed an issue where logging agent could fill up attached disk space. In 1.22.8-gke.1300, fixed an issue where add ons cannot be applied when Windows node pools are enabled. These releases fix the following CVEs: Fixed CVE-2022-1055. These releases includes the following Role-based access control (RBAC) changes: Scoped down anet-operator permissions for Lease update.

Artifact Registry - Artifact Registry is now available in the europe-southwest1 region (Madrid, Spain).

Cloud Build - You can now use Cloud Build attestors to secure your image deployments.

Chronicle - The following supported default parsers have changed (listed by product name and ingestion label): ExtraHop RevealX (EXTRAHOP) Imperva (IMPERVA_WAF) Windows Event (WINEVTLOG) Azure AD Organizational Context (AZURE_AD_CONTEXT) Citrix Netscaler (CITRIX_NETSCALER) Elastic Packet Beats (ELASTIC_PACKETBEATS) Elastic Audit Beats (ELASTIC_AUDITBEAT) Sendmail (SENDMAIL) VMware vCenter (VMWARE_VCENTER) AWS VPC Flow (AWS_VPC_FLOW) Bluecat DDI (BLUECAT_DDI) Cisco ACS (CISCO_ACS) Cisco Firepower NGFW (CISCO_FIREPOWER_FIREWALL) Forcepoint Proxy (FORCEPOINT_WEBPROXY) McAfee ePolicy Orchestrator (MCAFEE_EPO) Office 365 (OFFICE_365) Apple MacOS (MACOS) Archer Integrated Risk Management (ARCHER_IRM) Cisco Meraki (CISCO_MERAKI) Elastic Windows Event Log Beats (ELASTIC_WINLOGBEAT) IBM DB2 (DB2_DB) Cisco ISE (CISCO_ISE) F5 BIGIP LTM (F5_BIGIP_LTM) Juniper Junos (JUNIPER_JUNOS) Microsoft Exchange (EXCHANGE_MAIL) VMware ESXi (VMWARE_ESX) Digital Shadows SearchLight (DIGITAL_SHADOWS_SEARCHLIGHT) Azure Firewall (AZURE_FIREWALL) ForgeRock OpenAM (OPENAM) FortiGate (FORTINET_FIREWALL) ZScaler NGFW (ZSCALER_FIREWALL) OpenVPN (OPEN_VPN) For details about the changes in each parser, see Supported default parsers. The following new fields are available in the Unified Data Model: parent_session_id was added to the Network object.

Cloud Composer - Cloud Composer Service Level Agreement is available. The following deprecated operators are no longer actively maintained and will be removed in one of the future versions of operators for Airflow 2: Deprecated operators: BigQueryExecuteQueryOperator, BigQueryPatchDatasetOperator, DataflowCreateJavaJobOperator, DataflowCreatePythonJobOperator, DataprocScaleClusterOperator, DataprocSubmitPigJobOperator, DataprocSubmitSparkSqlJobOperator, DataprocSubmitSparkJobOperator, DataprocSubmitHadoopJobOperator, DataprocSubmitPySparkJobOperator, MLEngineManageModelOperator, MLEngineManageVersionOperator, GCSObjectsWtihPrefixExistenceSensor.

Compute Engine - Generally available: Madrid, Spain europe-southwest1-a,b,c has launched with E2 and N2 VMs available in all three zones. Generally available: Insights for idle VM and machine size recommendations help you assess the utilization of your Compute Engine resources.

Config Connector - Config Connector version 1.84.0 is now available. Added IAMPolicy and IAMPolicyMember support for AccessContextManagerAccessPolicy. Added spec.approvalConfig field to CloudBuildTrigger. Added spec.rule.redirectOptions field to ComputeSecurityPolicy. Added spec.addonsConfig.gkeBackupAgentConfig field to ContainerCluster. Added cnrm.cloud.google.com/skip-wait-on-job-termination directive to DataflowFlexTemplateJob and DataflowJob. Added spec.rrdatasRefs field to DNSRecordSet. Added spec.columnLayout.columns.widgets.logsPanel, spec.gridLayout.widgets.logsPanel, spec.mosaicLayout.tiles.widget.logsPanel, and spec.rowLayout.rows.widgets.logsPanel fields to MonitoringMonitorDashboard. Added spec.enableExactlyOnceDelivery field to PubSubSubscription. Reduced reconciliation frequency of ConfigConnector object. Deprecated spec.rrdatas field in DNSRecordSet. Renamed spec.template.volumes.cloudSqlInstance.connections to spec.template.volumes.cloudSqlInstance.instances in RunService (Alpha). Removed spec.template.confidential field from RunService (Alpha). Removed status.terminalCondition.domainMappingReason and status.terminalCondition.internalReason fields from RunService (Alpha). Removed spec.gateways field from NetworkServicesTCPRoute (Alpha).

Dataflow - Dataflow is now available in Madrid (europe-southwest1).

Dataproc - New sub-minor versions of Dataproc images: 1.5.65-debian10, 1.5.65-ubuntu18, 1.5.65-rocky8 2.0.39-debian10, 2.0.39-ubuntu18, 2.0.39-rocky8. Dataproc Serverless for Spark now uses runtime version 1.0.12. Fixed an issue where chronyd systemd service failed to start due to a race condition between systemd-timesyncd and chronyd. Dataproc Serverless for Spark runtime version 1.0.1 is unavailable for new batch submissions.

Datastream - Datastream now supports backfilling Oracle database tables that have more than 100 million rows.

Cloud Deploy - Google Cloud Deploy now lets you change the timeout for Cloud Build operations, from the default setting of 1 hour.

Eventarc - Eventarc for Google Kubernetes Engine (GKE) is now available in Preview.

Cloud Firestore - Firebase App Check now supports Firestore at the General Availability release level.

Cloud Healthcare API - The Healthcare Natural Language API is now available in the europe-west2 location. v1beta1 & v1. The following methods now look up references to resource versions and return them if they exist: fhir.search with an _include parameter fhir.Patient-everything.

KMS - Cloud KMS is available in the following region: europe-southwest1 For more information, see Cloud KMS locations.

Google Kubernetes Engine - Tags are now available. (2022-R11) Version updates GKE cluster versions have been updated. The europe-southwest1 region in Madrid is now available.

GKE - (2022-R11) Version updates Version 1.21.11-gke.900 is now the default version.

Google Kubernetes Engine Rapid - (2022-R11) Version updates Version 1.22.8-gke.2200 is now the default version in the Rapid channel.

Google Kubernetes Engine Regular - (2022-R11) Version updates Version 1.21.11-gke.900 is now the default version in the Regular channel.

Google Kubernetes Engine Stable - (2022-R11) Version updates The following versions are now available in the Stable channel: 1.19.16-gke.10800 1.20.15-gke.5200 1.21.11-gke.900 Version 1.19.16-gke.9400 is no longer available in the Stable channel.

Load Balancing - Regional external and regional internal HTTP(S) load balancers now support using Cloud Run services as backends for the load balancer.

Memorystore for Memcached - Added new Memorystore for Memcached region: Madrid (europe-southwest1).

Cloud Monitoring - Private uptime checks are now generally available.

Cloud Router - Cloud Router now supports MD5 authentication of BGP sessions.

Cloud VPN - Cloud VPN is now available in region europe-southwest1 (Madrid, Spain).

Network Intelligence Center - Network Analyzer is now available in Preview.

Cloud PubSub - Pub/Sub is now available in europe-southwest1 (Madrid) .

Cloud Run - Cloud Run jobs are now available in Preview. The following new region is now available: europe-southwest1.

Service Mesh - 1.11.x. 1.11.8-asm.1 is now available. 1.12.x. 1.12.6-asm.3 is now available. 1.13.x. 1.13.2-asm.5 is now available.

If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com

Have a great week,

Zdenko