Welcome to issue #299 June 20th, 2022

News

Ciao, Milano! New cloud region in Milan now open - The new Milan region provides low-latency, highly available services with international security and data protection standards.

Anthos on-prem and on bare metal now power Google Distributed Cloud Virtual - Google Distributed Cloud Virtual uses Anthos on-prem or bare metal to create a hybrid cloud on your existing hardware.

Announcing general availability of Confidential GKE Nodes - Confidential GKE Nodes keep data encrypted in memory with a node-specific dedicated key that solely resides in the processor.

Announcing gcpdiag - Open Source Troubleshooting Tool for Google Cloud Platform - gcpdiag is an open source diagnostics tool for GCP customers. It finds and helps to fix common issues in Google Cloud Platform projects. It is used to test projects against a wide range of best practices and common mistakes, based on the troubleshooting experience of the Google Cloud Support team.

GKE release channels: Balancing innovation and speed of change, now with more granular controls - New upgrade exclusions in GKE release channel maintenance windows allow you to control what, when and how you update your GKE clusters.

Introducing managed zone permissions for Cloud DNS - Delegate and distribute Cloud DNS zone management responsibilities to your application teams.

Announcing private network solutions on Google Distributed Cloud Edge - With a private cellular network running on Google Distributed Cloud Edge, enterprises can solve the connectivity problems of many new use cases.

Announcing general availability of reCAPTCHA Enterprise password leak detection - ReCAPTCHA Enterprise’s new password leak detection capability can help organizations stop password reuse, credential stuffing, and account takeover attacks.

Introducing new commitments on the processing of service data for our cloud customers - Google Cloud announces new commitments on how it will process service data for its cloud customers.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Why managed container services help startups and tech companies build smarter - Why managed container services such as GKE are crucial for startups and tech companies.

When two become one: Integrating Google Cloud Organizations after a merger or acquisition - When two companies engage in a merger or acquisition, you need to Integrate their cloud domains and organizations – here’s how on Google Cloud.

Google Cloud — Billing Budgets and Alerts - An overview of Budget alerts.

Proactive budget alerting in Google Cloud - Configure budget alerts to proactively monitor usage patterns and find potential anomalies using Budgets, Pub/Sub, Cloud Functions, BigQuery.

Deep Dive into CI/CD with GKE through Google Cloud Build and Google Cloud Deploy(Part 2) - Integrating Cloud Build service with the Cloud Deploy and rolling out the automatic deployments to multiple GKE clusters.

App Development, Serverless, Databases, DevOps

Serverless MEAN Stack Applications with Cloud Run and MongoDB Atlas - See how Cloud Run and MongoDB come together to enable a completely serverless MEAN stack application development experience.

Taking screenshots of web pages with Cloud Run jobs, Workflows, and Eventarc - Learn how to take screenshots of web pages with Cloud Run jobs, Workflows, and Eventarc.

Package management for Debian/Ubuntu operating systems on Google Cloud - How packages.cloud.google.com subdomain works and can be used to download debian/ubuntu packages without going to the internet.

Schedule Simple Go App Workloads Using Google Cloud Platform - A short tutorial on scheduling workloads using Infrastructure-as-Code with GCP, Docker, and Terraform.

Cloud Run and a Decision Tree for your Serverless Needs! - Tips on the serverless types and options available on GCP.

Monitor your applications on Google Managed Prometheus - Deploying a sample Flask application to GKE and deployment of custom metrics to Managed Prometheus.

Multi-Stage Docker Layer Caching using Kaniko + Cloud Build - A short introduction on using Kaniko on Cloud Build and validating that multi-stage Docker images are correctly cached.

Using Grafana Behind the Google Identity Aware Proxy - Setting Google single sign-on into Grafana using JSON Web Token authentication.

Authentication between microservices: Is it really that hard? - Using tokens to secure communication between microservices.

Big Data, Analytics, ML&AI

How The Home Depot is teaming up with Google Cloud to delight customers with personalized shopping experiences - The Home Depot, Inc. surfaces more relevant, personalized content to customers with the help of Google Cloud.

Transform satellite imagery from Earth Engine into tabular data in BigQuery - With Geobeam on Dataflow, you can transform Geospatial data from raster format in Earth Engine to vector format in BigQuery.

Google Cloud Composer CI/CD - The structure and automation of DAG deployments with CI/CD pipeline.

Big Data Processing using Google Dataproc - Google Dataproc is a very powerful option for Hadoop and Spark applications-enabled clusters.

Measuring string similarity in BigQuery using SQL - Use Levenshtein distance to discover similar or duplicated values, clean your data, and more!

BigQuery SQL: Evolution of the running total on a dataset with missing dates - Handling missing values, window functions and nested queries with BigQuery SQL.

Read BigQuery data faster using the Storage Read API with Python - Using BigQuery Storage API to load a large number of rows from BigQuery to Jupyter Notebook.

Google improves Data Security in it’s Data Warehouse BigQuery - Using column level SQL encryption with Cloud KMS keys.

Speed up model inference with Vertex AI Predictions’ optimized TensorFlow runtime - The Vertex AI optimized TensorFlow runtime can be incorporated into serving workflows for lower latency predictions.

MLOps System with AutoML and Pipeline in Vertex AI - This blog post shows how to build a MLOps system with Vertex AI platform. In Particular, you could learn a way to build an ML pipeline to manage a dataset, train an AutoML model based on previously the best one, emit Vertex AI aware artifacts along with how to trigger such a pipeline with Cloud Functions and GCS.

Automate annotations for Vertex AI text datasets with Cloud Vision API and BigQuery - Train a Vertex AI AutoML text entity extraction model using an automatically annotated dataset with Vision API, BigQuery and Jupyter Notebook.

Measuring climate and land changes with AI - In this People & Planet AI episode, we celebrate the amazing launch of a geospatial project called Dynamic World, which maps the entire planet into different categories to track changes in ecosystems with precision. We then explore how to build an AI model like Dynamic World using Cloud.

Mercari leverages Google's vector search technology to create a new marketplace - Mercari introduced Google's vector search technology to realize their core business concept: creating a new marketplace for small shops using "similarity".

Wayfair: Accelerating MLOps to power great experiences at scale - Wayfair adopts Vertex AI to support data scientists with low-code, standardized ways of working that frees them up to focus on feature computation logic instead of worrying about the infrastructure challenges of deploying features into production.

Various

How one Googler uses talking tulips to connect with customers - Meet Matthew Feigal and hear how he helps partners solve their toughest problems with humor.

Google helps Indonesia advance education on cloud, machine learning, and mobile development through Bangkit academy - The Bangkit program, a Google-led partnership of stakeholders, helps universities and their students to prepare for the future workplace by pairing academic study with in-demand industry skills, helping improve the employment journey for students.

Slides, Videos, Audio

GCP Podcast - #308 New Pi World Record with Emma Haruka Iwao and Sara Ford.

Security Podcast - #70 Special - RSA 2022 Reflections - Securing the Past vs Securing the Future.

GCP Life Podcast - #016 The Big Chill - In this episode we discuss Thomas Kurian, VMWare & Broadcom, Cloud Money, Web3 & GCP Features.

Releases

Anthos clusters on VMware - Anthos clusters on VMware 1.10.5-gke.26 is now available. Fixed for version 1.10.5 Fixed the issue where admin cluster backup did not back up always-on secrets encryption keys.

AppEngine Standard Python3 - The Python 3.10 runtime (preview) now uses Ubuntu 22.

BigQuery - Deterministic encryption SQL functions are now generally available (GA). You can now use the Cloud console to set up VPC service control perimeters to restrict access from BigQuery Omni to external clouds. You can now explore data in Data Studio by using links from your BigQuery query results in the Google Cloud Console. A new system variable, @@dataset_project_id, is now generally available.

Chronicle - Enhancements to YARA-L 2.0 syntax in Detection Engine rules We have enhanced the outcome section that can be used in Detection Engine rules.

Cloud Composer - Starting from July 2022, Cloud Composer service will start enforcing the "Act As" organization policy in all projects. The earlier issue with autoscaling in some Cloud Composer 2 environments is now resolved for all impacted environments. (Airflow 1) New versions of Cloud Composer no longer support Python 2: Starting from version 1.19.0, it is not possible to create new environments with Python 2, or upgrade existing environments with Python 2 to 1.19.0 and later versions of Cloud Composer. (Cloud Composer 1) Fixed the problem that caused increased DAG and task failures in Public IP environments because of Airflow database connectivity issues. Logs in Cloud Logging now have Airflow DAG and task annotations for multilined output. (Airflow 2) Enabled User Stats Chart view in Airflow UI for users with the Admin role. (Airflow 2) Fix processor cleanup on DagFileProcessorManager #22685. Cloud Composer 1.19.0 and 2.0.17 images are available: composer-1.19.0-airflow-1.10.15 (default) composer-1.19.0-airflow-2.1.4 composer-1.19.0-airflow-2.2.5 composer-2.0.17-airflow-2.1.4 composer-2.0.17-airflow-2.2.5. Cloud Composer versions 1.16.6 and 1.17.0.preview.2 have reached their end of full support period. Authorized networks support is now generally available (GA).

Compute Engine - Preview: Windows VMs now support SSH connections from the gcloud CLI. Cloud console SSH-in-browser connections might fail if you use custom firewall rules. Generally Available: The image import tool now supports importing Windows Server 2022 images to Google Cloud. Generally available: Optimize the distribution of VMs in sole-tenant node groups. Generally Available: Compute Engine can now use a maximum network packet size of 8896 when communicating between VMs on the same subnet.

Dataproc - Announcing the General Availability (GA) release of Dataproc Custom OSS Metrics GA, which collects then integrates Dataproc cluster OSS component metrics into Cloud Monitoring. New sub-minor versions of Dataproc images: 1.5.69-debian10, 1.5.69-rocky8, 1.5.69-ubuntu18 2.0.43-debian10, 2.0.43-rocky8, 2.0.43-ubuntu18. Backported the patch for HBASE-23287 to HBase 1.5.0 in 1.5 image. Announcing the General Availability (GA) release of Ranger Cloud Storage plugin. Dataproc is now available in the us-south1 region (Dallas, Texas).

Datastore - Datastore now supports the not-equal (!=), IN and NOT_IN query filters.

Datastream - Datastream now supports the use of tags on its resources, which include private connectivity configurations, connection profiles, and streams.

Dialogflow Enterprise - The Dialogflow ES Google Assistant integration will be removed on June 13, 2023.

Dialogflow - The Dialogflow ES Google Assistant integration will be removed on June 13, 2023.

Cloud Networking Products - Cloud DNS per resource IAM permissions are available in Preview.

Document AI - Document AI is now generally available (GA) in the following new locations: asia-south1 (Mumbai) australia-southeast1 (Sydney) You must request access to use the new locations. v1beta3. New Identity Processor (Preview) The France Passport Parser is now available in limited preview.

Cloud Functions - The Python 3.10 runtime (preview) now uses Ubuntu 22.

Cloud Healthcare API - A release was made. Updates may include general performance improvements, bug fixes, and updates to the API reference documentation. Added the complexDataTypeReferenceParsing field to the FHIR store resource, which lets you parse references within complex FHIR data types, such as FHIR extensions.

Google Kubernetes Engine - Confidential GKE Nodes is now generally available in GKE version 1.22 and later for stateful workloads using persistent disks, and in all GKE versions for stateless workloads. (2022-R14) Version updates GKE cluster versions have been updated. CVE-2022-25235 has been patched in the PD CSI driver in 1.22 and 1.23 clusters. GKE Node System Configuration now supports setting pod pid limits.

Google Kubernetes Engine Rapid - (2022-R14) Version updates Version 1.23.6-gke.1501 is now the default version in the Rapid channel.

Google Kubernetes Engine Regular - (2022-R14) Version updates Version 1.22.8-gke.202 is now the default version in the Regular channel.

Google Kubernetes Engine Stable - (2022-R14) Version updates Version 1.21.11-gke.1900 is now the default version in the Stable channel.

Resource Manager - A feature for protecting tag values from being deleted has launched into general availability. The following organization policy constraints to restrict resource creation of global security configuration have launched into general availability: Disable Creation of Cloud Armor Security Policies Disable Creation of global self-managed SSL Certificates Disable Global Load Balancing Disable Enabling Identity-Aware Proxy (IAP) on global resources Disable Enabling Identity-Aware Proxy (IAP) on regional resources.

Service Mesh - 1.11.x & 1.12.x & 1.13.x. The Fleet Feature API (mesh.googleapis.com) now enables the Connect Gateway API (connectgateway.googleapis.com).

SAP Solutions - Google Cloud monitoring agent for SAP NetWeaver version 2.4 Version 2.4 of the Google Cloud monitoring agent for SAP NetWeaver is now available.

Cloud SQL Postgres - The following PostgreSQL minor versions and extension versions are now available. For enhanced security with built-in authentication, Cloud SQL now lets you set password policies at the instance level. The following extensions in Cloud SQL for PostgreSQL are generally available: pg_bigm. Cloud SQL enables you to access to the pg_shadow view.

Transfer Appliance - You can now order Transfer Appliance from the Cloud console, as well as view, track, and manage your orders and appliances.

Vertex AI - Support for IAM resource-level policies for Vertex AI featurestore and entityType resources is available in Preview.

Virtual Private Cloud - VPC networks now support jumbo frame MTUs within the same subnet.

Workflows - Parallel steps are available in Preview.

If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com

Have a great week,

Zdenko