Welcome to issue #300 June 27th, 2022

With publishing the 300th issue of the GCP Weekly newsletter, I would be grateful if you could fill out this anonymous survey to provide feedback https://docs.google.com/forms/d/e/1FAIpQLSd16RJqJg0-pCS2WHCc_qW4Ime8pHJBdc3ptFslhj0cIYa5wg/viewform

News

Forrester names Google Cloud a leader in Document Analytics Platforms - Forrester names Google Cloud a leader in Document-Oriented Text Analytics Platforms.

Introducing a new homepage for Google Cloud - Experience the new Google Cloud homepage that gives you a simplified and faster console experience to get tasks done.

Announcing Data-driven styling: style Google map boundaries to convey key information - Today, we are excited to announce the preview release of Data-driven styling for the Maps JavaScript API, which enables you to display and style Google boundaries.

Introducing PostgreSQL interface for Spanner: availability at scale with the interface you know - The new PostgreSQL interface for Spanner, now GA, combines the scalability of Spanner with the portability of PostgreSQL for enterprise workloads.

Announcing new Google Research Innovators, bringing more science to the cloud - We are announcing a new Google Research Innovator cohort and sharing awareness about the program.

Announcing new BigQuery capabilities to help secure sensitive data - As businesses increasingly store and use sensitive data, it’s critical to control access to and mask this data to mitigate security breaches.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Load balancing Google Cloud VMware Engine with Traffic Director - Using a high-performance front-end for web services hosted in Google Cloud VMware Engine.

Understanding and analyzing your Google Cloud costs - Looking for more details on your cloud costs? Here's a quick overview of three ways to understand and further analyze your costs.

The networking 101 GCP reference sheet: Networking basics - This is a 101 level networking sheet, with general networking references and GCP specific networking services. A lightweight easy to digest reference sheet and repo. The aim is to simplify common networking topics.

Google Cloud Security Overview - An overview of Google Cloud capabilities across the different layers of security.

Using Google Kf and Kubernetes to modernize your PCF workloads - Google Cloud Kf can streamline the process of migrating applications from PCF to Kubernetes.

Software Supply Chain Security with Binary Authorization and Cloud Build - Creating a binary authorization attestation for the container image and deploying it to Cloud Run.

Install Gitlab Runner on GKE with application deployment - This blog will focus on how to install and register GitLab runners in a GKE cluster and implement a Gitlab CI/CD pipeline that includes stages, such as image build and push, and application deployment on GKE.

ExternalDNS w. GKE & Cloud DNS 2 - ExternalDNS with static credentials to access to Cloud DNS.

Introducing Resource Tags in GCP - An overview of using Resource Manager tags.

App Development, Serverless, Databases, DevOps

Monitoring Cloud SQL with SQL Server database auditing - Cloud SQL now supports database auditing for SQL Server, allowing customers to closely monitor and track changes to their databases.

Improving developer agility and efficiency with Google Workspace - Learn how developers use Google Workspace to centralize and integrate all of their favorite Agile and DevOps tools like Jira, GitHub, Datadog, and PagerDuty.

Top 5 use cases for Google Cloud Spot VMs explained + best practices - Google Cloud’s Spot VMs are offered with deep discounts to help all scalable applications optimize their costs.

Using the Node.js Cloud Client Libraries - Use Node.js Cloud Client Libraries to simplify your JavaScript or TypeScript code and efficiently access Google products through their APIs.

The latest accessibility updates in the Maps JavaScript API - In recognition of Global Accessibility Awareness Day last month, I wanted to provide a follow-up to last year's work and share more recent updates to improve accessibility in the Maps JavaScript API and Maps Embed API.

Building a Mobility Dashboard with Cloud Run and Firestore - Build a mobility dashboard to visualize your location data in real-time. Let’s walk through how you can easily make it with Cloud Run and Firestore.

CI/CD with Cloud Build on Compute Engine. - Setting up CI/CD pipeline on Compute Engine Managed instance group using GCP native cloud build.

Writing Logs in GCP Logs Explorer for Compute Engine on Golang - Writing logs to Cloud Logging from Go program running on Compute Engine.

Google Cloud Storage Editor - This article describes an open source project that allows us to select files in GCS and then open them in an editor all from within a browser based web app.

Using Firestore database to access your Cloud Storage metadata - Saving custom Cloud Storage blobs metadata in Firestore to allow complex queries.

Big Data, Analytics, ML&AI

Learn how BI Engine enhances BigQuery query performance - This blog explains how BI Engine enhances BigQuery query performance, different modes in BI engine and its monitoring.

Introducing Firehose: An open source tool from Gojek for seamless data ingestion to BigQuery and Cloud Storage - The Firehose open source tool allows Gojek to turbocharge the rate it streams its data into BigQuery and Cloud Storage.

Serverless Spark ETL Pipeline Orchestrated by Airflow on GCP - An example of using Serverless Spark.

Getting started with Dataproc Serverless PySpark templates - Get started with Dataproc Serverless PySpark templates. Run common PySpark workload on GCP without managing infrastructure.

Restrict access to columns on BigQuery - Restricting per column level access in BigQuery using Data Catalog.

BigQuery now supporting Query Queues - Using Query Queues for Concurrency in Google BigQuery.

Google BigQuery Data Update Optimization - Reducing BigQuery costs when updating data in the existing table.

Median, Mode, and Average Order Value in BigQuery using SQL - Learn about your customers’ ordering habits and choose the best strategy for increasing the value of your orders.

Dynamic Data Masking on BigQuery - This article describes how to use dynamic data masking in BigQuery.

Accelerating AI/ML adoption in the public sector: Three ways to get started - Government agencies faces challenges in adopting AI and specifically moving to Production. This blog highlights some of the challenges and suggestions as to how Google Cloud can help.

Training a PyTorch Model on GCP Vertex AI - Training models with managed notebooks or custom training jobs.

Various

Five years of 100% renewable energy – and a look ahead to a 24/7 carbon-free future - For five years now, Google has matched all its energy consumption with renewable energy, and is planning to use 100% carbon-free energy by 2030.

Google Cloud Data Heroes Series: Meet Francisco, the Ecuadorian American founder of Direcly, a Google Cloud Partner - In the Data Heroes series we share stories of people who use data analytics tools to do incredible things. In this month’s edition, Meet Francisco.

Slides, Videos, Audio

GCP Podcast - #309 Contact Center AI with Amit Kumar and Vasili Triant.

Security Podcast - #71 Attacking Google to Defend Google: How Google Does Red Team.

GCP Life Podcast - #17 In this episode we discuss; Google AI, VMWARE & GCVE, Calculating Pi, 10 Hottest GCP Features of 2022.

Releases

Cloud SQL Postgres - CloudSQL for PostgreSQL now supports replication from an external server. The following PostgreSQL minor versions and extension versions are now available: 14.2 is upgraded to 14.3.

Cloud SQL SQL Server - You can enable an instance to publish to a subscriber that is external (or internal) to Cloud SQL. In Cloud SQL, you can use SQL Server Audit capabilities to track and log server-level and database-level events.

Cloud TPU - Cloud TPU now supports TensorFlow 2.6.5 and TensorFlow 2.7.3.

Virtual Private Cloud - Private Service Connect supports publishing a service that is hosted on an internal TCP proxy load balancer in a service producer VPC network.

Workflows - Workflows can invoke private on‑premises, Compute Engine, Google Kubernetes Engine (GKE), or other Google Cloud endpoints that are Identity-Aware Proxy (IAP)-enabled. Support for VPC Service Controls is generally available (GA).

Anthos clusters on bare metal - 1.11. Release 1.11.3 Anthos clusters on bare metal 1.11.3 is now available for download. Fixes: The following container image security vulnerabilities have been fixed: CVE-2018-25032 CVE-2021-27782 CVE-2021-4160 CVE-2021-43618 CVE-2022-0778 CVE-2022-1292 CVE-2022-29155 CVE-2022-29824. Known issues: For information about the latest known issues, see Anthos on bare metal known issues in the Troubleshooting section.

Anthos clusters on Azure - Three new memory corruption vulnerabilities (CVE-2022-29581, CVE-2022-29582, CVE-2022-1116) have been discovered in the Linux kernel. There is a bug in the Azure OS kernels used by some of the previous Anthos clusters on Azure versions.

BigQuery - The BI Engine preferred tables feature lets you limit BI Engine acceleration to a specified set of tables. Query queues are now available in preview for on-demand and flat-rate customers.

BigTable - Cloud Bigtable is available in the us-east5 (Columbus) region.

Billing - Preview: You can now get cost insights in the Recommender API, and use them to detect anomalies in your costs.

Chronicle - The following supported default parsers have changed (listed by product name and ingestion label): Akamai WAF (AKAMAI_WAF) Aruba IPS (ARUBA_IPS) Azure AD Directory Audit (AZURE_AD_AUDIT) Carbon Black App Control (CB_APP_CONTROL) Check Point (CHECKPOINT_FIREWALL) Cisco ACS (CISCO_ACS) Cisco Email Security (CISCO_EMAIL_SECURITY) Cisco Firepower NGFW (CISCO_FIREPOWER_FIREWALL) Cisco ISE (CISCO_ISE) Cisco Meraki (CISCO_MERAKI) Citrix Netscaler (CITRIX_NETSCALER) CloudM (CLOUDM) CrowdStrike Falcon (CS_EDR) EPIC Systems (EPIC) Forescout NAC (FORESCOUT_NAC) FortiGate (FORTINET_FIREWALL) GCP Compute (GCP_COMPUTE) IBM DataPower Gateway (IBM_DATAPOWER) Imperva (IMPERVA_WAF) JAMF Protect (JAMF_PROTECT) Linux Auditing System (AuditD) (AUDITD) Microsoft Exchange (EXCHANGE_MAIL) Netskope (NETSKOPE_ALERT) Office 365 (OFFICE_365) Okta (OKTA) Preempt Alert (PREEMPT) RSA (RSA_AUTH_MANAGER) SentinelOne EDR (SENTINEL_EDR) ServiceNow CMDB (SERVICENOW_CMDB) Sourcefire (SOURCEFIRE_IDS) Suricata IDS (SURICATA_IDS) Symantec Web Isolation (SYMANTEC_WEB_ISOLATION) Tripwire (TRIPWIRE_FIM) Unix system (NIX_SYSTEM) VMware AirWatch (AIRWATCH) VMware ESXi (VMWARE_ESX) VMware NSX (VMWARE_NSX) WatchGuard (WATCHGUARD) Workspace Alerts (WORKSPACE_ALERTS) Zscaler (ZSCALER_WEBPROXY) For details about changes in each parser, see Supported default parsers.

Cloud Composer - Cloud Composer 1.19.1 and 2.0.18 release started on June 23, 2022. The earlier issue with DAG and task failures in Public IP environments in Cloud Composer 1 is now resolved for all impacted environments. (Airflow 2) The apache-airflow-providers-google package is updated: Fixed a regression in BigQueryToGCPOpertor after changes to links were introduced in #24416. (Cloud Composer 2) Incremental task logs are now correctly refreshed and displayed in Airflow UI. Cloud Composer 1.19.1 and 2.0.18 images are available: composer-1.19.1-airflow-1.10.15 (default) composer-1.19.1-airflow-2.1.4 composer-1.19.1-airflow-2.2.5 composer-2.0.18-airflow-2.1.4 composer-2.0.18-airflow-2.2.5. Cloud Composer 1.18.12 is a version with an extended upgrade timeline. Cloud Composer versions 1.16.7 and 1.17.0.preview.3 have reached their end of full support period. In July 2022, Cloud Composer 2 environments created in Cloud console will use Private Service Connect configuration by default. In July 2022, Cloud Composer 1 environments created in Cloud console will use the latest available version of Airflow 2 by default.

Compute Engine - The CPU utilization observability metric is incorrect for VMs that use one thread per core.

Dialogflow - The Dialogflow CX search feature is now GA (generally available).

Cloud Healthcare API - Updates may include general performance improvements, bug fixes, and updates to the API reference documentation.

Google Kubernetes Engine - Three new memory corruption vulnerabilities (CVE-2022-29581, CVE-2022-29582, CVE-2022-1116) have been discovered in the Linux kernel. You can now create dual-stack clusters in GKE versions 1.24.1-gke.1000 and later. (2022-R15) Version updates GKE cluster versions have been updated. To deliver a better default price-performance for applications, all GKE clusters created with control plane version 1.24 and later have the Balanced Persistent Disk (PD) by default for attached volumes.

GKE - (2022-R15) Version updates The following control plane and node versions are now available: 1.19.16-gke.15700 1.20.15-gke.9900 1.21.13-gke.900 1.22.10-gke.600 1.23.7-gke.1400 1.24.1-gke.1400 Control planes and nodes with auto-upgrade enabled will be upgraded from version 1.19 to version 1.20.15-gke.8000 with this release.

Google Kubernetes Engine Rapid - (2022-R15) Version updates The following versions are now available in the Rapid channel: 1.21.13-gke.900 1.22.10-gke.600 1.23.7-gke.1400 1.24.1-gke.1400 The following versions are no longer available in the Rapid channel: 1.21.12-gke.1700 1.22.9-gke.1300 1.23.6-gke.1500 1.24.0-gke.1801 Control planes and nodes with auto-upgrade enabled in the Rapid channel will be upgraded from version 1.19 to version 1.19.16-gke.11800 with this release.

Google Kubernetes Engine Regular - (2022-R15) Version updates The following versions are now available in the Regular channel: 1.20.15-gke.8200 1.21.12-gke.1700 The following versions are no longer available in the Regular channel: 1.20.15-gke.8000 1.21.11-gke.1900 1.22.8-gke.201 Control planes and nodes with auto-upgrade enabled in the Regular channel will be upgraded from version 1.19 to version 1.20.15-gke.8200 with this release.

Google Kubernetes Engine Stable - (2022-R15) Version updates The following versions are now available in the Stable channel: 1.19.16-gke.13800 1.20.15-gke.8000 1.21.12-gke.1500 The following versions are no longer available in the Stable channel: 1.19.16-gke.11000 1.20.15-gke.6000 1.21.11-gke.1100 Control planes and nodes with auto-upgrade enabled in the Stable channel will be upgraded from version 1.19 to version 1.20.15-gke.8000 with this release.

Load Balancing - Cloud Load Balancing introduces a new version of the external HTTP(S) load balancer.

Cloud Monitoring - You can now collect Jetty metrics from the Ops Agent, starting with version 2.17.0. You can now view the configuration of charts on a dashboard while the dashboard is in read-only mode.

Recommendations AI - The Recommendations AI documentation set at https://cloud.google.com/retail/recommendations-ai/docs will be removed on July 5, 2022.

Cloud Spanner - The PostgreSQL interface is now generally available, making the capabilities of Cloud Spanner accessible from the PostgreSQL ecosystem.

If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com

Have a great week,

Zdenko