Welcome to issue #311 September 12th, 2022

News

Introducing Kubernetes control plane metrics in GKE - Metrics from Kubernetes control plane components, including the API server, scheduler, and controller manager, are now Generally Available in GKE.

Introducing Google Cloud Backup and DR - A managed backup and disaster recovery (DR) service for centralized, application-consistent data protection. Protect workloads running in Google Cloud and on-premises.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

New storage innovations to drive your next-gen applications - Learn about the latest products and features rolling out for customers using cloud-based block, file and object storage, as well as backup and DR.

Trust Update: September 2022 - The breadth of Google Cloud compliance work spans the globe and many business sectors. Here’s an update on what we’ve accomplished so far in 2022.

Connect Gateway and ArgoCD: Deploy to Distributed Kubernetes - Integrating your ArgoCD deployment with Connect Gateway and Workload Identity provides a seamless path to deploy to Kubernetes on many platforms.

Stop using Network Appliances in Google Cloud — Part 2 Load Balancers - An overview of Load Balancers on Google Cloud.

Extending GKE with NGINX IC - Using NGINX Ingress Controller on GKE.

Dual stack networks IPv4 and IPv6 in Google Cloud - Working with dual IPs versions.

Seamlessly encrypt traffic from any apps in your Mesh to Memorystore (redis) - Setting up encryption from a sample app to Memorystore by leveraging Istio and Anthos Service Mesh.

App Development, Serverless, Databases, DevOps

Airship chooses Bigtable to empower mobile app developers - Mobile app experience company uses managed databases to eliminate operational tasks and deliver better performance, throughput, and speed to customers.

Optimizing terabyte-scale PostgreSQL migrations to Cloud SQL with Searce - How Searce reduced downtime by 98% while migrating terabyte-scale PostgreSQL database to Cloud SQL using the Database Migration Service.

Tutorial: Deploying Cloud Run Jobs - Deploy new Cloud Run jobs using the Goblet Python framework.

Migrating Resizin from GKE to Cloud Run - A use case of migrating from GKE to Cloud Run.

How to Run a Stable Diffusion Server on Google Cloud Platform - A step-by-step guide to build and deploy a Flask app.

Run Stable Diffusion in a GCP Cloud Function — a step-by-step guide. - Generating Stable Diffusion Images via Cloud Function.

Triggering Workflows from Google Sheets - An example that demonstrates an integration of Google Workspace tools such as Calendar, Sheets, and Forms with Workflows.

Bridge MQTT Data from EMQX Cloud to Confluent Cloud on GCP - This article explains how to bridge MQTT data from EMQX Cloud to Confluent Cloud on GCP.

Big Data, Analytics, ML&AI

Pro tools for Pros: Industry leading observability capabilities for Dataflow - Introducing several new observability capabilities for Google Cloud Dataflow such as more metrics for streaming jobs, Dataflow insights and Datadog integration.

Cloud Wisdom Weekly: 6 tips to optimize data management and analytics - How to save money while ensuring your data and analytics efforts scale, with examples featuring BigQuery.

How to use Google Cloud to find and protect PII - Google Cloud’s open source automatic tagging solution can automate column-level access controls in order to minimize the risk of unrestricted access to sensitive data or PII in BigQuery.

Houston, we have a problem: Six Apollo Mission Principles for Pipeline Design - Launching a data pipeline in the cloud is like launching a spacecraft. Apollo mission design principles applied to Apache Beam pipelines.

Why we don’t use Spark - A use case of migrating from Dataproc to Kubernetes.

End-to-End DBT project in Google Cloud Platform (Part 3) - Integrating the DBT service already deployed with Cloud Run, as a step into a Cloud Workflows pipeline.

Twitter: Helping customers find meaningful Spaces with AutoML - Twitter is leveraging AutoML to improve its customer experience by making Spaces recommendations that are relevant to individuals instead of ranking Spaces by order of popularity.

Choose the IDE you want and develop on Vertex AI Workbench (Part I) - Develop on Vertex AI Workbench with VSCode.

Marketing Mix Modelling with Robyn on Vertex AI - Running MMM (marketing mix modelling) analysis with Robyn on Vertex AI.

Various

Insights on the future of work and collaboration - Stay up-to-date on technologies like containers, Kubernetes, DevOps, and serverless that make up Google’s cloud-native application development stack.

Four non-traditional paths to a cloud career (and how to navigate them) - Google Cloud’s experts share their advice for transitioning into a cloud career from starting points like helpdesk, traditional IT, or a non-technical job.

Slides, Videos, Audio

Kubernetes Podcast - #188 Security, Access and War, with Kateryna Ivashchenko.

Security Podcast - #82 Mega-confused by XDR? You Are Not Alone! This XDR Skeptic Clarifies!

GCP Life Podcast - #22 Monster DDoS attack, Google Cloud Armor, Curated Detections, Chronicle, Virtual Machine Threat Detection, IoT Core Shutdown, Devs Don’t Want to do Ops, Preferring Google Collab Tools.

Releases

Anthos clusters on VMware - Anthos clusters on VMware 1.10.7-gke.15 is now available. Fixed for v1.10.7 Fixed the gkectl prepare panic issue caused by the wrong permission setting on the private registry certificate directory. Anthos clusters on VMware 1.11.3-gke.45 is now available. The gkectl diagnose cluster command automatically runs when gkectl diagnose snapshot is run, and the output is saved in a new folder in the snapshot called /diagnose-report. Fixed for v1.11.3 Fixed the issue where the admin control plane VM template is deleted after a resumed admin cluster upgrade attempt.

Google Cloud Armor - Adaptive Protection suggested rules can now be deployed automatically in public preview.

BigQuery ML - The following features are now generally available for ARIMA_PLUS models: The HOLIDAY_REGION option can now take more than one region string as input.

BigQuery Transfer - Cloud console updates: Improvements that are related to query execution include the following: For long-running queries, the Execution details tab is automatically displayed with the timing details of each stage of the query.

BigQuery - Cloud console updates: Improvements that are related to query execution include the following: For long-running queries, the Execution details tab is automatically displayed with the timing details of each stage of the query.

Cloud Build - The Cloud Build script field is now generally available.

Compute Engine - Generally available: Compute Engine supports importing a virtual disk with an UEFI bootloader. The incorrect quota limits displayed in the Cloud console in the us-east5 region have been resolved. Generally available: To reduce image licensing cost, you can now bring your Red Hat Enterprise Linux subscriptions to Google Cloud. Preview: Accelerator-optimized (A2 ultraGPU) machine types with their attached A100 80GB GPUs are now available in the following region: Iowa, North America: us-central1-c. Generally available: Archive snapshots are now available for more cost-efficient data retention as compared to regular snapshots, which are best suited for long-term back up and disaster recovery.

Dataproc - Avoid using the following image versions when creating new clusters: 2.0.31-debian10, 2.0.31-ubuntu18, 2.0.31-rocky8 2.0.32-debian10, 2.0.32-ubuntu18, 2.0.32-rocky8 2.0.33-debian10, 2.0.33-ubuntu18, 2.0.33-rocky8 1.5.57-debian10, 1.5.57-ubuntu18, 1.5.57-rocky8 1.5.58-debian10, 1.5.58-ubuntu18, 1.5.58-rocky8 1.5.59-debian10, 1.5.59-ubuntu18, 1.5.59-rocky8 If your cluster uses one of these image versions, there is a small chance that the cluster might enter an ERROR_DUE_TO_UPDATE state while being updated, either manually or as a result of autoscaling.

Cloud Healthcare API - A demo for the Healthcare Natural Language API is now available.

Google Kubernetes Engine - The Calico issue link included in the August 19, 2022 release notes issue was updated to the Calico issue #4857. The ip-masq-agent is not able to boot up on Arm nodes in GKE clusters with control planes running the following versions: 2022-R18: 1.23.8-gke.1900, 1.24.2-gke.1900 2022-R19: 1.24.3-gke.200 2022-R20: 1.23.9-gke.900, 1.24.3-gke.900 This regression has been fixed. CVE-2021-4160, CVE-2022-1664, CVE-2022-1292, and CVE-2022-29155 have been patched in the Filestore CSI driver for newly created clusters.

Cloud Logging - Cloud Audit Logging no longer redacts the principal email associated with service accounts in audit logs.

Cloud Run - Cloud Run now allows up to 4,000 serving revisions and 2,000 tagged revisions per region and project.

Secret Manager - Secret Manager now supports using annotations to define custom metadata about the secret.

Anthos Service Mesh - Managed Anthos Service Mesh. Managed Anthos Service Mesh support for GKE Autopilot is now generally available in the Regular and Rapid channels. Managed Anthos Service Mesh. Automatically configuring managed Anthos Service Mesh using the Fleet Feature API is now generally available in the rapid, regular, and stable release channels. The Google-managed data plane is now generally available (GA) as a part of managed Anthos Service Mesh.

Cloud Spanner - Query Optimizer version 5 is generally available, and is the default optimizer version. Cloud Spanner free trial instances are now generally available.

Cloud SQL MySQL - Cloud SQL for MySQL now supports minor version 8.0.30.

Cloud Storage Transfer - Storage Transfer Service now offers Preview support for moving data from S3-compatible storage to Cloud Storage.

Transfer Appliance - Remote Wipe is an optional step in the appliance return process that allows customers to erase data on their appliance before returning it to Google.

If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com

Have a great week,

Zdenko