Welcome to issue #386 February 19th, 2024

News

Introducing vector search in BigQuery - The public preview of vector search in BigQuery, which enables vector similarity search on BigQuery data.

Google Cloud expands access to Gemini models for Vertex AI customers - Gemini 1.5 Pro is now in private preview on Vertex AI.

Immersive Stream for XR: Performance and savings with NVIDIA L4 GPU and autoscaling - Improvements in both performance and cost savings to Immersive Stream for XR, Google Cloud’s solution for hosting, rendering, and streaming 3D and eXtended reality (XR) experiences.

Announcing the general availability of Network Function Optimizer for GKE Enterprise - Network Function Optimizer is generally available for GKE Enterprise, the premium edition of Google Kubernetes Engine.

Cloud Monitoring now offers PromQL alerting and importing dashboards from Grafana - Cloud Monitoring has achieved even greater compatibility with the open-source monitoring ecosystem with our GA release of PromQL-based alerting policies, and our command-line tool for importing dashboards from Grafana.

Feel the Next ‘24 love: Full session library is now live

---

Looking for a more secure, cost-effective alternative to Citrix and VMware? Give your people seamless, secure access to all the apps they need to do their jobs - from anywhere and on any device - with Cameyo’s Virtual App Delivery (VAD) platform and Google Cloud. Schedule a demo today and we’ll set you up with your own demo environment within 15 minutes.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Why mainframe migration is more than technology transformation - Read more about how Google Cloud approaches mainframe modernization.

Cloud CISO Perspectives: Guidance from our latest Threat Horizons report - Cloud CISO Perspectives for February 2024.

Leveraging Backup for GKE (BfG) for Effortless Volume Migration: From In-tree to CSI

Integrating GitHub Runner with Google Cloud Platform via Terraform - Configuring Terraform to create a WIF and grant permission for a Service Account that will be impersonated by GitHub Runner.

Serving Open Source LLMs on GKE using vLLM framework - This post shows how to serve Open source LLM models(Mistrial 7B, Llama2 etc) on Nvidia GPUs(L4, Tesla-T4, for example) running on Google Cloud Kubernetes Engine (GKE).

Getting Started with Istio: Install Istio with Helm in 2024 - Step by step tutorial to set Istio.

Accessing AWS Resources from Google Kubernetes Engine - Combine AWS Open ID Connect federation with Google Workload Identity Federation to access AWS resources securely from GKE.

Looking for GPU Capacity? DWS got you covered ! - Using Dynamic Workload Scheduler on GKE to run ML jobs.

Google Kubernetes Engine | Security Checklist - This article discusses how to enhance the security of Google Kubernetes Engine.

Top 5 Organization Policy Constraints for Google Cloud - Five recommendations to implement safeguards in Organization Policy Services.

App Development, Serverless, Databases, DevOps

Scaling Character.AI: How AlloyDB for PostgreSQL and Spanner met their growing needs - Character.AI relies on Google Cloud's portfolio of managed databases, including AlloyDB for PostgreSQL and Spanner, as a solid foundation for its platform, providing reliability, scalability, and price performance for its workloads, from engagement and operations to AI and analytics.

Firestore: From Zero To Interview Hero - On overview of Cloud Firestore.

Deploying Dapr on Google Cloud Run for Efficient Microservices Development - A distributed application run time on GCP serverless.

Cloud without Kubernetes - Thoughts on using Kubernetes or serverless.

The Future of Java Performance in Cloud Run: Native Java, CRaC and Project Leyden - Build high-performance Java apps in Cloud Run.

Vertex AI Predictions cost reduction using CloudRun - A proposed solution in the article of utilizing Vertex AI and leveraging Cloud Run for deployment and scheduling offers a practical and effective way to prevent unnecessary resource consumption during idle periods, leading to substantial cost savings.

Storage-triggered Google Cloud Functions in Java - This post covers Java Cloud Function triggering by Cloud Storage event.

Setting Up a Spanner Emulator in Spring Boot - Efficiently Bridging Local Development and Cloud Services: A Guide to Setting Up the Spanner Emulator with Spring Boot.

Big Data, Analytics, ML&AI

Looker Hackathon 2023 results: Best hacks and more

Watch out when using SAFE_CAST in BigQuery - Here’s an interesting situation I’ve seen with BigQuery.

How to compute the Levenshtein distance in BigQuery? - Example of UDF in to calculate Levenshtein distance in BigQuery.

A Complete Guide To Arrays in BigQuery (2024) - Maximizing Efficiency with BigQuery Arrays: A Comprehensive Guide to Data Management and Query Optimization.

Adding Nested Columns with Confidence in BigQuery - A Step-by-Step Guide to Safely Expanding Your BigQuery Tables.

BigQuery Data Analyses With Gemini LLM - The Gemini-Pro LLM model is now available in BigQuery ML. Here’s how to use it.

Your RAGs powered by Google Search technology, part 1 - Exploring the key features that power Google-quality retrieval in LLM and RAG-based applications.

Your RAGs powered by Google Search technology, part 2 - A deeper look at the critical technologies that are essential for building a successful RAG system to help ground large language models (LLM) when building applications.

Using Vertex AI Gemini from GAPIC libraries (C#) - This post shows how to use Vertex AI Gemini from GAPIC libraries, using C# as an example.

Context-aware code generation: Retrieval augmentation and Vertex AI Codey APIs - Exploring how to use RAG to improve the output quality of Google Cloud AI models for code completion and generation on Vertex AI using its Codey APIs.

Power self-serve analytics and generative AI with Sparkflows and Google Cloud - Sparkflows is a Google Cloud partner that provides a powerful platform packed with self-service analytics, ML and gen AI capabilities for building data products.

Various

Coming of age in the fifth epoch of distributed computing, accelerated by machine learning

Slides, Videos, Audio

Security Podcast - #159 Workspace Security: Built for the Modern Threat. But How?

Releases

Anthos Config Management - Config Controller now uses the following versions of its included products: Anthos Config Management v1.17.1, release notes.

Anthos Config Management - 1.17.0. Upgraded git-sync (Config Sync dependency for pulling from git) from v3.6.9 to v4.1.0 to pick up enhancements, such as improved efficiency and race condition fixes.

Anthos clusters on VMware - The following vulnerability was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes: CVE-2023-6932 For more information, see the GCP-2024-011 security bulletin. The following vulnerability was discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes: CVE-2023-6931 For more information, see the GCP-2024-010 security bulletin.

Apigee X - On February 12, 2024, we released an updated version of Apigee (1-11-0-apigee-17). Bug ID Description 322389251 Security fix for apigee-ingress.This addresses the following vulnerabilities: CVE-2024-23327 CVE-2024-23325 CVE-2024-23324 CVE-2024-23323 CVE-2024-23322. Bug ID Description 230082910 Fixed issue causing null values for system.timestamp and system.time.millisecond proxy variables.

AppEngine Flexible PHP - PHP 8.3 is now available in preview.

AppEngine Standard PHP - PHP 8.3 is now available in preview.

Google Cloud Armor - The following new NTI feeds are now available: iplist-vpn-providers iplist-anon-proxies iplist-crypto-miners For more information about Network Threat Intelligence, see the overview.

Cloud Asset Inventory - The following resource types are now publicly available through the ExportAssets, ListAssets, BatchGetAssetsHistory, QueryAssets, Feed, and Search (SearchAllResources, SearchAllIamPolicies) APIs.

Bare Metal Solution - You can now select the pod for your Bare Metal Solution resources through the Google Cloud console intake form.

BigQuery ML - The following Generative AI features are now generally available (GA): Creating a remote model based on the gemini-pro Vertex AI large language model (LLM). After you run a query in the query editor, in the Chart tab, you can now see a visualization of your query results.

BigQuery - After you run a query in the query editor, in the Chart tab, you can now see a visualization of your query results.

Billing - View granular cost data from Cloud Storage usage in Cloud Billing exports to BigQuery You can now view granular Cloud Storage bucket-level cost data in the Cloud Billing Detailed cost export.

Carbon Footprint - Beginning with the release of January 2024 data, Google Cloud Carbon Footprint will adopt a biannual methodology refresh schedule, with updates planned for January and July data releases each year.

Chronicle - The supported default parsers have changed (see the release page for more information). Google has introduced Risk Analytics to Chronicle.

Cloud Composer - Starting February 16, 2024, in the asia-east2, asia-northeast1, asia-northeast2, asia-northeast3, asia-south1, and australia-southeast1 regions it is possible to create new Cloud Composer 1 environments only in projects that already have Cloud Composer 1 environments. Cloud Composer 2.6.1 release started on February 15, 2024. The apache-airflow-providers-google package is upgraded to version 10.14.0 in images with Airflow 2.6.3. Improved the environment component responsible for metrics reporting (composer-monitoring) to minimize the restarts of this component. Cloud Composer 2.6.1 images are available: composer-2.6.1-airflow-2.6.3 (default) composer-2.6.1-airflow-2.5.3. Cloud Composer versions 2.1.6 and 1.20.6 have reached their end of full support period.

Compute Engine - Preview: You can now use SSH-in-browser to connect to VMs using security keys with OS Login. Generally available: The following quotas and metrics are now available to help you monitor the usage and limits for Compute Engine concurrent operation quotas: Quotas for global concurrent operations (metric - compute.googleapis.com/global_concurrent_operations): Concurrent global operations per project Concurrent global operations per project operation type Quotas for regional concurrent operations (metric: compute.googleapis.com/regional_concurrent_operations): Concurrent regional operations per project Concurrent regional operations per project operation type For more information, see Concurrent operation quotas.

Dataflow - You can now use a turnkey transform to enrich streaming data in your Dataflow pipeline. Dataflow Streaming Engine now supports resource-based billing.

Dataproc Serverless - New Dataproc Serverless for Spark runtime versions: 1.1.50 2.0.58 2.1.37 2.2.0-RC10.

Dialogflow - Dialogflow CX text-to-speech settings now have an option for custom voices. Two new Dialogflow CX prebuilt components are available: retail authentication and order status.

Cloud Data Loss Prevention - The BLOOD_TYPE infoType detector is available in all regions.

Document AI - Enterprise Document OCR version 2.0, pretrained-ocr-v2.0-2023-06-02, is now Generally Available and ready for production workloads.

Cloud Functions - Cloud Functions now supports the PHP 8.3 runtime at the Preview release level for 2nd gen functions.

IAM - Managed workload identities let you bind strongly attested identities to your Compute Engine workloads.

Networking Interconnect - Partner Interconnect supports dual-stack IPv4 and IPv6 in Public Preview. Cloud Interconnect supports VLAN attachments with a maximum transmission unit (MTU) up to 8896 bytes.

Google Kubernetes Engine - The following GKE versions might cause Ubuntu node pools to enter an unhealthy state. The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes: CVE-2023-6932 For more information, see the GCP-2024-011 security bulletin. HorizontalPodAutoscaler (HPA) and VerticalPodAutoscaler (VPA) may stop autoscaling all workloads in a cluster if it contains misconfigured autoscaling/v2 HPA objects. The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes. (2024-R04) Version updates GKE cluster versions have been updated.

Cloud Logging - Copying log entries is now generally available (GA).

Memorystore for Memcached - Added new Memorystore for Memcached region: Johannesburg (africa-south1).

Cloud Monitoring - You can now create a broken-link checker, which periodically validates the links contained in your website. Alerting policies with a PromQL-based condition are generally available (GA).

Cloud Interconnect - Partner Interconnect supports dual-stack IPv4 and IPv6 in Public Preview. Cloud Interconnect supports VLAN attachments with a maximum transmission unit (MTU) up to 8896 bytes.

Cloud Run - You can now set and override the deployment service account for Cloud Run integrations when creating, updating, or deleting integrations using the Google Cloud CLI.

Security Command Center - Support for VPC Service Controls released to General Availability You can now protect Security Command Center using VPC Service Controls perimeters.

SAP Solutions - Google Cloud's Agent for SAP version 3.1 Version 3.1 of Google Cloud's Agent for SAP is generally available (GA).

Cloud SQL MySQL - A new maintenance version rollout is currently underway for all supported MySQL versions. In the new maintenance version [MySQL version].R20240207.00_00, the default value of the performance_schema flag for all MySQL 8.0 instances with more than 15 GB of RAM will be set to on.

Cloud Translation - Adaptive translation is Generally Available and adds Portuguese support, raises the limit for input and output characters, and decreases latency in the API and console.

Vertex AI - The Vertex AI Gemini 1.0 Pro and Gemini 1.0 Pro Vision multimodal language models are available Generally Available (GA).

VMware Engine - VMware Engine ve2-standard-128 node type is generally available in us-east4 region.