Welcome to issue #251 July 19th, 2021

News

The new Google Cloud region in Delhi NCR is now open - The Google Cloud region in Delhi NCR is now open for business, ready to host your workloads.

Announcing general availability of Google Cloud CA Service - Google Cloud CAS provides a highly scalable and available private CA to address the unprecedented growth in certificates in the digital world.

Cloud Armor: enhancing security at the edge with Adaptive Protection, expanded coverage scope, and new rules - Cloud Armor gets Adaptive Protection, expanded coverage scope, and new rules.

Create alerts from your logs, available now in Preview - Google Cloud announces the preview of log-based alerts, a new feature that opens alerts to all log types, adds new notification channels, and helps you make alerts more actionable within minutes.

Introducing Quilkin: open-source UDP proxies built for game server communication - Developed in collaboration with Embark Studios, Quilkin is an open source UDP proxy, tailor-made for high performance real-time multiplayer games.

Helping you pick the greenest region for your Google Cloud resources - An enhanced region picker makes it easy to choose a Google Cloud region with the lowest CO2 output.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Beyond malloc efficiency to fleet efficiency - In a paper, the Google Systems Infrastructure team shows how using huge pages in its memory allocator improves application performance.

Cleaning up your Google Cloud Environment: Safety Guaranteed* - Use Cloud Custodian’s new metric filters to clean up your Google Cloud environment while minimizing any potential impacts.

App Development, Serverless, Databases, DevOps

Simplify VM migrations with Migrate for Compute Engine as a service - Migrate for Compute Engine enables simple, frictionless, and large-scale enterprise migrations of virtual machines to Google Compute Engine with minimal downtime and risk. Read on to understand how we are delivering Migrate for Compute Engine as a service.

GCP — Set up alerts for particular logs - Alert when systemd timer does not trigger the systemd service.

Try a Tutorial in the Google Cloud Console - How the console can help you clean up your tab game.

Google Cloud Spanner Emulator Setup - This article will show you how you can set up a Google Cloud Spanner emulator on your local machine for testing, debugging, or configuring CI/CD using Docker Compose.

Rename Collection in Firebase Firestore - The official Firebase Console does not support renaming collections. Luckily there’s Firefoo, the powerful GUI client for Firestore!

Call Cloud Run from App Script: The easy way - App Script and Cloud Run belong to 2 different worlds at Google, one in Cloud, the other in Workspace. Using both is powerful but not easy.

Deploy Workflows using Terraform - This quickstart shows you how to create, deploy, and execute your first workflow using Terraform.

Big Data, Analytics, ML&AI

Google Data Fusion: Using Cloud Storage file uploads to trigger Data Fusion ETL Pipelines - Google Cloud Functions and Google Data Fusion’s REST API can be jointly used to deliver event-based execution.

BigQuery Admin reference guide: Jobs & reservation model - Learn all about workload management in BigQuery by understanding what a job is and how slot reservations can be leveraged across your organization.

A macro-ful way to test incremental models and snapshots - Unit testing in DBT and BigQuery.

Optimizing your Google Cloud spend with BigQuery and Looker - Learn how you can export billing data into BigQuery and leverage pre-built dashboards, plus self-service data exploration environments to save costs.

BigQuery SQL Snippets - A curated collection of helpful SQL queries and functions.

Using HKDF in BigQuery via UDFs for Improved Security Hygiene - BigQuery supports encryption, decryption and cryptoshredding. By adding key derivations via HKDF we add an extra layer of security.

How to visualize your business performance with cohort tables using Grafana and BigQuery - An example of how to analyze the behavior of your customer cohorts using Grafana and BigQuery.

Mindfulness App: How to Analyse User Behaviour Using Google Firebase Events Data - This article presents the solutions to some of the most common challenges in analyzing Firebase events data to generate app use insights.

Simplified tileset creation for streamlined app development - Using Carto to create tiles on top of BigQuery data.

Anomaly detection in time series data using BigQuery ML - Create an ARIMA model, then detect anomalies.

Various

Google Cloud Government Security Summit - Join us for ‘can’t miss’ content and solutions for your toughest cybersecurity challenges - Register today to reserve your spot on July 20th, 2021.

How Wunderkind scales up to 200K requests per second using Google Cloud - How the performance marketing channel handles 31 billion events a day.

Qwiklabs on YouTube: Membership with benefits - Qwiklabs offers paid Youtube membership which contains training content from Google and partners.

Not So BigQuery Newsletter - A weekly newsletter about BigQuery and other data-related things from the GCP world.

Serverless Toronto Meetup - Building a Data Cloud to enable Analytics and AI-Driven Innovation - Data Science, Data Warehousing, Machine Learning to Business Transformation with Lak Lakshmanan.

Slides, Videos, Audio

GCP Podcast - #267 Cloud Firestore for Users who are new to Firestore.

Kubernetes Podcast - #154 Gatekeeper and Policy Controller, with Max Smythe.

Releases

AppEngine Standard Java - Updated Java SDK to version 1.9.90.

BigTable - New Dataflow templates are now available to help you import data into Cloud Bigtable. The Cloud Bigtable documentation has been updated to include information about connection pools and when to consider resizing them.

Chronicle - New documentation to support Chronicle data ingestion planning You can now find information about Chronicle supported default parsers.

Compute Engine - Preview: Access the Compute Engine API using Cloud Client Libraries built on our latest client library model. Preview: The Observability tab on Compute Engine's VM instance details page includes a new category for process metrics.

Config Connector - Config Connector 1.56.0 is now available. Added support for ComputeInstanceGroupManager resource (Issue #314). Added support for BinaryAuthorizationPolicy resource. Added cluster.kmsKeyRef field to BigtableInstance. Added expire, rotation, topics, and ttl fields to SecretManagerSecret (Issue #471). Fixed bug that was causing CloudIdentityGroup to go through infinite updates. Added timestamp to log messages. Aggregated the cnrm-admin ClusterRole to the admin and edit ClusterRoles, and aggregated the cnrm-viewer ClusterRole to view ClusterRole.

Dataproc - For 2.0+ image clusters, the dataproc:dataproc.master.custom.init.actions.mode cluster property can be set to RUN_AFTER_SERVICES to run initialization actions on the master after HDFS and any services that depend on HDFS are initialized.

Datastore - Added DATA_READ and DATA_WRITE Data Access audit logs.

Deep Learning Containers - M75 Release Enhanced environment configurations so it is easier to install additional frameworks in CUDA containers.

Deep Learning VM - M75 Release Improved the clarity of error messages for custom container users.

Cloud Firestore - Added DATA_READ and DATA_WRITE Data Access audit logs.

Google Kubernetes Engine - A new security vulnerability, CVE-2021-22555, has been discovered where a malicious actor with CAP_NET_ADMIN privileges can potentially cause a container breakout to root on the host. There is a known issue that prevents the gcloud client from interacting with multi-cluster Ingress that was introduced in gcloud version 346.0.0 and was fixed in version 348.0.0.

Cloud Logging - The Cloud Console now supports creating Logging sinks at the organization or folder level. Starting on October 12, 2021, your Dataflow logs that are ingested and stored in Cloud Logging will be charged at the standard Cloud Logging prices. You can now install the Logging and Monitoring agents on multiple VMs from the Inventory tab on the Cloud Monitoring VM Instances page.

Cloud Monitoring - Metrics Explorer, a stand-alone charting tool that lets you quickly chart and explore time-series data, has a new interface and supports enhanced aggregation options. The VM instances page has a new Processes tab in Preview. You can now install the Logging and Monitoring agents on multiple VMs from the Inventory tab on the Cloud Monitoring VM Instances page. A warning annotation is now added to charts when they are missing data due to a data outage.

Network Intelligence Center - In the Google Cloud console, the trace panel for each Connectivity Test now includes links to VMs, firewall rules, and other resources that were analyzed as part of the test.

SAP Solutions - SAP HANA: sizing guidelines for persistent disks reduced For most Compute Engine VM types that are certified for SAP HANA, Google Cloud has reduced the required minimum sizes of SSD and balanced persistent disks that are used for block storage by reducing the amount of storage that is allocated to the /hana/data volume from 1.5x memory to 1.2x memory.

Cloud Storage - XML API multipart uploads is now in GA. List object V2 for the XML APIPreview launched.

Traffic Director - Traffic Director can now use internet NEGs of the type INTERNET_FQDN_PORT to route traffic to private services that are reachable using hybrid connectivity, including named on-premises, multi-cloud, and internet services.

Transcoder API - v1beta1 & v1. Transcoder v1 API is now available. The Transcoder v1beta1 API is deprecated and will be turned down. The API outputs CEA-608 captions instead of CEA-708.

Vertex AI - You can now use the gcloud beta ai custom-jobs create command to build a Docker image based on local training code, push the image to Container Registry, and create a CustomJob resource.

VMware Engine - Changed MTU recommendation for private cloud-to-private cloud external communications to 1500 bytes.

Virtual Private Cloud - Private Service Connect service attachment details now correctly shows the status for consumer endpoints. If you're creating a Private Service Connect endpoint in a Shared VPC network, the endpoint no longer needs to be in the same project that contains the virtual machines (VMs) that send requests to the endpoint.

If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com

Have a great week,

Zdenko