Welcome to issue #267 November 8th, 2021

News

Introducing GKE image streaming for fast application startup and autoscaling - New container image streaming in Google Kubernetes Engine slashes the time it takes to boot your applications.

New features for translating content globally - Document Translation translates documents in real time across 100+ languages, preserving document formatting.

Google’s new RAD Lab solution helps spin up cloud projects quickly and compliantly - Introducing RAD Lab, a Google Cloud-based sandbox environment to help technology and research teams advance quickly from research and development to production.

Improving the Google Analytics dashboard in Firebase - Providing access to some of the newest Google Analytics 4 innovations directly in the Firebase console.

Knative 1.0 is out! - Knative, serverless layer on top of Kubernetes reaches important milestone since release in July 2018.

New Google Cloud public benefit solutions power rental and housing assistance efforts nationwide

Google Cloud achieves new public sector authorizations: Google Workspace earns FedRAMP High, key Google Cloud Platform services receive DoD IL4 - Google Workspace has achieved FedRAMP High authorization.

Forrester names Google AppSheet a Leader in low-code platforms for business developers! - Google Cloud’s AppSheet has been named a leader in Forrester Wave: Low-code Platforms for Business Developers.

Articles, Tutorials

Infrastructure, Networking, Security, Kubernetes

Nylas builds data sync & security architecture for the enterprise - Nylas uses Google Kubernetes Engine and other Google Cloud solutions to support fast development of productivity tools.

How Veolia protects its cloud environment across 31 countries with Security Command Center - Security Command Center enables Veolia to manage security and risk for their cloud environment.

Google Cloud billing tutorials: Because surprises are for home makeover shows, not your wallet - An overview of Billing tutorials.

Choosing a network connectivity option in Google Cloud - Sketchnote with an overview of networking options on Google Cloud.

Service Directory cheat sheet - An overview of Service Directory.

Everything You Always Wanted to Know About VPC Peering* (*But Were Afraid to Ask) - This article provides an overview of Google Cloud VPC network peerings, their anatomy, major misconceptions, and some watchpoints, so that users can learn how to use them wisely, while designing their infrastructures.

Gotcha of cheaper e2-medium VMs at Google Cloud - Analysis of node resource used in GKE cluster.

Zero trust workload security with GKE, Traffic Director, and CA Service - Take a zero trust approach to securing your GKE workloads with Traffic Director and CAS.

Understand Cloud Load Balancer Like a Senior Engineer - An in depth overview of Load Balancers.

How to expose more than 5 ports for a LoadBalancer k8s service in GCP - Overcoming ports limit for Load Balancer when using with GKE.

App Development, Serverless, Databases, DevOps

Automatically clean up unneeded data with TTL for Cloud Spanner - Time to live (TTL) reduces storage costs, improves query performance, and simplifies data retention by automatically removing unneeded data based on user-defined policies.

Avoiding GCF anti-patterns part 3: How to establish outbound connections correctly - Third post in a series on how to avoid anti-patterns in Google Cloud Functions as seen by the Support team. This post explores how to make outbound connections correctly by using explicit timeouts on your outbound calls.

Moving a Firebase project to a GCP Organization - How to migrate the Firebase/GCP project to exist inside desired GCP organization.

Query Firestore from Firefoo — the GUI for Firebase - Get the most out of Firebase by using Firefoo to query your data!

PostgreSQL extension turned Cloud microservice - Learn one example of how to replace a PostgreSQL extension with a Google Cloud microservice.

Most FHIR Servers are Unusable in Production - FHIR Proof: Call to Action for FHIR Solutions to Prove their Usability.

Big Data, Analytics, ML&AI

Growth Hack: Sending Slack Alerts from BigQuery (SQL) - How to send Alerts on Slack based on the result of a SQL query?

GA4: How to filter your ecommerce data with Google BigQuery - Common queries to use with GA4 in BigQuery.

Hands-on experience with BigQuery: how to query with Google Analytics Data - This article is for Marketers who want to learn how to analyze Google Analytics data in BigQuery.

Implementing Multi-Tenant Security Transparently and Effectively in BigQuery via Your Preferred BI Tool - Want to restrict access to table rows based on a specific user or group? The row-level security feature in BigQuery will help you get there.

Spatial Binning with Google BigQuery - Binning geographical coordinates into square tiles with Google BigQuery.

How to Deploy a TensorFlow Model to Vertex AI - Working with saved models and endpoints in Vertex AI.

Explore Open Buildings with CARTO Spatial Extension for BigQuery - Exploring and visualizing Open Building public dataset.

Various

Live from COP26: A cloud’s eye view - Google sustainability experts bring their perspective on developments from the UN Climate Change Conference, or COP26.

Slides, Videos, Audio

GCP Podcast - #283 Assured Workloads with Bryce Buffaloe and Mikaela Misaka.

Kubernetes Podcast - #166 Knative 1.0, with Ville Aikas.

Security Podcast - #41 Beyond Phishing: Email Security Isn't Solved.

Releases

AI Platform Training - Using interactive shells to inspect training jobs is generally available (GA).

Cloud Run for Anthos - General availability: Installing Cloud Run for Anthos as an Anthos fleet component with Anthos Service Mesh is now publicly available.

AppEngine Standard - Egress settings for Serverless VPC Access are now generally available.

Cloud Asset Inventory - The following resource types are now publicly available through the resource search API (SearchAllResources) and policy search API (SearchAllIamPolicies): Google Kubernetes Engine networking.k8s.io/NetworkPolicy. Cloud Asset Inventory Console is now generally available.

BigQuery - BigQuery now supports parameterized types.

Billing - Prioritized attribution for your resource-based committed use discounts (CUDs) is now Generally Available.

Cloud Composer - Cloud Composer is now available in Singapore (asia-southeast1).

Config Connector - Config Connector 1.66.0 is now available. Added support for memberFrom in IAMPartialPolicy. Miscellaneous bug fixes and improvements. Config Connector 1.65.0 is now available. Added support for the ComputeServiceAttachment resource. config-connector command cli print-resources now includes a column listing whether it supports of related IAM resources. All config-connector containers now emit logging to stdout rather than stderr. config-connector command cli now correctly labels supported bulk-export resources.

Data Fusion - Cloud Data Fusion version 6.5.1 is now available. GA: Cloud Data Fusion now supports Customer-Managed Encryption Keys (CMEK), which provides user encryption control over the data written to Google internal resources in tenant projects, and data written by Cloud Data Fusion pipelines. Fixed in 6.5.1 (for more information, see the CDAP release note ): Fixed an issue where messages could not be retrieved for Kafka topics.

Dataproc - Added the following new Apache Spark properties to control Cloud Storage flush behavior for event logs for 1.4 and later images: spark.history.fs.gs.outputstream.type (default: BASIC) spark.history.fs.gs.outputstream.sync.min.interval.ms (default: 5000ms). Added support in 1.5 and 2.0 images to filter Spark Applications on the Spark History Server Web UI based on Cloud Storage path. New sub-minor versions of Dataproc images: 1.4.75-debian10, 1.4.75-ubuntu18, 1.5.50-centos8, 1.5.50-debian10, 1.5.50-ubuntu18, 2.0.24-centos8, 2.0.24-debian10, 2.0.24-ubuntu18. Removed Apache Iceberg and Delta Lake libraries in 2.0 images because they are not compatible with Spark 3.1. Upgraded Cloud Storage connector to version 2.2.3 on 2.0 Images. The previous Dataproc on GKE beta documentation has been replaced with a Dataproc on GKE private preview sign up form. Patched Hive in 2.0 images with HIVE-20187, which fixes a bug where Hive returned incorrect query results when hive.convert.join.bucket.mapjoin.tez is set to true. Backported SPARK-31946 in 2.0 images. Backported SPARK-23182 in 1.4 and 1.5 images. Fixed stdout and stderr links in the Spark History Server Web UI in 2.0 images.

Datastore - DATA_READ and DATA_WRITE Data Access audit logs are now supported at the General Availability release level.

Deep Learning Containers - M84 Release TensorFlow Enterprise 2.7 is now available with CUDA 11.3 support.

Deep Learning VM - M84 Release TensorFlow Enterprise 2.7 is now available with CUDA 11.3 support.

Dialogflow - Preview launch of the following languages in Dialogflow CX: Afrikaans, Amharic, Azerbaijani, Belarusian, Bulgarian, Bosnian, Catalan, Cebuano, Corsican, Czech, Welsh, Greek, Esperanto, Estonian, Basque, Persian, Frisian, Irish, Scots Gaelic, Galician, Gujarati, Hausa, Hebrew, Hmong, Croatian, Haitian Creole, Hungarian, Armenian, Igbo, Icelandic, Javanese, Georgian, Kazakh, Khmer, Kannada, Kurdish, Kyrgyz, Latin, Luxembourgish, Lithuanian, Latvian, Malagasy, Maori, Macedonian, Malayalam, Mongolian, Maltese, Nepali, Chichewa, Odia, Punjabi, Pashto, Kinyarwanda, Sindhi, Slovak, Slovenian, Samoan, Shona, Somali, Albanian, Serbian, Sesotho, Sundanese, Swahili, Tajik, Turkmen, Tatar, Uyghur, Urdu, Uzbek, Xhosa, Yiddish, Yoruba, Zulu.

Document AI - v1. The following procurement processors are now publicly accessible: Expense Parser Invoice Parser. We have release a new version of the Document OCR Processor called Google default next.

Cloud Firestore - DATA_READ and DATA_WRITE Data Access audit logs are now supported at the General Availability release level.

Google Kubernetes Engine - You can now use image streaming in GKE to reduce image pull time and improve overall application startup and autoscaling performance.

Cloud Run for Anthos - General availability: Installing Cloud Run for Anthos as an Anthos fleet component with Anthos Service Mesh is now publicly available.

Load Balancing - Cloud Load Balancing announces a significant increase in the URL map limits for External and Internal HTTP(S) Load Balancing.

Cloud Monitoring - You can now collect Apache Web Server metrics from the Ops Agent, starting with version 2.7.0. You can now collect Redis metrics from the Ops Agent, starting with version 2.7.0. Data from closed incidents is now retained for 13 months instead of 90 days, so you can see patterns over longer periods of time and investigate them. You can now create an alerting policy from the alert chart dialog on a custom dashboard, and you can create an alerting policy by converting a chart on custom dashboard to an alert chart. You can now collect Cassandra metrics from the Ops Agent, starting with version 2.6.0.

Notebooks - Vertex Explainable AI Preview support available for AutoML image classification models Vertex Explainable AI offers Preview support for the following model type: AutoML image classification. Using interactive shells to inspect custom training jobs is generally available (GA).

Cloud Run - You can now allocate up to 16GiB of memory to your Cloud Run services. Committed use discount recommender now automatically generates recommendations to purchase Cloud Run committed use discounts based on historical usage.

Secret Manager - Secret Manager filtering support to customize the output of ListSecrets and ListSecretVersions is now generally available.

Service Mesh - 1.11.x. Version 1.11 is now available for managed Anthos Service Mesh and is rolling out into the Rapid Release Channel. Managed Anthos Service Mesh now supports Multi-project with shared VPC in the Rapid Release Channel. Managed Anthos Service Mesh now supports private GKE clusters with private control plane.

SAP Solutions - SAP HANA backup issue with Backint agent A critical issue that can result in corrupted backups has been identified that might affect users of the Backint agent for SAP HANA.

Cloud Spanner - Time to live (TTL) reduces storage costs, improves query performance, and simplifies data retention by automatically removing unneeded data based on user-defined policies.

Cloud Storage Transfer - Storage Transfer Service now offers Preview support for agent pools. Storage Transfer Service now offers Preview support for exporting data from Cloud Storage to a POSIX file system.

Cloud Storage - List Object V2 is generally available (GA).

Tensorflow Enterprise - TensorFlow Enterprise 2.7 is now available with CUDA 11.3 support.

Cloud TPU - Cloud TPU now supports Tensorflow 2.7.0.

Transcoder API - v1. Added PHP code samples.

Cloud Translation - Document Translation for Cloud Translation - Advanced (v3) is now Generally Available (GA) and includes the following enhancements: Right to left language support for PDFs Preserves font size, font color, font style, and hyperlinks for native PDFs only Batch document translation requests support PDF to DOCX conversions for native PDFs only.

Vertex AI - Vertex Explainable AI Preview support available for AutoML image classification models Vertex Explainable AI offers Preview support for the following model type: AutoML image classification. Using interactive shells to inspect custom training jobs is generally available (GA).

Cloud Video Intelligence API - AutoML Action Recognition: The Streaming API is a Beta feature of Video Intelligence API for real-time versions of several capabilities such as object tracking and label detection.

Firebase Admin Python SDK v5.1.0

If you have suggestion, feedback or link you want to share feel free to email me at zdenko@gcpweekly.com

Have a great week,

Zdenko