Google Cloud Platform

Introduction

Google Cloud Platform (GCP) provides a suite of cloud computing services running on Google's infrastructure, known for its strength in data analytics, machine learning, and scalable infrastructure.

Key Features:

  • Global infrastructure
  • Strong data analytics
  • Advanced machine learning
  • Kubernetes expertise
  • Live migration
  • Carbon-neutral operations

Compute Services

Compute Engine

# Create VM instance
gcloud compute instances create my-instance \
    --zone=us-central1-a \
    --machine-type=e2-medium \
    --image-family=debian-10 \
    --image-project=debian-cloud

# List instances
gcloud compute instances list

# SSH into instance
gcloud compute ssh my-instance --zone=us-central1-a

Google Kubernetes Engine

# Create GKE cluster
gcloud container clusters create my-cluster \
    --zone=us-central1-a \
    --num-nodes=3 \
    --machine-type=e2-medium

# Get credentials
gcloud container clusters get-credentials my-cluster \
    --zone=us-central1-a

# Deploy application
kubectl apply -f deployment.yaml

Storage Services

Cloud Storage

# Create bucket
gsutil mb -l us-central1 gs://my-bucket

# Upload file
gsutil cp myfile.txt gs://my-bucket/

# Set object lifecycle
gsutil lifecycle set lifecycle.json gs://my-bucket

# Configure bucket policy
gsutil iam set policy.json gs://my-bucket

Cloud SQL

# Create SQL instance
gcloud sql instances create my-instance \
    --database-version=POSTGRES_13 \
    --tier=db-f1-micro \
    --region=us-central1

# Create database
gcloud sql databases create mydb \
    --instance=my-instance

Networking

VPC Networks

# Create VPC network
gcloud compute networks create my-network \
    --subnet-mode=custom

# Create subnet
gcloud compute networks subnets create my-subnet \
    --network=my-network \
    --region=us-central1 \
    --range=10.0.0.0/24

# Create firewall rule
gcloud compute firewall-rules create allow-http \
    --network=my-network \
    --allow=tcp:80

Load Balancing

# Create load balancer
gcloud compute forwarding-rules create my-lb \
    --region=us-central1 \
    --network=my-network \
    --target-pool=my-pool

# Add health check
gcloud compute health-checks create http my-health-check \
    --port=80

Security

IAM

# Create service account
gcloud iam service-accounts create my-sa \
    --display-name="My Service Account"

# Grant role
gcloud projects add-iam-policy-binding my-project \
    --member="serviceAccount:my-sa@my-project.iam.gserviceaccount.com" \
    --role="roles/storage.objectViewer"

Security Features

Key Components:

  • Cloud Identity
  • Cloud KMS
  • Security Command Center
  • Cloud Armor
  • VPC Service Controls

Data and Analytics

BigQuery

# Create dataset
bq mk my_dataset

# Run query
bq query --use_legacy_sql=false '
SELECT
  name,
  COUNT(*) as count
FROM
  `my_dataset.my_table`
GROUP BY
  name
ORDER BY
  count DESC
LIMIT 10'

Cloud Dataflow

# Run Dataflow job
gcloud dataflow jobs run my-job \
    --gcs-location=gs://my-bucket/my-template \
    --parameters=input=gs://my-bucket/input,output=gs://my-bucket/output

Best Practices

Architecture

Design Principles:

  • Design for scale
  • Implement microservices
  • Use managed services
  • Automate deployments
  • Monitor and alert

Cost Optimization

Cost Management:

  • Use preemptible VMs
  • Implement auto-scaling
  • Set budgets and alerts
  • Use committed use discounts
  • Clean up unused resources