1. Google Cloud Study Jam
GDSC NCU
SepĞ
ember - OcĞ
ober 2023
Lakshay Yadav
Cloud Facilitator

2. So, What’s the Cloud
Anyway?

3. On-
demand
self-service
Broad network
access
Resourc
e
pooling
Rapid
elasticity
Measured
service
No human
intervention needed
to get resources
Access from
anywhere
Provider shares
resources to
consumers
Get more resources
quickly as needed
Pay only for what
you consume
Cloud computing has five fundamental
characteristics

4. Infrastructure as a service
(IaaS)
Platform as a service
(PaaS)
Software as a service
(SaaS)
● CPU, memory, storage, and
networking is provided as a
service.
● The user needs to manage
the OS and the application.
● The platform is a managed
service.
● All the user provides is the
application.
● The platform and software
is provided as a service to
the user.
● The user supplies the data.
IaaS versus PaaS versus SaaS (threeCloud ServiceModels)

5. Google Cloud
PoPs and
Network Edge
Point of
presence
Equiano
(PT,NG, ZA)
2021
Dunant
(US, FR)
2020
SJC
(JP,HK, SG)
2013
JGA-S
(GU,AU)
2019
Indigo
(SG, ID,AU)
2019
2019
Monet
(US, BR)
2017
Junior
(Rio, Santos)
2018
Tannat
(BR, UY,AR)
2018
Curie
(CL, US)
2019
Faster
(US, JP,TW)
2016
PLCN
(US, TW)
2020
Unity
(US, JP)
2010
Grace Hopper Havfrue
(US, UK, ES) (US, IE, DK)
2022
Network

6. Compute
App Engine
Google
Kubernetes
Engine (GKE)
Compute
Engine
(Iaas)
Cloud
Functions
Cloud
Run
Google Cloud offers a range of compute services

7. Storage
Cloud SQL
Cloud
Storage
Cloud
Bigtable
Cloud
Spanner
Datastore
Google Cloud also offers a range of storage services

8. Vision API Speech-to-T
ext
API
Cloud
T
ranslation API
AI Platform
Big data
Pub/Sub Dataflow Dataproc
BigQuery AI Platform
Notebooks
Machine learning
AutoML
Google Cloud offers services to get value from data

9. Start with a Solid
Platform

10. Google Cloud
Console
Web user
interface
>_
Cloud SDK and
Cloud Shell
Command-line
interface
Cloud Console
mobile app
For iOS
and
Android
REST-based
API
For custom
applications
REST:
Representational
State Transfer
There are four ways to interact with Google Cloud

11. The Cloud Console provides a web-based GUI for
you to manage Google Cloud projects and resources
● Centralized console for all project data.
● Execute common tasks using simple
mouse clicks.
● Manage and create projects.
● Access developer tools:
○ Cloud Source Repositories
○ Cloud SDK
○ Cloud Shell
● Access to product APIs.

12. Logging in to the Cloud Console

13. Interacting with the Cloud Console

14. Every Google Cloud service you use is associated
with a project
● Enable services and APIs.
● Enable billing.
● Manage permissions and credentials.
● Track resource and quota usage.
● Programmatically manage your
projects in Google Cloud.

15. Project ID Project name Project number
Globally unique Need not be unique Globally unique
Assigned by Google Cloud
but mutable during creation
Chosen by you Assigned by Google Cloud
Immutable after creation Mutable Immutable
Projects have three identifying attributes

16. http://www.console.google.com
Creating a project

17. Creating a project

18. Billing account pays for project
resources.
A billing account is linked to zero or
more projects.
Accounts are charged automatically,
invoiced monthly, or invoiced at the
threshold limit.
Sub accounts can be used for
separate billing for projects.
BigQuery Cloud
Storage
VMs Cloud
APIs
Cloud
Network
How billing works

19. ● gcloud
● Gsutil (py app)
● bq
The Cloud SDK is a command-line interface for
Google Cloud products and services

20. ● Browser-based CLI access to resources
● No need to install the Cloud SDK or
other tools locally
● Runs on an ephemeral Compute Engine
VM at no cost to you
● 5 GB of persistent disk storage
● Web preview functionality and built-in
authorization for project/resource
access
Cloud Shell
Cloud Console
console.cloud.google.com
Cloud SDK
Cloud Shell is an alternative to the Cloud SDK

21. Starting Cloud Shell

22. The Cloud Console and Cloud Shell

23. The Cloud Shell code editor is a tool for editing files
inside your Cloud Shell environment

24. Manage Google Cloud services from your Android
or iOS device

25. GCP Compute Services

26. Compute Engine App Engine Cloud Functions
Google
Kubernetes Engine
IaaS PaaS Serverless logic Hybrid
Virtual machines with A flexible, zero ops A lightweight fully Cluster manager and
industry-leading platform for building managed serverless orchestration engine built
price/performance highly available apps execution environment for on Google’s container
building and connecting experience
cloud services
Google Cloud offers a variety of compute services
spanning different usage options

27. Introducing Compute Engine
General purpose
and optimized VMs
Committed
and sustained
use discounts
PreemptibleVMs,
BYOL and sole tenants
Right sizing
recommendations
Live migration
Customand
predefined
machine types
Compute Engine lets you create and run virtual
machines on Google infrastructure.
Get access to a variety of predefined and
customizable VM families coupled with consumption
and pricing models, as well as functionality for all of
your application and workload requirements.

28. Proprietary +Confidential
Application
Developmen
t
Performanc
e
Monitoring
Scaling
VM
Provisioning
Ops &
Security
Management
Internet
Connectivity
Physica
l
Servers
Network
Hardwar
e
Physica
l
Securit
y
28
Serverless
The Responsibility
Pyramid
Managed by
customer
Fully Managed
by Google

29. Serverless
Compute
Deploy and scale applications fast and
securely in a fully managed environment
No Infra
Management
Speed to
Market
Auto-scaling
29

30. Proprietary +Confidential
Google Cloud Serverless Compute
Product Portfolio
App Engine
Cloud Run
Cloud Functions Event-driven Functions-as-a-Service
Run containers on a fully managed
environment
Run source-based web applications on a
fully managed environment

31. App Engine is a platform-centric solution
● Type of PaaS
● No need to buy, build, or operate
hardware/infrastructure
● No managing servers or configuring
deployments
● Focus on app development instead
of operations
● Use a range of languages and tools
● Automatic scaling

32. Connect and extend
cloud services
Events and triggers Serverless
The components that make Cloud Functions work

33. Cloud services Other APIs
Cloud Functions
Responds to events
Emit events
Writes back
Invokes other
services
How Cloud Functions works

34. Containers
• Any Language
• Any Library
• Any Binary
• Ecosystem of base images
.js .r
b
.g
o
.p
y
.s
h
…
0 1 0
1 0 0
1 1 1

35. Proprietary +Confidential
Cloud Run
Deploy in seconds
Automatic HTTPS, Custom domains
Any language, any library
Portability
No cluster management
Run containers on a fully managed environment

36. Deploying containers at scale is different!
A fundamentally different way of
managing applications requires different
tooling and abstractions
● Deployment
● Management, monitoring
● Isolation
● Updates
● Discovery
● Scaling, replication, sets

37. Scheduling:
Decide what pods(exe unit) to run on
which nodes
Lifecycle and health:
Keep my containers running despite failures
Scaling:
Make sets of containers bigger or smaller
Naming and discovery:
Find where my containers are now
Load balancing:
Distribute traffic across a set of containers
Kubernetes handles...
Storage volumes:
Provide data to containers
Logging and monitoring:
T
rack what’s happening with my containers
Debugging and introspection:
Enter or attach to containers
Identity and authorization:
Control who can do things to my containers

38. GCP Storage Services

39. Which storage type?
Cloud
Storage
Cloud
Bigtable
Firestore
Cloud
SQL
Memorystore
Cloud
Spanner
Filestore
Persistent
Disk
BigQuery
In Memory Relational NoSQL Analytical Object Block File
Managed
Redis &
Memcached
Managed
MySQL and
PostgreSQL
, and SQL
Server
Scalable
relational
database
Serverless,
scalable,
document
store
Low-latency,
scalable
key-value and
wide-column
store
Enterprise DW
Unstructured
data, objects
or blobs
Local VM file
storage
Lift/shift apps
requiring file

40. There are three common use cases for cloud storage
1 Content storage and delivery
2
3 Backup and archival storage
Storage for data analytics and
general compute

41. Structured data
Unstructured data
First_Name Last_Name Address City Age
Sherlock Holmes 12 Main St Mesa 60
James Bond 23 Old St Napa 43
Scarlett O’Hara 34 New St Derby 23
Marge Simpson 56 West St Cody 36
Transactions
Online
communities
Notes & text
fields
Email
Social
media
Ratings &
reviews
Voice
transcriptions
Surveys
Call center
Chat
Structured versus unstructured data

42. Cloud SQL
Cloud
Spanner
Datastore
Cloud
Bigtable
BigQuery
Cloud
Storage
Is your data structured?
?
No
Is your workload analytics?
?
No
No
Is your data relational?
?
Yes
Do you need updates
or low latency?
?
Do you need horizontal
scalability?
?
No
Yes
Yes
Yes
No
Yes
What type of storage will meet my needs best?

43. GCP Security &IAM

44. Responsibility
On-
premises
IaaS PaaS Managed
services
Content
Access policies
Usage
Deployment
Web app security
Identity
Operations
Access and authentication
Network security
OS, data, and content
Audit logging
Network
Storage and encryption
Hardware
Customer-managed
Google-managed
With Google Cloud, security responsibility is shared

45. Data access is almost always the customer’s responsibility

46. Who can do what on which resource
Cloud Identity and Access Management lets admins
authorize who can take action on specific resources

47. Google account or Cloud Identity user
test@gmail.com test@example.com
Service account
test@project_id.iam.gserviceaccount.com
Google Groups
test@googlegroups.com
Cloud Identity or Google Workspace domain
example.com
Who: IAM policies can apply to any of four types
of user sources
Who

48. Basic Predefined Custom
There are three types of IAM(Identity & Access) roles

49. Who can do what
on Compute Engine
resources in this project,
or folder, or org
IAM predefined roles apply to a particular Google Cloud
service in a project

50. ✔ compute.instances.delete
✔ compute.instances.get
✔ compute.instances.list
✔ compute.instances.setMachineType
✔ compute.instances.start
✔ compute.instances.stop
. . .
InstanceAdmin
role
project_a
Google
Group
IAM predefined roles offer more fine-grained permissions on
particular services

51. ✔ compute.instances.get
✔ compute.instances.list
✔ compute.instances.start
✔ compute.instances.stop
. . .
InstanceOperator
role
project_a
Google
Group
IAM custom roles let you define a precise set
of permissions

52. Provide an identity for carrying out server-to-server interactions in a project.
Used to authenticate from one service to another.
Used to control privileges used by resources so that applications can
perform actions on behalf of authenticated end users.
Identified with an email address:
PROJECT_NUMBER-compute@developer.gserviceaccount.com
PROJECT_ID@appspot.gserviceaccount.com
Service accounts control server-to-server interactions

53. Proprietary +Confidential
Learn more about Generative AI at
http://bit.ly/3ZbrF4n

54. Thank You