Google Cloud Platform (GCP) is a collection of online services that organizations can use to build, host, and deliver applications. The best part is that GCP runs in Google’s data centers, so you can take advantage of Google’s global network and vast experience with serving applications to billions of people around the world.
In this course, you will get an overview of the GCP services available in various categories, such as compute, storage, and networking, and you will also see hands-on examples showing you how to create virtual machines and web apps using the Google Cloud Console and gcloud command-line interface.
- Describe some of the GCP services available in various categories
- Use the Google Cloud Console
- Use the gcloud command-line interface
- Anyone who would like to learn more about Google Cloud Platform
- General technical knowledge
- A Google Cloud Platform account is recommended (sign up for a free trial at https://cloud.google.com/free/ if you don’t have an account)
The GitHub repository for this course is at https://github.com/cloudacademy/gcp-overview.
So far, I’ve only talked about compute, storage, and networking services, but Google offers services in many other categories as well. I won’t talk about all of the GCP services available, but I’ll go over some of the highlights.
Most organizations that start using GCP already have on-premises systems, and they typically want to move some of the applications running on these systems to the cloud. Google provides a number of services to help with this.
The most popular on-premises virtualization platform is, of course, VMware, so I’ll start with how to migrate virtual machines running on VMware. The easiest way is to run them in Google Cloud VMware Engine, which is a complete VMware environment that runs on GCP.
If you’d rather run on Google’s standard compute services instead, then there are a couple of great options. First, Migrate for Compute Engine offers a very sophisticated way to migrate your local virtual machines from VMware to GCP. This service runs an instance on GCP while using the data attached to your local VM. It transfers the data it needs to GCP as it goes. Running the application on GCP before all of the data has been transferred makes the migration process much faster than other methods. Once the data transfer is finished, the instance reboots, and the migration is complete. In addition to VMware, Migrate for Compute Engine also supports physical machines and even VMs running on Amazon Web Services and Microsoft Azure.
If you want to move from virtual machines to containers, then you can use Migrate for Anthos. It will actually convert a VM into a container that’s managed by Google Kubernetes Engine. It currently supports Linux VMs running on VMware, AWS, or Azure. It also supports migrating both Linux and Windows VMs from Google Compute Engine. So, if you want to migrate from Windows or from physical servers, then you can use Migrate for Compute Engine to move them to GCP instances, and then you can use Migrate for Anthos to move them to containers.
One common issue is how to move a large amount of data to GCP. Trying to transfer hundreds of terabytes of data over the internet or even Direct Interconnect would be slow and expensive. Google’s solution is called a Transfer Appliance. It’s a physical storage server that Google ships to your data center. Then you transfer your data to the appliance and ship it back to Google where it gets transferred to Cloud Storage.
One of the most important considerations when you’re moving to GCP is how to ensure that access to your resources is only given to the people who should have it. The most commonly used on-premises identity solution is Microsoft’s Active Directory, so as you would expect, Google has provided a way to integrate with it. Managed Service for Microsoft Active Directory lets you connect your on-premises Active Directory to one that’s hosted on GCP. This allows you to authenticate your users with your existing directory.
If you aren’t using Active Directory, then you can use Cloud Identity instead. As you can tell from the name, it’s a cloud-based identity solution offered by Google.
Okay, let’s move on to one of the hottest categories. Google is known for being on the cutting edge of artificial intelligence and machine learning. For example, it shocked the world when its AlphaGo software defeated one of the best human players at the Go board game.
If you don’t have experience with machine learning, don’t worry. Google offers lots of artificial intelligence services that don’t require any knowledge of machine learning. At the moment, Google divides these services into four categories: Sight, Language, Conversation, and Structured Data.
Under Sight, they have the Vision API, which detects objects, faces, and text in images, and the Video Intelligence API, which recognizes objects, places, and actions in videos.
Under Language, they have the Translation API, which will be familiar to anyone who has used Google Translate to find out what something written in another language says. It supports over one hundred languages. They also have the Natural Language API, which performs tasks like sentiment analysis. For example, it can classify a message as being positive, negative, or neutral.
The Conversation category includes the Text-to-Speech and Speech-to-Text APIs, which do exactly what you would expect based on their names. It also includes a groundbreaking AI service called DialogFlow, which is so good at sounding like a real person, it’s almost scary. Using DialogFlow, you can build chatbots and voicebots to handle things like customer support requests.
The last category is Structured Data. These services allow you to feed in structured data and get back insights. For example, Recommendations AI can look at a customer’s previous purchases and recommend other products that the customer might be interested in buying.
All of these prebuilt AI services have been trained based on general sets of data, so they might not be able to handle your specific needs. For these scenarios, Google provides its AutoML suite of services. For example, you might need to identify product defects on the assembly lines in your factories. By feeding your own data into AutoML Vision, you can train a custom model without having to know machine learning.
If you need to build custom models that are outside the scope of the AutoML suite, then you can use the AI Platform suite. It includes many services, but the most important ones are AI Platform Training and AI Platform Prediction. The Training service lets you train custom models using popular Python-based frameworks, including TensorFlow, scikit-learn, and XGBoost.
The Prediction service will host your trained models and let you send requests for predictions. In machine learning terms, a prediction is basically the “answer” returned by the model for a given data record. For example, if you feed a new image into a trained model and ask what’s contained in the image, the answer it gives is called a prediction because it’s just making a very good guess.
All right, another area where Google is particularly strong is data analytics. Google offers so many services in this area that it can be hard to figure out which ones to use. I’ll divide them into Ingest, Store, Process, and Visualize.
If you’re not familiar with the term “ingest”, it just means “load”. There are lots of ways to ingest data, but if you have a large amount of data streaming in, then you’ll likely need to use Pub/Sub. It essentially acts as a buffer for services that may not be able to handle such large spikes of incoming data.
In the Store category, the main option is BigQuery, which I talked about earlier. BigQuery is also the main option for interactive analytics, that is, running queries on your data. If you need high-speed automated analytics, then Bigtable is usually the right choice.
The Process category is where Google has the most options. These services are used to clean and transform data. If you already have Hadoop or Spark-based code, then you can use Dataproc, which is a managed implementation of Hadoop and Spark. Alternatively, if you already have Apache Beam-based code, then you can use Dataflow. If you’re starting from scratch, you might want to choose Dataflow because Apache Beam has some advantages over Hadoop and Spark. If you’d like to do data processing without writing any code, you can use Dataprep, which actually uses Dataflow under the hood.
To visualize or present your data with graphs, charts, etc., you can use Data Studio or Looker. Data Studio was Google’s original visualization solution, but then Google acquired Looker, which is a more sophisticated business intelligence platform. One big difference is that Data Studio is free, but Looker isn’t. So, if you need to do simple reporting, then Data Studio should be fine, but if you want to do something more complex, then Looker is your best bet.
If you want to create a processing pipeline that runs tasks in multiple GCP services, then you can use Composer, which is a managed implementation of Apache Airflow. Not only can it run tasks in GCP services like Pub/Sub, Dataflow, Dataproc, and BigQuery, it can even run tasks in on-premises environments. Data Fusion is similar to Composer except that it has a graphical interface and doesn’t require you to write any code.
One common source of big data is the Internet of Things, or IoT. This refers to devices, such as thermostats and light switches, that are connected to the internet. Google provides a service called IoT Core that lets you manage and ingest data from your IoT devices.
Let’s move on to DevOps tools. These services help you automate the building, testing, and releasing of application updates. The most important DevOps tool is Cloud Build. It lets you create continuous integration / continuous deployment pipelines. The way it works is when you push new software updates to your code repository, it will build your application, run automated tests, and create a container or artifact for deployment.
Cloud Build integrates with third-party code repositories, such as Bitbucket and GitHub, but you may want to use Google’s Cloud Source Repositories, which are private Git repositories hosted on GCP. If you’re deploying your applications using containers, then you can configure Cloud Build to put the code into a container and push it to Artifact Registry, which is a private Docker image store hosted on GCP.
Okay, now let’s go into some of Google’s most important global networking services. One way to make your web applications respond more quickly to your customers is to use a Content Delivery Network. Google offers Cloud CDN for this purpose. It caches your content on Google’s global network, which reduces the time it takes for your users to retrieve it, no matter where they’re located in the world. This is especially important if your content includes videos.
To make sure your application continues to be responsive when there’s a sudden increase in traffic, or even if one of Google’s data centers fails, you can use Cloud Load Balancing. It redirects application traffic to groups of VM instances distributed in different locations, and it can automatically scale the number of instances up or down as needed. All of this complexity is hidden behind a single IP address.
Load Balancing works well for normal increases in network traffic, but what about when you’re hit by a Distributed Denial of Service, or DDoS, attack? You can use Cloud Armor, which integrates with Cloud Load Balancing.
Cloud Armor is a network security service, but there are many other layers of security in GCP. The most important is IAM, which stands for Identity and Access Management. Since identity is handled using an outside service, such as Cloud Identity or even Google accounts, IAM is really about access management. It lets you assign roles to users and applications. A role grants specific permissions, such as being able to create a VM instance.
Another important security area is encryption. GCP handles this very well because everything is encrypted by default. However, many organizations need to manage the encryption keys that are used to encrypt their data, especially to comply with certain security standards. Google provides Cloud Key Management to allow your organization to centrally manage your encryption keys.
A similar service is Secret Manager, which is a central place to store your API keys, passwords, certificates, and other secrets.
Finally, the Data Loss Prevention service helps you protect sensitive data. For example, if your user records contain credit card numbers, you could configure DLP to remove them before responding to a database query.
I’ve covered some of the most important GCP services, but there are many more that I didn’t cover. So if you have a need that doesn’t seem to fit with any of these services, there are plenty of other options. First, you can look through the Google Cloud Products page. Another way is to type what you’re looking for in the search bar in the GCP console. The search results will include not only standard GCP services but also third-party services in the Marketplace.
Okay, that’s it for this services overview.
Guy launched his first training website in 1995 and he's been helping people learn IT technologies ever since. He has been a sysadmin, instructor, sales engineer, IT manager, and entrepreneur. In his most recent venture, he founded and led a cloud-based training infrastructure company that provided virtual labs for some of the largest software vendors in the world. Guy’s passion is making complex technology easy to understand. His activities outside of work have included riding an elephant and skydiving (although not at the same time).