Google Next Infra/Data Infrastructure services Infrastructure services on GCP Google Compute Engine today ● Run large-scale workloads on virtual machines hosted on Google’s Infrastructure ● Machine types: ○ Predefined ■ High CPU ■ High memory ■ Standard ○ Shared-core machine types ○ Custom machine types ● GPU support ● Sole-tenant nodes ● Shield VMs GCE Billing ● Per-minute billing ● Sustained use discounts - machine type SKUs included vCPUs and memory as a single unit. ● Preemptible instances ● Custom machine types GCE highlights 1. New Compute-Optimized & Memory Optimized VMs (alpha) for Compute Engine — new VM family type that is optimized for very consistent, high-end compute performance. Customers can run more EDA, gaming and HPC workloads on GCP. GCE highlights 1. GCE Windows BYOL (Beta) for Compute Engine — customers can leverage their existing investment in Microsoft Windows and SQL Server licenses while running on GCE sole tenant nodes and have more purchasing flexibility, and licensing compliance with MSFT K8s Overview - Kubern what? ● Greek for “Pilot” or “Helmsman of a ship” ● Container automation framework ● 100% Open source , written in Go K8s Google Kubernetes Engine (GKE) ● Fully managed Kubernetes cluster (orchestration system for running containers) ● Complimentary services: ○ Google Cloud Build ○ Google Container Registry ■ Scanning vulnerabilities Google Kubernetes Engine ● Flexible Deployments based on you use case: ○ Zonal vs Regional ○ Public Nodes + VPC Native ■ Public master API endpoint ■ Master Authorized Networks ○ Private GKE - VPC-native and Private Cluster VPC-native ● Default starting March 31st 2019 ● Network / Node / Pod / Service ○ Same as previous section ● VPC-native cluster using Alias IP, removes the job of routing between pods from the Kubernetes Control Plane (Master(s)) in favor of a native VPC integration. This allows for things like CloudSQL private IP access or direct access to things like BigQuery without a NAT proxy. Private Cluster ● In a private cluster, nodes do not have public IP addresses, and the master is inaccessible by default. ● Private nodes don’t have internet access. ● Requires VPC Peering ○ Wait, what the heck is VPC peering? ■ Let’s do a quick GCP Networking 101 ● VPC Networks ● Shared VPC ● VPC Network Peering GKE - VPC Native and Private Cluster Google Kubernetes Engine ● Notable Features ○ Secure (CoS, Networking Policy, PSP) ○ Service Mesh (Managed Istio) ○ Autoscaling ○ Auto-healing ○ Auto-upgrades 1. GKE - RBAC support Google Groups (Beta) 2. GKE Sandbox (Beta) - based on Gvisor 3. Kubernetes development plug-ins for Visual Studio Code (Beta) GKE Anthos (Hybrid-Cloud+Multi-Cloud) Anthos Migrate - Migrate tool that existing monolithic applications and breaks them down into smaller microservices and containers, then moves them into Anthos or GKE (without requiring VM modifications) (Beta)