GCP Digital Leader Cert Exam

A brownfield strategy

on the other hand, is to invent a new application in the cloud environment that will replace an existing legacy application that remains on premises > although this redundancy can be comforting through minimizing risk, especially for mission critical applications, there are increased costs associated with running applications in both places

Service level indicator

or SLI is a measure of the service provided

Five common patterns that businesses can adopt when they want to modernize their applications

A business can move applications to the cloud first and then change them, or they can change their applications before they move, or they can invent in greenfield, or invent in brownfield, or they can just move their applications without any changes

Today's top cyber security challenges

(1) phishing attacks (2) physical damage; power loss, natural disaster (3) Malware, viruses, ransomware (4) unsecure third party systems *Misconfiguration > biggest threat to cloud security

Cloud Cost Management inefficiencies:

(1) technology and line of business teams are often the ones using cloud resources, but they don't necessarily factor costs into their decision making & (2) finance teams care about controlling cloud costs, but they may struggle to understand or keep up with cloud spend on a daily, weekly, or monthly basis

re-architect applications first to make them more cloud ready before migrating them

*aggressive approach If an organization wants to take a more aggressive approach to modernizing its applications changing the design of the kitchen and placement of appliances

How APIs can modernize legacy systems

APIs enable integration between systems so businesses can unlock value and create new services > they do this by exposing data in a way that protects the integrity of the legacy systems and enables secure and govern access to the underlying data. This allows organizations with older systems to adapt to modern business needs and, more importantly, to quickly adopt new technologies and platforms Example: Mobile banking > The data that provides that information is stored in a legacy database to connect that database to the end user application > The bank creates an API that allows information to flow between the application and the legacy database seamlessly and securely.

Data Type: Unstructured

no organization; tends to be qualitative; audio files, images, videos - stored as objects (+ metadata and global identifier) Stored as a BLOB > binary large object Historically difficult to analyze

API

An API is a set of functions that integrate different platforms with different types of data so that new insights can be uncovered.

Identity & access management in the cloud:

An identity access management policy or IAM policy is made of three parts: who can do what, and on which resource. The who part of an IAM policy can be a Google account, a Google group, a service account, or a Google workspace or Cloud Identity domain. The "can do what" part is identified by IAM role > (3) primitive, predefined, and custom Primitive roles are owner, editor, and viewer and are broad. If you're not sure what permissions to grant specific users, Google Cloud services offer their own set of predefined roles that align with typical responsibilities of people using those services Custom > Google Cloud recommends using a least privileged model in which each person in your organization is given the minimal amount of privilege needed to do their job > for example, maybe you want to define a role to allow some users to stop and start Compute Engine virtual machines, but not to reconfigure them

Invoice v. cost management tool

An invoice simply tells you how much you're spending over a period of time. Cost management tool > The tools will help financial controllers and IT leaders, for instance, get more granular data, find trends, and identify actions to take to control or optimize costs.

Public cloud services

offer organizations economies of scale, rapid elasticity, and automation where there was manual overhead

Public cloud services: cost of ownership

less CapEx - pay-as-you-go OpEx model > This shift opens up room for their technology teams to focus more on building innovative solutions in the cloud instead of maintaining the existing infrastructure

Infrastructure Modernization: Colocation

Business sets up a large data center and other orgs rent part of that data center This means organizations no longer have to pay for the cost associated with hosting the infrastructure, but they still need to pay to maintain it.

Environment impact (of cloud)

By moving compute from a self-managed data center or colocation facility to Google Cloud, the net emissions directly associated with your company's compute and data storage will be zero Because Google Cloud matches 100% of the energy consumed by our global operations with renewable energy and maintains a commitment to carbon neutrality

Cloud SQL

Cloud SQL is a fully-managed Relational Database Management Service, or RDBMS. It's easily integrates with existing applications and Google Cloud services like Google Kubernetes Engine and BigQuery and built on the performance innovation in Compute Engine. Cloud SQL is compatible with common database management systems and methodologies. You might want to use Cloud SQL for databases that serve websites, for operational applications for e-commerce, and to feed into report and chart creation that informs business intelligence.

Google Cloud's multi-layer approach

Hardware: Google designs its own servers, its storage, and its networking gear; The hardware is housed in these high security data centers that are located around the world > New server builds have an embedded chip called Titan. Software: The Titan microcontroller continues to verify the operating systems and the rest of the deploy software stack. Storage: Storage is closely connected to the idea of data encryption at rest (default) Identity: zero trust model > This means that every user and every machine that tries to access data or services must strongly authenticate at every stage for each file. Operations: detect attacks and other issues and respond to them

Cloud Billing accounts

live under the organization and track any charges for associated projects > stick to 1 cloud billing account (more efficient and greater visibility)

monolithic architecture

Updating already existing applications that have been typically built on prem This means that as it's updated over time, its code base becomes bloated, making it difficult to change something without breaking something else. When an app is updated > app needs to be deployed and tested > This makes implementing updates a lengthy and potentially risky process.

App Engine

Google App Engine is a platform as a service and cloud computing platform for developing and hosting web applications and mobile back ends. App Engine lets app developers build scalable web and mobile backends in any programming language on a fully managed serverless platform app developers can focus on writing code without having to manage the underlying infrastructure It allows you to concentrate on innovating your applications by managing the application infrastructure for you. when you're building an application, App Engine manages the hardware and networking infrastructure required to run your code so developers no longer need to spend valuable time doing this. During deployment, App Engine will scale your application automatically in response to the amount of traffic it receives so you only pay for the resources you use.

Three core focus areas for modernization

infrastructure, business platforms, and applications.

Shared responsibility model (cont:)

IT teams need to control data access, maintain visibility, and be prepared for incidents Est. access policies IT teams and business decision makers need to ensure that they have visibility into what's happening, who is accessing what data and when (logging & monitoring) teams and business leaders need to have a plan in place to successfully deal with it (developing awareness)

Shared Responsibility Security Model

In this model, the Cloud provider is responsible for the physical infrastructure like the undersea cables, data centers, the personnel to manage the hardware and software, and businesses are responsible for controlling data and resource access

GKE

Kubernetes is an open source container orchestration system for automating computer application deployment, scaling, and management. GKE enables rapid application development and iteration by making it easy to deploy, update, and manage your applications and services. Serverless computing > You write the code for the functions you want, and the cloud provider updates and adapts the container or VMs as needed to make that change. Google Kubernetes Engine, or GKE, provides a managed environment for deploying, managing, and scaling your containerized applications using Google infrastructure The GKE environment consists of multiple machines, specifically Compute Engine instances, grouped together to form a cluster GKE allows you to securely speed up app development, streamline operations, and manage infrastructure

Payments Profile

is a Google-level resource that sits outside of Google Cloud, and is used to pay for all Google services such as Google Cloud, Google ads, or Chrome licenses.

Compute Options in the Cloud

On demand self service > Cloud reduces the need for IT teams to act as a gateway to technical resources such as network security, storage, compute power, and data Broad Network access > access to data and compute resources is no longer tied to a particular geography or location; little to no latency Resource pooling > resources are distributed across a global network of data centers - another data center is available if a disruption occurs Rapid elasticity > instant ability to scale up or down - serve customers without interruption Measured service > lower upfront cost (capital expenditure)

So how can customer IT teams know what's happening within a server or database or application?

One option is to use the tools in Google Cloud's operations suite > offer a range of services and cloud computing resources to help monitor, troubleshoot, and improve application performance on an organization's Google Cloud environment The first is operations focus tools, which include cloud monitoring, cloud logging, error reporting, and service monitoring - These tools tend to be for users that want to keep their infrastructure up, running. And the second is application performance management tools, which includes Cloud Debugger, Cloud Trace, and Cloud Profiler - hese features tend to be for developers who are trying to perfect or troubleshoot applications that are running in one of the Google Cloud compute services

Cloud Cost Management inefficiencies [solution]:

Solution from PP&T perspective: the finance team needs to take on a financial planning and advisory role > Working in close collaboration with technology and line of business teams the central team would consist of several experts who ensure that best practices are in place across the organization and there's visibility into the ongoing cloud spend > centralized group would also be able to make real time decisions and discuss trade-offs when spending is higher than planned. Google Cloud brings its own native tools that help organizations monitor and manage their costs. these tools can enable organizations to gain greater visibility, drive a culture of accountability for cloud spending across the organization, control costs to reduce to risks of overspending, and provide intelligent recommendations to optimize cost and usage

Resource hierarchy (cont.)

Starting from the top, everything managed in Google Cloud is under a domain and an organization. The domain is handled through Cloud Identity, and helps manage user profiles. The organization is managed through the Cloud Console, and lets administrator see and control Google Cloud resources and permissions. Projects belong to the organization rather than the user who created them (used to group GC resources) A project can exist under a folder, so it can be grouped logically to match a company's actual organizational structure. -Folders and projects can have permissions that let the administrator control who can create, edit, or just view resources inside of them. -Their permissions and structure are flexible, so a business can organize the hierarchy to meet its needs.

Six focus areas that contribute to the successful culture transformation

Talent, environment, structure, strategy, empowerment, innovation

Apigee

The Apigee platform includes an API Services layer that provides the runtime API gateway functionality. Uses developer services > developer can access a portal to utilize your APIs for their projects. And register their own applications Measuring and tracking the performance of APIs is a critical component in API management.

how will the central team monitor current cost trends and identify areas of waste that could be improved?

They can use Google Cloud built-in reporting tools and create custom dashboards to gain greater visibility into their costs. Pricing calculator > see how changing usage affects cost Permissions > control power to deploy cloud resources Alerts > spending is off track organizations can make smart spending decisions with intelligent recommendations delivered by Google Cloud These are tailored to each organization and help optimize usage, save time on management, and minimize costs.

Adapt IT operations (in the cloud)

They need to adopt best practices from the developer operations or DevOps, and site reliability engineering or SRE so teams can be more agile and work more collaboratively with clearer accountability

AutoML Vision API

This API automates the training of your own custom machine learning models. This means a developer can simply upload a custom batch of images or ingest them into AutoML Vision directly from Cloud Storage and train an image classification model with the easy-to-use graphical interface. Models can be further optimized and deployed for use directly from the Cloud

Data cleanliness

This is sometimes called data consistency. Data is considered dirty or inconsistent if it includes or excludes anything that might prevent an ML model from making accurate predictions.

Data completeness

This refers to the availability of sufficient data about the world to replace human knowledge.

Google Translate API

Translation API Basic uses Google's neural machine translation technology to instantly translate texts into more than one hundred languages. Translation API Advanced offers the same fast, dynamic results you get with Basic and additional customization features. Customization matters for domain- and context-specific terms or phrases, and formatted document translation.

top pain points when managing cloud environments:

We've learned that IT executives found that (1) unpredictable costs and (2) lack of visibility and transparency into the cloud usage

microservice architecture

When building new applications or modernizing existing ones This type of architecture involves the separation of a large application into small, loosely coupled services. The code base for each service is modular so it's easy to determine where the code needs to be changed.

Fire store

is a NoSQL document database built for automatic scaling, high performance, and ease of application development. While the Firestore interface has many of the same features as traditional databases, as a NoSQL database it differs from them in the way it describes relationships between data objects.

Artificial intelligence

is a broad field or term that describes any kind of machine capable of acting autonomously.

Shared responsibility model

the cloud service provider typically becomes the data processor The organization is the data controller

Bare Metal

You can migrate many existing workloads to the cloud easily Bare Metal enables you to migrate specialized workloads to the cloud while maintaining your existing investments and architecture

Google's BigQuery data analytics too

a serverless application that scales to multi-petabyte data sets, but may keep the core applications generating data that needs to be processed on-premises

Google Cloud AI Platform

a unified simply-managed platform that makes machine learning easy to adopt by analysts and developers. It's not limited to data scientists. It provides modern ML services with the ability to generate your own tailored models and use pretrained models so that you can add innovative capabilities to your own applications.

Cloud Run

allows developers to build applications in their favorite programming language with their favorite dependencies and tools and deploy them in seconds Cloud Run abstracts away all infrastructure management by automatically scaling up and down from zero almost instantly depending on user traffic

Anthos

an open application modernization platform that enables you to modernize your existing applications, build new ones, and run them anywhere - It allows you to build an application once and run it wherever you want, on-premises, on Google Cloud, on a different public cloud

TensorFlow

and open-source software library for machine learning developed inside Google

Data warehouses

are built to enable rapid analysis of large and multidimensional datasets Think of the data warehouse as the central hub for all business data. Different types of data can be transformed and consolidated into the warehouse, so they're useful for analysis. In particular, a Cloud data warehouse allows businesses to consolidate data that is structured and semi-structured

Data lakes

are repositories for raw data and tend to serve many purposes > they often hold backup data, which helps businesses build resilience against unexpected harm affecting their data (protected against data loss)

Developing cloud native applications

avoids the hassle of trying to create something that is constrained by legacy systems and outdated processe

Virtual Machines

computer programs that present the appearance of an independent operating system within a second host operating system share the same pool of computer processing, storage and networking resources and optimize the use of available resources and enable businesses to have multiple applications running at the same time on a server in a way that is efficient and manageable

Compute Engine

computing and hosting service that lets you create and run virtual machines on Google's infrastructure delivers scalable, high performance virtual machines running in Google's innovative data centers and worldwide fiber network This solution is ideal if you need complete control over the virtual machine infrastructure

Move first then change

conservative* further modernization can be explored potentially using APIs to change the way that the application interacts with data and other applications, or even making the application serverless so that it can become cloud native event-driven application, the most efficient form of application architecture After the first set of applications have been re-architected and optimized in the cloud, further applications can be moved > renovating kitchen slowly

Multi-cloud

is where an organization is using multiple public cloud providers as part of its architecture In this case, the organization needs flexibility and secure connectivity between the different networks involved

CI/CD Pipeline

continuous integration and continuous deployment approach can help you increase your application release velocity and reliability With a robust CI/CD pipeline, you can test and roll out changes incrementally instead of making big releases with multiple changes. This approach enables you to lower the risk of regressions, debug issues quickly, and roll back to the last stable build if necessary. Some organizations have been able to adopt CI/CD to build applications faster but not always with the high quality that customers demand > don't invest enough in building quality into the process If you're not able to recover from production infrastructure failures quickly, it doesn't matter how quickly you deliver software, you won't be able to deliver better customer experiences.

VMs

enable businesses to have multiple applications running at the same time on a server in a way that is efficient and manageable software layer that enables this is called a hypervisor > A hypervisor sits on top of physical hardware and multiple VMs are built on top of it Virtual machines recreate a full representation of the hardware BUT containers only recreate or virtualize the operating systems* This means that they only contain exactly what's needed for the particular application that they support

Cloud Debugger

helps monitor application performance > no downtime, this means that end users are not affected while a developer searches the source code

Build & deploy applications on premises >

high CapEx The operating expenditure would include, for example, the utility bill for keeping the space full and salaries for security personnel.

Data Type: Structed

highly organized; cc numbers, customer records > stored in databases

Google Cloud AI Hub

hosted repository of plug-and-play AI components. If you have data scientists who are already working with ML, they might already be using TensorFlow. It has a comprehensive, flexible ecosystem of tools, libraries, and community resources. TensorFlow lets researchers push innovation in ML and lets developers easily build and deploy ML-powered applications. The AI Hub is a hosted repository of plug-and-play AI components, including end-to-end AI pipelines and out-of-the-box algorithms.

Availability

how much time the cloud service provider guarantees that your data and services are up and running or accessible.

Looker

is a business intelligence platform that provides a unified service to access the truest, most up to date version of your company's data it's a data platform that sits on top of an analytics database and makes it simple to describe your data and define business metrics Gaming analytics can be used by product managers, developers, and marketers to see which features are used most, discover levels or areas in the game where players are getting stuck, and identify player lifetime value > With this information, gaming companies can then create better, more targeted content for their players based on the needs, interests, and challenges of their users Looker leverages the power of data warehouses like BigQuery to make this data useful.

data map

is a chart of all the data used in end-to-end business processes. User data sets > demographics, financial history, personal interactions Corporate data > sales, call logs, portfolio metrics Industry data > benchmarking, stock performance, investment trends

Virtualization

is a form of resource optimization that allows multiple systems to run on the same hardware - share the same pool of computer processing, storage and networking resources

Cloud Functions

is a serverless execution environment for building and connecting cloud services It offers scalable, pay-as-you-go functions as a service to run your code with zero server management You or your developers can simply write your code and let Google Cloud handle the operational infrastructure developers are also more agile as they can write and run small code snippets that respond to events

Dataflow

is a service for large scale processing of data

Pub/Sub

is a service for real-time ingestion of data

Cloud storage

is a service that enables you to store and serve Binary Large OBject, or BLOB data Cloud Storage provides organizations with different options so they can tailor their object storage based on their access needs key benefits of Google Cloud Storage are: you can store unlimited data with no minimum amount required, low latency-- you can retrieve your data as often as you'd like-- and you can access it from anywhere in the world Cloud Storage offers multiregional storage > ideal for serving content to users worldwide Regional storage is also offered by Cloud Storage > ideal when your organization wants to use the data locally

DevOps

is a set of practices that aim to increase software delivery velocity, improve service reliability, and build shared ownership among software stakeholders.

Google Cloud VMware Engine

is a type of software that you can run on a virtual machine fully managed service that lets you run the VMware platform in Google Cloud Google manages the infrastructure, networking, and management services, so that you can use the VMware platform efficiently and securely

BigQuery

is an industry leading example of a serverless data warehouse solution.

Kubernetes

is an open source cluster management system that provides automated container orchestration simplifies the management of your machines and services for you This improves application reliability, and reduces the time and resources you need to spend on development and operations, not to mention the relief from the stress attached to these tasks

A database

is an organized collection of data generally stored in tables and accessed electronically from a computer system. Provide important information and help make decisions

Cloud Trace

is another Google Cloud solution for monitoring application performance When using either microservices or containers, or both, finding the source of a bug or problem can be challenging Cloud Trace is a distributed tracing system that helps developers debug or fix and optimize their code

Cloud Spanner

is another fully-managed database service, and it's designed for global scale. data is automatically and instantly copied across regions > This replication means that if one region goes offline, the organization's data can still be served from another region It also means that queries always return consistent in ordered answers regardless of the region > i.e. if someone in the London office updates information in the database, that update is immediately available for someone in the New York office It's great for mission-critical online transaction processing, and because it's all managed, it dramatically reduces the operational overhead needed to keep the database online and serving traffic

Cloud Logging

is another resource monitoring tool A log file is a text file where applications including the operating system write events > make it easier for developers, DevOps, and system admins to get insights and identify the root cause of issues within applications and the infrastructure

Coldline (Cloud Storage)

is best for data that you plan to access at most once per 90 days or quarter

Archive (Cloud Storage)

is best for data that you plan to access at most once per year, such as archive data or as a backup for disaster recovery

Nearline (Cloud Storage)

is best for data you don't expect to access more than once per month, such as multimedia file storage or online backups

Error Budget

is the amount of error that a service provider can accumulate over a certain period of time before end users start feeling unhappy

Cloud monitoring

is the foundation for site reliability engineering because it provides visibility into the performance, uptime, and overall health of cloud powered applications. also provides a view of all Google Cloud metrics at zero costs and integrates with a variety of providers for non-Google cloud monitoring.

Hybrid cloud

is when an organization is using some combination of on-premises or private cloud infrastructure and public cloud services

Private cloud

is where an organization has virtualized servers in its own data centers to create its own private on-premises environment. This might be done when an organization has already made significant investments in its own infrastructure or if, for regulatory reasons, data needs to be kept on-premises

Site reliability engineering

or SRE is a discipline that applies aspects of software engineering to operations The goals of SRE are to create ultra-scalable and highly reliable software systems SRE > some software engineers were responsible for both writing code and running production systems How 5 objectives sign with SRE First, SRP emphasizes shared ownership of production between developers and operations. Second, SREs believe that accepting failure as normal helps to build an iterative collaborative culture. Third, when implementing gradual changes, SREs aim to reduce the cost of failure by rolling out changes to a small percentage of users before making them generally available. Next, in order to leverage tooling and automation, SREs focus on toil automation. Finally, measure everything means tracking everything related to toil, reliability, and the health of their systems.

DevOps

or developers operations is a philosophy that seeks to create a more collaborative and accountable culture within developer and operations teams > 5 objectives Reduces silos > foster collaboration organizations need to accept failure as normal > computers are unreliable Third, organizations need to implement gradual change > allows the team to reduce time to recover with a simple roll back Fourth, businesses should leverage tooling and automation > efficient And finally, organizations need to measure everything > critical for success

Resource hierarchy

or in other words, what resources users can access. If you set up the project, you probably planned out what resources you needed, and who should be involved in the project as well. Organize files into folders > similar to how a team would use and manage GC services In the Cloud environment, a project is the basis for enabling and using Google Cloud capabilities, like managing API's, enabling billing, adding and removing collaborators, and enabling other Google or Alphabet services. Projects are organized into folders > A folder can contain projects, other folders, or combination of both. *This means projects can be grouped into a hierarchy.

Containers

provide isolated environments to run your software services and optimize resources from one piece of hardware (more efficient than VMs) Containers offer a far more lightweight unit for developers and IT operations teams to work with and provide a range of benefits (vs. VMs) Containers are able to run virtually anywhere, which makes development and deployment easy > They can run on Linux, Windows and Mac operating systems on virtual machines, data centers on prem, public cloud

Total cost of ownership

refers to a comprehensive assessment of all of the layers within the infrastructure and other associated costs across the business over time (e.g> hardware / software, user expenses, etc.)

Compute or computing

refers to a machine's ability to process information to store, retrieve, compare and analyze it, and automate tasks often done by computer programs, otherwise known as software or applications

Machine Learning

refers to computers that can learn from data without using a complex set of rules ML is a way to use standard algorithms or standard models to analyze data in order to derive predictive insights and make repeated decisions at scale > "teach" a computer how to solve a problem

Data integrity or transactional integrity

refers to the accuracy and consistency of data stored in a database > is achieved by implementing a set of rules when a database is first designed, and through ongoing error-checking and validation routines as data is collected

Data coverage

refers to the scope of a problem domain and all possible scenarios it can account for. In other words, all possible input and output data.

Serverless computing

resources such as compute power are automatically provisioned behind the scenes as needed businesses do not pay for compute power unless they're actually running a query or application serverless means that businesses provide the code for whatever function they want, and the public cloud provider does everything else Function as a service*

IT development and operations challenges

service downtime is unavoidable for IT teams, and it's also a source of two operational challenges. First, developers are expected to continuously improve customer facing services > have to schedule system downtimes on a monthly, quarterly, or yearly basis Next, if a service disruption happens unexpectedly, this may be the result of a team structure issue where developers and operators are working in silos > structure of these teams restricts collaboration and obscures accountability Traditionally, developers would push their code to operators who often had little understanding of how the code would run in a production or live environment *Hard to identify issues and ensure accountability

The four common business problems

simplifying rule-based systems, automating processes, understanding unstructured data, and creating personalized customer experiences

service level objective (SLO)

supporting document to a service level agreement that clearly defines key metrics for success regarding the SLA It's the goal for the cloud service performance level, and it's shared between the cloud provider and a customer if the service performance meets or exceeds the SLO, It means that end users, customers, and internal stakeholders are all happy

Vision API

train an existing ML model with your own data, build a custom ML model and train it using your own data - assign labels to images

greenfield strategy

we're talking about building an entirely new infrastructure and applications in the cloud > This approach really only applies when an organization needs to develop new products or offerings, such as a B2C bank that wants to develop its digital banking channel > Inventing in greenfield allows you to build that innovative application that will help drive the business forward, but it does require agility, access to a diverse development skillset, and strong support from leadership.

paying for what you need, when you need it in the cloud >

when an organization migrates or builds and deploys applications using cloud services, there's a greater emphasis on operational expenditures, or opex