Cloud CDN is Google Cloud’s web acceleration Content Delivery Network platform that helps you cache regularly accessed static content closer to your users. Cloud CDN is optimized for serving a mix of static and dynamic latency-sensitive web assets, such as CSS, JavaScript, HTML, and image files. Media CDN is Google Cloud’s media delivery CDN platform that complements…

Instrument service to expose telemetry: Configure Prometheus to ingest metrics:

IAM provides predefined roles that grant access to specific Google Cloud resources and prevent unauthorized access to other resources. Role Title Description Lowest resource roles/container.admin Kubernetes Engine Admin Provides access to full management of clusters and their Kubernetes API objects.To set a service account on nodes, you must also have the Service Account User role (roles/iam.serviceAccountUser) on…

When you create a Google Cloud project, you are the only user on the project. By default, no other users have access to your project or its resources, including Google Kubernetes Engine (GKE) resources. GKE supports multiple options for managing access to resources within your project and its clusters using role-based access control (RBAC).

Google Cloud Managed Service for Prometheus is Google Cloud’s fully managed, multi-cloud, cross-project solution for Prometheus metrics. It lets you globally monitor and alert on your workloads, using Prometheus, without having to manually manage and operate Prometheus at scale. kubectl edit Prometheus prometheus-kube-prometheus-prometheus :

Storage Transfer Service accesses your data in S3-compatible storage using transfer agents deployed on VMs close to the data source. These agents run in a Docker container and belong to an agent pool, which is a collection of agents using the same configuration and that collectively move your data in parallel. This feature allows you…

The following table summarizes the valid port configurations, based on the load balancing scheme and the target of the forwarding rule. Product Load balancing scheme Target Port requirements Global external Application Load Balancer Regional external Application Load Balancer EXTERNAL_MANAGED Target HTTP proxyTarget HTTPS proxy Can reference exactly one port from 1-65535 Classic Application Load Balancer…

TCP network load balancers support SSL natively, making it possible to secure network traffic. Unlike SSL proxy load balancing and HTTP(S) load balancing, TCP network load balancing simply allows SSL traffic to pass through the load balancer and terminate at the VM itself. For NLBs, there are four higher-level primary components involved: a target pool, a regional…

External Application Load Balancers are proxies that use at least two TCP connections: The load balancer’s secondary TCP connections might not get closed after each request; they can stay open to handle multiple HTTP requests and responses. The backend HTTP keepalive timeout defines the TCP idle timeout between the load balancer and your backends. The backend HTTP…

You can reserve static IP addresses. You can also list and release your reserved static IP addresses. You can reuse a static IP for multiple load balancers.