Traffic Director is a GCP-managed service that provides configuration and traffic management (load balancing, traffic routing, security, and so on) for services based on various environments, such as Compute Engine instances, Google Kubernetes Engine, on-premises, or other public cloud providers. The key point that Traffic Director introduces is that the control plane (Istiod for clarity)…

Cloud Router configuration requires a unique name that is permanent, a VPC network, and a GCP region. Also, you must specify the ASN, which is a requirement for establishing BGP sessions with other BGP routers. Cloud Router announces by default all visible subnets, depending on whether you choose Regional or Global dynamic routing mode. In…

When you deal with large workloads, Google Cloud recommends regional GKE clusters with the VPC-native networking mode. This allows VPC subnets to have a secondary range of IP addresses for all Pods running in the cluster. With VPC-native mode, routing traffic to Pods is automatically achieved without adding any custom routes to the VPC. Designing…

Hot DR scenario for three-tier application in hybrid cloud: The database tier should include reliability as well. In GCP, this can be achieved with Cloud Spanner, which is a regional managed relational database service. To achieve database synchronization, the application tier must be modified to write consistently to both databases. Dedicated Interconnect and Cloud VPN…

Google and third parties (together known as service producers) can offer services that are hosted in a VPC network. Private services access lets you reach the internal IP addresses of these Google and third-party services by using private connections. This is useful if you want your VM instances in your VPC network to use internal…

VM instances that only have internal IP addresses (no external IP addresses) can use Private Google Access. They can reach the external IP addresses of Google APIs and services. The source IP address of the packet can be the primary internal IP address of the network interface or an address in an alias IP range…

Three types of IAM roles that you can use: Five types of IAM members: Assigning an IAM service account to a Google Compute Engine instance: Once the Google Compute Engine is instantiated, you can connect using SSH (Secure Socket Shell) and use the Google Cloud Software Development Kit (SDK) to create and have full control…

Storage Transfer Service automates the transfer of data to, from, and between object and file storage systems, including Google Cloud Storage, Amazon S3, Azure Storage, on-premises data, and more. It can be used to transfer large amounts of data quickly and reliably, without the need to write any code.

At a high level, Bigtable is a NoSQL wide-column database. It’s optimized for low latency, large numbers of reads and writes, and maintaining performance at scale. Bigtable use cases are of a certain scale or throughput with strict latency requirements, such as IoT, AdTech, FinTech, and so on. If high throughput and low latency at scale are…