Skip to main content

Compute Engine:



Compute Engine offers managed virtual machine. You can configured high CPU, high memory and standard and shared core machine type like building out a physical servers.
Also you can set persistence disk likes Standard, SSD, local SSD and also create Snapshots (global image).
We can resized the disks without downtime.
You can create a virtual machine instance by using the Google Cloud Platform Console or the gcloud command-line tool. A Compute Engine instance can run Linux and Windows Server images provided by Google or any customized versions of these images. You can also build and run images of other operating systems.
Scale up or scale out with Compute Engine:
You can make very large VMs in Compute Engine. The maximum number of virtual CPUs in a VM was 96, and the maximum memory size was at 624
These huge VMs are great for workloads like in-memory databases and CPU-intensive analytics. But most GCP customers start off with scaling out, not up. Compute Engine has a feature called auto scaling that lets you add and take away VMs from your application based on load metrics. The other part of making that work is balancing the incoming traffic among the VMs
Best practice is use small multiple VMs instead of single big VM unless it’s needed.

Script to Create VM:
resources:
- name: the-first-vm
  type: compute.v1.instance
  properties:
    zone: us-central1-f
    machineType: https://www.googleapis.com/compute/v1/projects/myproject/zones/us-central1-f/machineTypes/f1-micro
    disks:
    - deviceName: boot
      type: PERSISTENT
      boot: true
      autoDelete: true
      initializeParams:
        sourceImage: https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/family/debian-9
    networkInterfaces:
    - network: https://www.googleapis.com/compute/v1/projects/myproject/global/networks/default
      accessConfigs:
      - name: External NAT
        type: ONE_TO_ONE_NAT

Comments

Post a Comment

Popular posts from this blog

Container and Container Orchestration

What is container? Container contain application code and dependencies into single Unit. So, what is Container orchestration? Container orchestration is about to managing life cycle of container. Container orchestration to control and automate task: Provisioning and deployment of container Scaling up and removing container as per application load Allocation the resource between Container Health check of container Kubernetes open Source is the example of Container Orchestration
Post a Comment
Read more

Cloud Storage and Cloud IAM or ACLs or Signed URLs

Cloud Storage offers layers of increasingly granular access control. For most purposes, Cloud IAM is sufficient, and roles are inherited from project to bucket to object. Access control lists (ACL) offer finer control. And for detailed control, signed URLs provide a cryptographic key that gives time-limited access to a bucket or object. A signed policy document further refines the control by determining what kind of file can be uploaded by someone with a signed URL Cloud IAM Works with Cloud Storage just as with using Cloud IAM with any other resource. Project Owners are automatically granted Bucket Owner role for all buckets in the project. Note that ACLs and Cloud IAM are independent, so Project-level Cloud IAM permissions will not appear in bucket or object ACLs. Signed URLs A signed URL gives you the ability to grant access to a bucket without Cloud IAM user authentication for a limited period of time. e.g., when you don’t want to require users to have Goog...
2 comments
Read more

Service Accounts

What if you want to give permissions to a Compute Engine virtual machine rather than to a person? That’s what service accounts are for. For instance, maybe you have an application running in a virtual machine that needs to store data in Google Cloud Storage. But you don’t want to let just anyone on the Internet have access to that data; only that virtual machine. So you’d create a service account to authenticate your VM to Cloud Storage. Service accounts are named with an email address, but instead of passwords they use cryptographic keys to access resources. Service Accounts control server-to-server interactions: Provide an identity for carrying out server-to-server interactions in a project Used to authenticate from one service to another Used to control privileges used by resources                 So that applications can perform actions on behalf of authenticated end users Identified with an ...
Post a Comment
Read more