georgejmclittle - Fotolia
As one of the top cloud providers, Google must keep up with the competitive nature of the cloud and release services to meet the needs of its customers. Similar to AWS and Azure, there are a range of Google Cloud tools for users to choose from to help ease some of the stress that comes with the public cloud.
Review five of Google's newer cloud services and tools and determine if they could be useful for your workloads.
Google Cloud Deployment Manager
Developers use scripts to automate mundane tasks and add efficiency to their implementations. Infrastructure as code (IaC) is the most comprehensive option for scripting because it creates an abstraction layer between applications and the underlying infrastructure to automate all operational tasks.
Google's IaC tool, Google Cloud Deployment Manager, deploys infrastructure as repeatable, declarative code. It can use up to three file types per Google Cloud Platform (GCP) deployment -- a configuration file in YAML, a schema file and a template file in Python or Jinja. The configuration file is the only required file, the other two types are optional.
The configuration file is the source code for Deployment Manager, which reviews the file's content and deploys configurations based on predefined templates and environment constraints. These configuration files are split into two sections: imports, which are a list of files used by the configuration, and resources, which lists all the GCP services to be deployed.
Currently, Deployment Manager doesn't support all Google Cloud tools and services, but it does work with most of the core offerings, including Compute Engine, BigQuery and Cloud Storage. While it is a free tool, standard charges apply for any related services it deploys.
Google Cloud Anthos
Enterprises that migrate to the cloud often struggle to adapt their legacy applications to cloud-native services. In the past, this issue was addressed though virtualization, but treating the cloud as just another hosting environment meant forgoing benefits around efficiency, scalability and flexibility. With Google Cloud Anthos, Google users don't have to go that route.
Google Cloud Anthos is a cloud-agnostic container environment that uses Kubernetes and Istio for container orchestration and traffic management, respectively. It's a software stack that can also run on an organization's existing hardware.
Google's experience with containers is a major selling point for Anthos. The goal of this Google Cloud tool is to resolve the common issues with the containerization of legacy application by altering VM images into containers, prior to deployment on Anthos.
At its core, Anthos is a container cluster regulated by Google Kubernetes Engine (GKE) and GKE On-Prem for hybrid architectures. In addition to the foundation of GKE, Anthos includes a suite of services to handle configuration management, such as: Anthos Config Management, Traffic Director and Stackdriver -- among others.
Google Access Transparency
Google added Access Transparency to enable users to view Google's services logs. Transparency has been a huge concern for cloud customers in recent years. They want to know how their cloud provider manages the underlying infrastructure that supports their applications.
IT teams can use Access Transparency to monitor Google's internal logs pertaining to their accounts. The logs outline what exactly a Google admin did to resolve any issues that may have occurred with a specific customer's service. This Google Cloud tool works with six other Google services: Compute Engine, App Engine, Cloud Storage, Persistent Disk, Cloud Key Management Service and Cloud Identity and Access Management -- with more additions on the way.
On top of helping monitor any maintenance being done to their workloads, Access Transparency also helps admins with system audits. They can incorporate Access Transparency logs into existing event management tools and security tools to make their systems audit-ready -- streamlining what would otherwise be a long and strenuous process.
Customers still want more in terms of transparency from their cloud providers -- including Google -- but it won't happen overnight. Security is a top priority for cloud providers, so it will take time to work out exactly how to give user the access they want without overstepping any boundaries. However, Google Access Transparency is a step in the right direction for customers and providers to meet somewhere in the middle.
Google Cloud Firestore and Firebase Realtime Database
NoSQL databases are valuable to a range of application types that rely on large unstructured datasets, rapid development and resilient deployment. Google offers a variety of NoSQL database services for mobile and web app development, including Firebase Realtime Database and Google Cloud Firestore database.
On the other hand, Google Cloud Firestore is a better fit for complex workloads. It is the newer of the two offerings, so it provides more features and functionality than Firebase. It's also better suited for new application development projects because it can be used for server-side development through Node.js, Java, Python and Go SDKs. In terms of data structure, Firestore stores uses documents that contain fields that map to actual value, which it then stores as collections and later organizes based on related data.
Both Google Cloud tools support offline modes to give users more flexibility. In terms of security, each NoSQL database uses its own rules language that users have to follow. These rules provide granular control over what's stored in a database and who can access it.
Decisions on which service to select will likely depend on reliability and scalability requirements for your application. Firebase is limited to the availability zones within a single region, while Firestore is a multiregional service. Between the two, Firestore is the more scalable option with current limits of 1 million concurrent connections and 10,000 writes per second. However, if the choice between the two is too difficult, Firebase developers can use both databases on the same project.