You're reading from Google Cloud for Developers Write, migrate, and extend your code by leveraging Google Cloud

Product type Paperback

Published in May 2023

Publisher Packt

ISBN-13 9781837630745

Length 364 pages

Edition 1st Edition

Languages

Tools

Google Cloud Platform

Concepts

Cloud Computing

Authors (2):

Hector Parra Martinez

Isaac Hernández Vargas

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1: Foundations of Developing for Google Cloud

2. Chapter 1: Choosing Google Cloud FREE CHAPTER

3. Chapter 2: Modern Software Development in Google Cloud

4. Chapter 3: Starting to Develop on Google Cloud

5. Part 2: Basic Google Cloud Services for Developers

6. Chapter 4: Running Serverless Code on Google Cloud – Part 1

7. Chapter 5: Running Serverless Code on Google Cloud – Part 2

8. Chapter 6: Running Containerized Applications with Google Kubernetes Engine

9. Chapter 7: Managing the Hybrid Cloud with Anthos

10. Part 3: Extending Your Code – Using Google Cloud Services and Public APIs

11. Chapter 8: Making the Best of Google Cloud Networking

12. Chapter 9: Time-Saving Google Cloud Services

13. Chapter 10: Extending Applications with Google Cloud Machine Learning APIs

14. Part 4: Connecting the Dots –Building Hybrid Cloud Solutions That Can Run Anywhere

15. Chapter 11: Architecture Patterns for Hybrid and Multi-Cloud Solutions

16. Chapter 12: Practical Use Cases of Google Cloud in Real-World Scenarios

17. Chapter 13: Migration Pitfalls, Best Practices, and Useful Tips

18. Index

Why subscribe?

19. Other Books You May Enjoy

Sample architecture

After quite a few pages describing the different networking services and products, I thought that a wonderful way to finish the chapter would be to combine a few of them in a real word scenario.

Imagine a company called e-Design 4U, based in Portland, Oregon. It sells graphic designs and templates for web designers in the United States, but most of its customers are in the east and the west of the country.

The company wants to provide fast downloads from both sides of the country but would like some added capacity to alleviate the load on its private servers a bit, located in a hosting provider in Portland. Security is also important, and the company wants to make sure that it’s not possible to access its content without a paid subscription.

Given this scenario, we could think of an architecture combining some of the services we covered in the chapter. Let’s take a look at the following diagram and then we will discuss how it works:

Figure 8.1 – Architecture diagram for our sample networking architecture

The proposed design uses similar workloads on both sides of the United States, in the us-east1 and us-west1 regions, to create a hybrid architecture. A VPC is used to connect both regions, making it easier to replicate media and to use a common set of tools and processes across the whole Google Cloud environment, regardless of the region.

Cloud DNS will translate the domain name to the IP address of the load balancer when users want to access the website by typing www.edesign4u.com in their browsers, the domain name used by the company. Cloud Load Balancing will then take users to either the east or the west cloud region, depending on their location. Users who are geographically close to the hosting provider, such as the example one in Portland in the earlier figure, will be connected directly to the private hosting environment, but the rest will be balanced across regions, where an elastic setup will be able to scale the number of nodes up and down, depending on the traffic received.

Static media will be originally hosted in Portland but will also be replicated in the Google Cloud regions using a local media storage component to store a copy of the files and Cloud CDN to cache recently requested files closer to the edge to minimize latency and maximize download speeds.

Notice how load balancers are connected to an Identity-Aware Proxy (IAP) to ensure that only authenticated users can access the private part of the website. The company only creates accounts for users with active subscriptions, using this system to protect the media files that they produce. The private part of the website also allows subscription renewals.

Finally, Cloud Armor is enabled to include firewall rules to allow traffic from the IP addresses of the load balancers, denying any traffic. CDN traffic will not pass through Cloud Armor, but any requests that reach the workloads or duplicate media content servers will be analyzed to minimize intrusion and any other potential security risks.

I hope you found this example interesting. Now, as an optional exercise, please take a few minutes to think how you would extend this scenario to other parts of the world, maybe using Tokyo or Amsterdam as the new headquarters for Asia and Europe, respectively. Also, how would you change the design if the company wants to stop using its hosting provider and run its website on Google Cloud?

Once you have answered those questions, it’s time to wrap up.