GCP updates | September 4, 2018

created at 2018/09/05 10:45:33

COMPUTE

NVIDIA Tesla P4 GPUs for Compute Engine: beta

Compute Engine now offers NVIDIA Tesla P4 GPUs for 3D visualization, deep learning, video transcoding, and high-performance computing. NVIDIA Tesla P4 GPUs offer up to 5.5 teraflops of single-precision performance and 22 tera operations per second of INT8 performance. Blog | Product page

DATABASES

Cloud Firestore: beta

Cloud Firestore, our serverless, NoSQL document database, is in the process of adding new hosting locations and is now available in the Google Cloud Platform Console. Current Cloud Firestore beta users will see their projects in consoles for both Firebase and GCP. Blog | Video

FirebaseとしてではなくGCPの一部として使えるようになったという話ですね。

Firestoreを使おうとするとこんな比較表が表示されてデータベースサービスを選べるようになっています。

Screenshot from 2018-09-05 09-52-07.png (57.3 kB)

Firestoreは次世代のDatastoreで、FirestoreがGAになれば現在のDatastoreは自動でFirestoreに置き換わるそうです。


Additional releases

COMPUTE

Compute Engine sole-tenant nodes: GA

Sole-tenant nodes are physical Compute Engine servers that offer you the same machine types and options as regular compute instances – including custom machine shapes and transparent maintenance – but on servers dedicated to a single user. Documentation

専有ノード (1ユーザ、複数VM) がGAに。

App Engine standard environment – Python 3.7: beta

Python 3.7 runtime on App Engine standard environment gives you the latest versions of popular libraries, an unrestricted runtime environment, reduced cost latency, and code that’s more portable and easier to maintain. Blog

一時期FlexibleがでてStandardは終わるんじゃないかみたいな話もあったけど、順調にアップデートきてていいですね。Knativeとかも出てきたしFlexibleの方が微妙な立ち位置になっていく気がする。

IDENTITY & SECURITY

Binary Authorization: beta

Binary Authorization is a deploy-time security control that allows you to define policies, ensuring only trusted containers are deployed to your environments on Kubernetes Engine. Binary Authorization supports both image signing as well as image whitelisting. Product overview | Documentation

こんな感じでPolicy設定したりPod作成時にDigestつけたりするみたいです。

admissionWhitelistPatterns:
- namePattern: gcr.io/google_containers/*
- namePattern: gcr.io/google-containers/*
- namePattern: k8s.gcr.io/*
defaultAdmissionRule:
  evaluationMode: ALWAYS_ALLOW
  enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG
name: projects/${PROJECT_ID}/policy
apiVersion: v1
kind: Pod
metadata:
  name: pod-name
  annotations:
    alpha.image-policy.k8s.io/break-glass: "true"
spec:
  containers:
  - name: container-name
    image: gcr.io/google-samples/[email protected]:c62ead5b8c15c231f9e786250b07909daf6c266d0fcddd93fea882eb722c3be4

Cloud Data Loss Prevention API stored custom dictionary detector: GA

Large dictionary detectors enable customers to create a custom detector that can search tens of millions of words or phrases. Common uses include discovery and classification, or redaction of sensitive data. Documentation

DATABASES

Cloud Firestore managed export and import service: beta

Use the Cloud Firestore managed export and import service to recover from accidental deletion of data, and to export data for offline processing. Import and export all documents at once, or just specific collections. Documentation

BigQueryにもloadできるんですね。いいですね。

Cloud Datastore – read-only index APIs: GA

REST and gRPC APIs are now available in the Cloud Datastore API to let you read a list of composite indexes for a given project, as well as information related to in-process builds within those indexes. REST documentation | gRPC documentation

API MANAGEMENT

Apigee Edge customer self-service identity provider management for developer portals: beta

API consumer-developers can now self-manage their accounts for Apigee’s integrated developer portals, and API providers can view and manage those users, configure automatic or manual approval, and add custom account registration fields. Documentation

Apigee Edge integrated developer portal – SmartDocs API: beta

SmartDocs API reference documentation is now part of the integrated developer portal. With its three-pane approach, the left pane helps you navigate between areas of the API, the center gives detailed documentation for a given operation, and the right pane enables you to make API requests directly from the docs. Documentation

Apigee謎だ…。力が働いてる雰囲気を感じる。

MANAGEMENT TOOLS

Cloud Audit Logging – System Event logs: GA

Cloud Audit Logging maintains three audit logs for each project and organization: Admin Activity, Data Access, and now System Events. This new audit log type tracks Compute Engine system maintenance events, such as live migrations. Documentation

こういうのが充実してるのはとてもいいですね。

DEVELOPER TOOLS

Cloud Console out-of-box experience flow and Cloud Shell for mobile: GA

You can now access Cloud Shell features from the Google Cloud Console mobile app. Cloud Shell is an interactive shell environment for Google Cloud Platform that makes it easy for you to manage your projects and resources without having to install the Cloud SDK. Documentation

これはアツい!やってみたけど普通につながりました :sparkles:

Cloud Identity-Aware Proxy Per-Resource Policies: beta

You can now set Cloud IAP policies on a per-resource basis. This allows you to have multiple apps with different access policies within a project, including Compute Engine, Kubernetes Engine, and App Engine apps. Documentation

こないだ久しぶりに触ったけど、便利になってました :smiley:

SUPPORT

GCP Role-Based Support: GA

The per-seat pricing model of Role-Based Support lets you pay a flat fee per user per month instead of a variable percentage based on platform usage. It also lets you interact with support directly from your Cloud Console instead of the Cloud Support Center. Documentation