Google Cloud Platform

Google Cloud Platform services

시작하기. 무료입니다
또는 회원 가입 e메일 주소
Rocket clouds
Google Cloud Platform 저자: Mind Map: Google Cloud Platform

1. Compute

1.1. App Engine (GAE)

1.1.1. Standard Env

1.1.2. Flexible Env

1.2. Compute Engine (GCE)

1.2.1. VM Instances

1.2.1.1. Machine types

1.2.1.1.1. Standard

1.2.1.1.2. High-memory

1.2.1.1.3. High-CPU

1.2.1.1.4. Shared

1.2.1.1.5. Memory-optimized

1.2.1.2. Processor

1.2.1.2.1. Sandy Bridge

1.2.1.2.2. Ivy Bridge

1.2.1.2.3. Haswell

1.2.1.2.4. Broadwell

1.2.1.2.5. Skylake

1.2.1.3. Management

1.2.1.3.1. Automation

1.2.1.3.2. Availability policy

1.2.1.4. Security

1.2.1.4.1. Shielded VM

1.2.1.4.2. SSH keys

1.2.1.5. Disks

1.2.1.5.1. Boot disks

1.2.1.5.2. Encryption

1.2.1.6. Networking

1.2.1.6.1. Network

1.2.1.6.2. Subnet

1.2.1.6.3. Alias IP range

1.2.1.6.4. Network tags

1.2.1.6.5. External IP

1.2.1.6.6. IP forwarding

1.2.1.7. Sole Tenancy

1.2.2. Instance groups

1.2.2.1. Group Type

1.2.2.1.1. Unmanaged

1.2.2.1.2. Managed

1.2.2.2. Location

1.2.2.2.1. Single Zone

1.2.2.2.2. Multi-Zones

1.2.3. Instance Templates

1.2.4. Sole Tenant Nodes

1.2.4.1. Node groups

1.2.4.2. Node templates

1.2.5. Disks

1.2.6. Firewalls

1.2.6.1. 443 - https

1.2.6.2. 80 - http

1.2.6.3. 22 - tcp

1.2.6.4. 20 - ssh

1.2.6.5. 3389 - RDP

1.2.7. Snapshots

1.2.8. Images

1.3. Kubernetes Engine (GKE)

1.4. Cloud Functions

1.4.1. Triggers

1.4.1.1. http request

1.4.1.2. pub/sub event

1.4.1.3. cloud storage event

2. Databases

2.1. No SQL

2.2. SQL

2.2.1. Cloud SQL

2.2.1.1. MySQL

2.2.1.1.1. first gen

2.2.1.1.2. second gen

2.2.1.2. PostgreSQL

2.3. Relational

2.3.1. Cloud Spanner

2.3.1.1. relational database with SQL queries and horizontal scalability

2.3.1.2. Scales horizontally like nosql db

2.3.1.3. high availability 99.999

2.3.1.4. standard sql support

2.3.1.5. supports DDL language

2.3.1.6. relational

2.3.1.7. fully managed

2.4. Non-relational

2.4.1. Cloud Big table

2.4.1.1. Structured objects, with lookups based on a single key

2.4.1.2. no-sql

2.4.1.3. wide column database

2.4.1.4. single key per row

2.4.1.5. capable for holding hundreds of petabytes of information

2.4.1.6. consistent low latency and high throughput

2.4.1.7. Use cases

2.4.1.7.1. financial data

2.4.1.7.2. IoT data

2.4.1.7.3. graph data

2.4.1.7.4. marketing data

2.5. Scaling

2.5.1. Horizontal

2.5.1.1. Cloud Datastore

2.5.1.1.1. Structured objects, with transactions and SQL-like queries

2.5.1.1.2. document database

2.5.1.1.3. GQL (SQL like language) to query data

2.5.1.1.4. supports ACID property

2.5.1.1.5. any number of property can be indexed

2.5.1.1.6. Use case:s

2.5.1.1.7. Structure

2.5.2. Vertical

3. Networking

3.1. Services

3.1.1. Cloud Load Balancing

3.1.1.1. Global

3.1.1.1.1. https lb

3.1.1.1.2. tcp proxy lb

3.1.1.1.3. ssl proxy lb

3.1.1.2. Regional

3.1.1.2.1. network lb

3.1.1.2.2. internal lb

3.1.1.3. How to Choose?

3.1.2. Cloud CDN

3.1.2.1. Stackdriver monitoring & logging

3.1.3. Cloud DNS

3.1.4. Cloud NAT

3.2. Network Security

3.2.1. Cloud Armor

3.2.1.1. Blacklist / whitelist

3.2.1.1.1. CIDR range

3.2.1.1.2. source ip address

3.2.1.1.3. IPv4 or IPv6 IP addresses can be used in black/white list

3.2.1.1.4. Deny rule: 403, 404, 502 error codes

3.2.1.1.5. Priority: Rule order

3.2.2. SSL Policies

3.3. Hybrid Connectivity

3.3.1. Virtual Private Cloud (VPC)

3.3.2. Interconnect

3.3.2.1. Dedicated Interconnect

3.3.2.1.1. highest bandwidth 10gb/sec per circuit (max 8 circuit)

3.3.2.1.2. direct connection with google's network

3.3.2.1.3. 69 co-location facilities in 17 regions

3.3.2.1.4. routing equipment is required at co-location facility

3.3.2.2. Partner Interconnect

3.3.2.2.1. connect to 3rd party service provider

3.3.2.2.2. no routing equipment required

3.3.2.2.3. bandwidth 50mb/sec to 10gb/sec

3.3.3. Cloud Router

3.4. VPN (IPsec)

3.4.1. Routing method supported

3.4.1.1. Dynamic gateways using BGP

3.4.1.2. Policy based routing

3.4.1.3. Route based VPN

3.5. Sharing Networks across Projects

3.5.1. Shared VPC

3.5.2. VPC Peering

3.5.2.1. Direct Peering

3.5.2.2. Carrer Peering

3.6. coursera vpc

3.6.1. Projects

3.6.2. Networks

3.6.2.1. default

3.6.2.2. auto mode

3.6.2.3. custom mode

3.6.3. Subnetworks

3.6.4. Regions

3.6.5. Zones

3.6.6. IP Addresses

3.6.6.1. Internal

3.6.6.2. external

3.6.6.3. range

3.6.7. Routes

3.6.8. Firewall rules

3.6.8.1. direction of traffic

3.6.8.1.1. ingress

3.6.8.1.2. egress

3.6.8.2. Priority

3.6.8.3. Target

3.6.8.3.1. All the instances in network

3.6.8.3.2. Specified target tags

3.6.8.3.3. Specified service account

3.6.8.4. action on match

3.6.8.4.1. allow

3.6.8.4.2. deny

3.6.8.5. source filter

3.6.8.5.1. IP ranges

3.6.8.5.2. Subnets

3.6.8.5.3. source tags

3.6.8.5.4. service accounts

3.6.8.6. Destination filter

3.6.8.6.1. IP ranges

3.6.8.6.2. Subnets

3.6.8.7. Protocol and Ports

3.6.8.7.1. icmp

3.6.8.7.2. tcp

3.6.8.7.3. ssh

3.6.8.7.4. http

3.6.8.7.5. https

3.6.8.7.6. allow/deny all

3.6.9. VMs

4. Big Data

4.1. BigQuery

4.2. Colud Pub/Sub

4.2.1. fully managed messaging middleware service

4.2.2. communication

4.2.2.1. one to many

4.2.2.2. many to many

4.2.2.3. many to one

4.2.3. delivery method

4.2.3.1. push (to end point)

4.2.3.2. pull

4.2.4. allows secure and highly available messaging between independent apps

4.2.5. works with both google and external services

4.3. Cloud Dataflow

4.3.1. ETL

4.3.2. Serverless

4.3.3. no cluster

4.4. Cloud Dataproc

4.4.1. fully managed cluster data processing service

4.5. Cloud Dataprep

4.6. Cloud Datalab

4.6.1. based on Juipyter notebook

4.7. Data Studio

4.8. Iot Core

4.9. Genomics

5. Security

5.1. Tital Security Key

5.2. Shielded VMs

5.3. Cloud Security Scanner

5.3.1. scan & detect

5.3.1.1. Cross site scripting (XSS)

5.3.1.2. Flash injection

5.3.1.3. Mixed content (http & https)

5.3.1.4. Clear text passwords

5.3.1.5. outdated insecure libraries

5.3.2. works in

5.3.2.1. app engine

5.3.2.2. compute engine

5.4. Cloud Identity-Aware Proxy

5.4.1. Application level authorization service

5.4.2. Based on BeyondCorp

5.4.3. It's ideal for Line Of Business apps

5.4.4. No VPN needed

5.4.5. Simple to use for remote users

5.5. Cloud KMS

5.5.1. Hierarchy

5.5.1.1. Project > Location > Key Ring > Key > Key version

5.5.2. Key version states/life cycle

5.5.2.1. Enabled

5.5.2.2. Disabled

5.5.2.3. Scheduled for destruction

5.5.2.4. Destroyed

5.6. category

5.6.1. data protection

5.6.1.1. governance

5.6.1.2. DLP

5.6.1.3. DCAP

5.6.1.4. encryption & tokenization

5.6.1.5. HSM

5.6.2. infrastructure security

5.6.2.1. DDoS

5.6.2.2. Firewall

5.6.2.3. IDS/IPS

5.6.2.4. WAF

5.6.2.5. Container security

5.6.3. scan,log,monitor

5.6.3.1. Vulnerability scanners

5.6.3.2. SIEM/Security analytics

5.6.4. Identity & user protection

5.6.4.1. SSO

5.6.4.2. IAM

5.6.4.3. Anti-malware

5.6.4.4. MDM/MAM

5.6.4.5. Gateways & CASB

6. Migration to GCP

6.1. Google Transfer Appliance

6.2. Cloud Storage Transfer Service

7. Storage

7.1. Cloud Storage (GCS)

7.1.1. Storage class

7.1.1.1. Regional

7.1.1.2. Multi-regional

7.1.1.3. Nearline

7.1.1.4. Coldline

7.2. Memorystore

7.2.1. Fully managed In-Memory database

7.2.2. Extremely low latency (sub milli seconds)

7.2.3. 300gb scaling per instance

7.2.4. connect with

7.2.4.1. app engine

7.2.4.2. compute engine

7.2.4.3. kubernetes engine

7.2.5. service tiers

7.2.5.1. Basic

7.2.5.2. Standard

7.2.6. use cases

7.2.6.1. caching layer in gaming, stream processing from IoT devices and analytical processing

7.3. Firestore

7.4. Capacity

7.4.1. Petabytes

7.4.1.1. Cloud Storage

7.4.1.2. Bigtable

7.4.1.3. BigQuery

7.4.2. Terabytes

7.4.2.1. Datastore

7.4.2.2. Cloud SQL

8. Architecture

8.1. Organization

8.1.1. Folders

8.1.1.1. Projects

8.2. Resources

8.2.1. Global

8.2.1.1. Addresses

8.2.1.2. Images

8.2.1.3. Snapshots

8.2.1.4. Instance Template

8.2.1.5. VPC network

8.2.1.6. Firewalls

8.2.1.7. Routes

8.2.2. Regional

8.2.2.1. Addresses

8.2.2.2. Subnets

8.2.2.3. Regional managed instance groups

8.2.2.4. Regional persistent disk

8.2.3. Zonal

8.2.3.1. Instances

8.2.3.2. Persistent disks

8.2.3.3. Machine types

8.2.3.4. Zonal managed instance groups

9. AI

9.1. ML Engine

9.2. Natural Language

9.3. Translation

9.3.1. Speech-to-Text

9.3.2. Text-to-Speech

9.3.3. Translation API

9.4. Vision

10. IAM

10.1. Overview

10.1.1. Policy

10.1.1.1. Member Identity

10.1.1.1.1. Google account

10.1.1.1.2. Service account

10.1.1.1.3. Google Group

10.1.1.1.4. Cloud Identity

10.1.1.1.5. G Suite domain

10.1.1.2. Roles

10.1.1.2.1. Primitive roles

10.1.1.2.2. Predefined roles

10.1.1.2.3. Custom roles

10.1.2. Access Management

10.1.2.1. Resource

10.1.2.2. Roles

10.1.2.2.1. Permissions

11. Tools

11.1. Developer Tools

11.1.1. Cloud SDK

11.1.2. Cloud Build

11.1.3. Cloud Source Repositories

11.1.4. Cloud Scheduler

11.1.5. Cloud Test Lab

11.1.6. Cloud tools for

11.1.6.1. PowerShell

11.1.6.2. Visual Studio

11.1.6.3. Eclipse

11.1.6.4. Intelij

11.2. Management Tools

11.2.1. Stackdriver

11.2.1.1. Monitoring

11.2.1.2. Logging

11.2.1.3. Debugger

11.2.1.4. Profiler

11.2.1.5. Trace

11.2.1.6. Error Reporting

11.2.1.7. Works with

11.2.1.7.1. Google Cloud

11.2.1.7.2. AWS

11.2.2. Deployment Manager

11.2.3. Cloud Endpoints

11.2.4. Cloud Console

11.2.5. Cloud Shell

11.2.6. Cloud Mobile app

11.2.6.1. Android

11.2.6.2. iOS

11.2.7. Billing

11.2.7.1. Account Type

11.2.7.1.1. Self-serve

11.2.7.1.2. Invoices

11.2.7.2. Billing cycle

11.2.7.2.1. Monthly billing

11.2.7.2.2. Threshold billing

11.2.7.3. connected to

11.2.7.3.1. Payments profile

11.2.7.4. Imp. Roles

11.2.7.4.1. Domain

11.2.7.4.2. Payments Profile