News
Compute Engine Official BlogC4A VMs now GA: Our first custom Arm-based Axion CPU - Google has announced the general availability of C4A virtual machines, powered by custom Arm-based Axion CPUs. C4A VMs offer up to 10% better price-performance than the latest generation Arm-based instances from other cloud providers.
AI Official Blog TPUPowerful infrastructure innovations for your AI-first future - Google Cloud's sixth-generation TPU, Trillium, is now available in preview, offering significant improvements in training performance, inference throughput, energy efficiency, and compute performance per chip. It features double the High Bandwidth Memory (HBM) capacity and Interchip Interconnect (ICI) bandwidth, making it ideal for large models with more weights and larger key-value caches.
Networking Official BlogIntroducing an industry first: application awareness on Cloud Interconnect - Google Cloud introduces new innovations for Cross-Cloud Network to enhance application experiences and simplify hybrid and multicloud connectivity. These innovations include application awareness on Cloud Interconnect for traffic prioritization, predictable pricing for Cloud Interconnect to lower TCO, unified observability for Cloud Interconnect with VPC Flow Logs, and enhanced service networking with programmability and new producers.
Gemini GitHub LLM Official BlogGemini models are coming to GitHub Copilot - GitHub Copilot, a popular AI coding assistant, is partnering with Google Cloud to bring Gemini models to its platform. Developers will soon be able to use Gemini 1.5 Pro, which excels in code generation, analysis, and optimization, within GitHub Copilot.
AI Official Blog PyTorchPyTorch/XLA 2.5: vLLM support and an improved developer experience - PyTorch/XLA 2.5 is now available with a set of improvements to enhance the developer experience. The release includes a clarified proposal for deprecating the older torch_xla API, improvements to the torch_xla.compile function for better debugging, and experimental support for vLLM on TPUs.
Official Blog PartnersAccelerate retail media success with EPAM and Google Cloud - EPAM and Google Cloud have partnered to develop the Retail Media Orchestration Toolkit, a solution that helps retailers leverage their first-party data to support their retail media operations and serve their advertising clients.
Cloud Spanner Databases Official Blog PartnersUnlocking the power of Spanner: 10 partners to revolutionize your data - Spanner partners provide a wide range of solutions and services to ensure a smooth transition and optimal use of Spanner, including data integration, analytics, governance, and migration assessment.
Articles, Tutorials
Infrastructure, Networking, Security, Kubernetes
Networking Official BlogSpeed, scale and reliability: 25 years of Google data-center networking evolution - Google's Jupiter data center network architecture has evolved over 25 years to support unprecedented scale and traffic demands. The latest Jupiter network scales to 13 Petabits per second of bisectional bandwidth, enabling hundreds of services, billions of active daily users, and some of the largest ML training and serving infrastructures in the world. Key principles guiding the network evolution include efficiency, low latency, software-defined flexibility, incremental evolution, and traffic engineering.
CISO Official Blog SecurityCloud CISO Perspectives: 10 ways to make cyber-physical systems more resilient - The most recent CISO newsltter goes through the list of 10 “leading indicators” presented in the President’s Council of Advisors on Science and Technology (PCAST) report on cyber-physical resilience to better help organizations develop their cyber-physical resilience.
Official Blog Threat IntelligenceHybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives - Russian threat actors, likely operating as part of a hybrid espionage and influence campaign, have been targeting potential Ukrainian military recruits with malware and anti-mobilization narratives. The campaign, dubbed UNC5812, uses a Telegram persona called "Civil Defense" to deliver malware and spread anti-Ukrainian propaganda. The malware, delivered via a website and Telegram channel, includes commodity malware variants like SUNSPINNER, Pronsis Loader, PURESTEALER, and CRAXSRAT.
BeyondCorp Chrome Enterprise SecurityGoogle Cloud Security in Under 10 Minutes - What are the events that influenced Google’s Security Ideas and Philosophies?
Cloud Identity Aware Proxy Google Kubernetes EngineSecure Your GKE Services with Auth0 , Identity-Aware Proxy and the Gateway API - In this tutorial, we'll secure services across a Google Kubernetes Engine (GKE) cluster using Auth0, Identity-Aware Proxy (IAP), and the Gateway API. We'll create a GKE Autopilot cluster, expose services using the Gateway API, configure a domain name and SSL certificate, and protect the backends with IAP and Auth0 external identities. By the end, you'll have a secure and scalable setup for your GKE services.
Cloud Identity Aware Proxy DevOps TerraformSay Goodbye To VPNs & Public IP, Secure Access Using IAP - Secure access to your cloud resources with Identity-Aware Proxy (IAP) and Terraform. IAP enables secure, identity-based SSH access without VPNs or exposing resources to the public internet. Terraform automates the setup and management of access rules, ensuring only authorized users can connect. Benefits include identity-based access, no public IPs needed, and automated management.
Infrastructure NetworkingNeed dynamic multi-region failover for Network Appliances in Google Cloud? - Network Connectivity Center (NCC) enables dynamic multi-region failover for Network Appliances (NVAs) in Google Cloud. It uses BGP routing to exchange routes between NVAs and Google Cloud Router, ensuring regional affinity and automatic cross-regional failover. This design provides high availability and resilience for NVA deployments outside the standard Cloud Load Balancing model.
App Development, Serverless, Databases, DevOps
AlloyDB Databases GCP Experience Official BlogHow AlloyDB unifies OLTP and OLAP workloads for Tricent - Tricent Security Group A/S, a leader in file-sharing security, faced efficiency and performance challenges with their PostgreSQL database infrastructure. Moving to AlloyDB for PostgreSQL helped transform Tricent’s database operations, resulting in faster query response times and the ability to handle up to 250 million daily transactions.
Databases Official BlogGoogle Cloud database news roundup, October 2024 edition - Google Cloud has announced several updates and new features for its database services in October 2024. Database Center now supports Spanner and is available to everyone, offering a unified view of customers' database landscape. ScaNN index for AlloyDB is now generally available, enabling high-performance workloads for enterprises. Firebase Data Connect, a new backend-as-a-service with a fully managed PostgreSQL database, is now in preview.
Cloud Memorystore Databases Official BlogUnity Ads uses Memorystore to power up to 10 million operations per second - Unity Ads, a mobile advertising platform, migrated their workloads to Memorystore for Redis Cluster, a fully managed service designed for high-performance workloads. With Memorystore, Unity Ads gained a more reliable and scalable infrastructure, reduced costs, and gained time to focus on high-value activities.
Cloud Firestore NoSQLFirestore scaling: the 500/50/5 rule and how to test it - Unlocking Firestore’s full potential: Master k6 load testing to optimize performance, scale with confidence, and deliver lightning-fast apps.
Cloud Storage SecurityManaging Signed URL Risks in Google Cloud - Detect, prevent risks associated with Signed URLs in Google Cloud.
Big Data, Analytics, ML&AI
Gemini Official Blog Partners Vertex AIArize, Vertex AI API: Evaluation workflows to accelerate generative app development and AI ROI - Arize AI and Vertex AI API for Gemini offer a powerful solution for optimizing and safeguarding generative applications. By leveraging Arize’s observability and evaluation platform and Google’s advanced LLM capabilities, AI teams can streamline development, enhance application performance, and ensure reliability from development to deployment.
BigQuery Billing FinOpsHow we save tens of thousands of dollars on BigQuery - By implementing targeted optimizations, Capchase reduced their BigQuery costs by up to 54%, saving tens of thousands of dollars each month. Strategies included understanding their bill, optimizing third-party tool usage, clustering and partitioning tables, building tables incrementally, querying smaller tables, removing zombie analytics, only querying what is needed, defining data freshness, and using BigQuery quotas.
AI GeminiAI Quick Build : AI-Powered game-show experience with Gemini and Imagen - AI Quick Build is a game-show experience powered by Google's Gemini and Imagen. Contestants build toy brick creations while a Gemini-powered AI commentator provides real-time analysis and commentary. After the building time ends, Gemini Pro analyzes the creations and announces the winner with detailed reasoning. Imagen then generates a dynamic background for the winning creation, bringing it to life.
BigQuery Cloud Logging Paywall PythonHow to Save Google Cloud Logs in BigQuery - Learn to save live and history Google logs in BigQuery.
BigQuery Generative AI PythonUsing BigQuery as a Vector Store - This article shows how to use BigQuery as a vector store for a simple Python application that uses a Streamlit frontend, FastAPI backend, and Langchain and Google Cloud services to ask questions about the 2024 NFL rule book.
Generative AI Machine LearningNL2SQL — Unlocking Data Insights for Everyone - NL2SQL Studio is an open-source tool that allows users to analyze data using simple, everyday language. It supports two frameworks, Lite and Core, and offers various customization options to tailor the query generation process to specific needs. The tool can generate SQL queries, provide insightful summaries of the results, and support visualization options.
BigQuery6 UDF ideas in BigQuery #FunWithSQL - 6 useful UDFs (user-defined functions) in BigQuery to simplify everyday tasks. These functions include text normalization, Unicode decoding, string sorting, calculating weekdays without weekends, weekdays without weekends and holidays, and complete years difference. Each UDF is explained with its purpose, input parameters, and output examples.
LLM Vertex AIPPT Query Tool with Google’s LLMs - This blog post introduces a pipeline that allows users to quickly retrieve relevant slides from content-heavy slide decks using Google's Vertex AI Text Embedding model and cosine similarity. The pipeline involves converting PowerPoint slides to images, generating embeddings for semantic search, storing embeddings and metadata in BigQuery, processing user queries, and retrieving top matches with summarization.
Slides, Videos, Audio
Security Podcast - #196 AI+TI: What Happens When Two Intelligences Meet?
Kubernetes Podcast - #240 Kubernetes Working Group Serving, with Yuan Tang and Eduardo Arango.
Releases
AlloyDB - AlloyDB for PostgreSQL now supports in-place major version upgrade in Preview.
Apigee Hybrid - v1.12.3 On November 1, 2024 we released an updated version of the Apigee hybrid software, 1.12.3. Bug ID Description 368646378 Fixed an issue affecting control Plane connectivity testing in Guardrails. Bug ID Description 376104926 Security fixes for apigee-kube-rbac-proxy.
AppEngine Standard JAVA Second Generation - Java 11 has reached end of support.
Application Integration - Add failure policy (Generally available (GA)) You can now configure more complicated retry strategies for tasks, such as retries based on the error codes or the variable values during the execution: Configure multiple ordered conditional failure policies for each task.
Cloud Architecture Center - (New guide) Migrate from AWS Lambda to Cloud Run: Describes how to design, implement, and validate a plan to migrate from AWS Lambda to Cloud Run. Google Cloud Architecture Framework: Operational excellence: Major update to align the recommendations with core principles of operational excellence.
Batch - Dynamic Workload Scheduler for Batch is available in Preview.
CDN - You can also use the Google Cloud Console to enable private origin authentication for Amazon Simple Storage Service (Amazon S3) and compatible object stores.
Chronicle - Google SecOps has updated the list of supported default parsers.
Chronicle Security Operations - Google SecOps has updated the list of supported default parsers.
Chronicle SOAR - Release 6.3.24 is currently in Preview. You can now use custom integrations in prompts when creating a playbook with Gemini. Release 6.3.23 is now in General Availability. From now on, only new features and changes will be written up for the Release Notes.
Cloud Composer - A new Cloud Composer release has started on October 30, 2024. (Cloud Composer 3) Airflow workers now generate a proper OpenID Connect (OIDC) token. (Airflow 2.9.3 and 2.7.3) The dbt-common package was downgraded from 1.11.0 to 1.10.0. New Airflow builds are available in Cloud Composer 3: composer-3-airflow-2.9.3-build.5 (default) composer-3-airflow-2.7.3-build.21. Cloud Composer 2.9.9 images are available: composer-2.9.9-airflow-2.9.3 (default) composer-2.9.9-airflow-2.7.3. Cloud Composer version 2.5.0 has reached its end of support period.
Compute Engine - Generally available: General purpose C4A Arm VMs on Google's custom-built Axiom processors. Generally available: You can autoscale a regional MIG with a BALANCED target distribution shape.
Dataproc Serverless - New Dataproc Serverless for Spark runtime versions: 1.1.86 1.2.30 2.2.30. New Dataproc on Compute Engine subminor image versions: 2.0.125-debian10, 2.0.125-rocky8, 2.0.125-ubuntu18 2.1.73-debian11, 2.1.73-rocky8, 2.1.73-ubuntu20, 2.1.73-ubuntu20-arm 2.2.39-debian12, 2.2.39-rocky9, 2.2.39-ubuntu22 Note: When using Dataproc version 2.0.125 with the ranger-gcs-plugin, please create a customer support request for your project to use the enhanced version of the plugin prior to its GA release. Disabled HiveServer2 Ranger policy synchronization in non-HA clusters for latest image version 2.1 and later.
Dataproc - New Dataproc Serverless for Spark runtime versions: 1.1.86 1.2.30 2.2.30. New Dataproc on Compute Engine subminor image versions: 2.0.125-debian10, 2.0.125-rocky8, 2.0.125-ubuntu18 2.1.73-debian11, 2.1.73-rocky8, 2.1.73-ubuntu20, 2.1.73-ubuntu20-arm 2.2.39-debian12, 2.2.39-rocky9, 2.2.39-ubuntu22 Note: When using Dataproc version 2.0.125 with the ranger-gcs-plugin, please create a customer support request for your project to use the enhanced version of the plugin prior to its GA release. Disabled HiveServer2 Ranger policy synchronization in non-HA clusters for latest image version 2.1 and later.
Cloud Data Loss Prevention - The ITALY_PASSPORT infoType detector is available in all regions.
Eventarc - Eventarc is available in Preview in a new edition: Eventarc Advanced lets you receive, filter, transform, route, and deliver messages between different services, apps, and systems.
Anti Money Laundering AI - A new major engine version is available for Retail and Commercial lines of business, within the v4 tuning version.
Cloud Firestore - The Google Cloud console now includes a monitoring dashboard for each database.
Gemini - VS Code and IntelliJ Gemini Code Assist now support admin feedback block. Improved display of selected files using the @ file picker in the staged prompt for VS Code Gemini Code Assist. Improved error handling for inline code completion for IntelliJ Gemini Code Assist. The IntelliJ Gemini Code Assist right-click menu items are now listed under Gemini, and are also available in the floating toolbar (the yellow bulb icon). General bug fixes and improvements for IntelliJ Gemini Code Assist.
Identity Platform - Support for SMS-based authentication flows in the Identity Platform integration with reCAPTCHA Enterprise API is now in Preview.
Networking Interconnect - Dedicated Interconnect and Cross-Cloud Interconnect now support network traffic differentiation through application awareness on Cloud Interconnect in Preview.
Google Kubernetes Engine - For GKE clusters running version 1.31.1-gke.1146000 or later, Cloud Tensor Processing Unit (TPU) v3 machine types are generally available. Clusters that are experiencing stale endpoint resources and stale kube-dns entries are likely affected by Kubernetes issue #126578. GKE control plane authority is now generally available with version 1.31.1-gke.1846000 or later. (2024-R42) Version updates GKE cluster versions have been updated. Weighted load balancing for GKE External LoadBalancer Services is now available in Preview. Three new metrics are added for measuring node and workload startup latency: kubernetes.io/node/latencies/startup: The total startup latency of a node, from the GCE instance's CreationTimestamp to Kubernetes Node Ready for the first time. Instance Group Managers for node pools created with version 1.30.5-gke.1523000 or later and 1.31.1-gke.1869000 or later will now have update on repair enabled by default. The A3 Edge (a3-edgegpu-8g) machine type with H100 80GB GPUs attached is now available on GKE Standard clusters.
GKE new features - For GKE clusters running version 1.31.1-gke.1146000 or later, Cloud Tensor Processing Unit (TPU) v3 machine types are generally available. GKE control plane authority is now generally available with version 1.31.1-gke.1846000 or later. Weighted load balancing for GKE External LoadBalancer Services is now available in Preview. Three new metrics are added for measuring node and workload startup latency: kubernetes.io/node/latencies/startup: The total startup latency of a node, from the GCE instance's CreationTimestamp to Kubernetes Node Ready for the first time. The A3 Edge (a3-edgegpu-8g) machine type with H100 80GB GPUs attached is now available on GKE Standard clusters.
Load Balancing - Support for IPv6 static routes with a next hop internal passthrough Network Load Balancer (next-hop-ilb) is available in Preview. Service Extensions plugins are available for Google Cloud Application Load Balancers, excluding Classic, in Preview. All the Application Load Balancers, except the classic Application Load Balancer, now support stateful cookie-based session affinity. To take advantage of the new features of the global external Application Load Balancer, you can now migrate your classic Application Load Balancer resources to the global external Application Load Balancer infrastructure.
Cloud Logging - You can now create and manage log scopes by using the Google Cloud CLI, in addition to using the Cloud Console and Terraform. You can now use tags to annotate your log buckets and use the tags to manage access to the log buckets.
Cloud Memorystore - Added support for the databases configuration.
Cloud Monitoring - The capabilities for dashboard-level filtering has been enhanced.
Cloud Interconnect - Dedicated Interconnect and Cross-Cloud Interconnect now support network traffic differentiation through application awareness on Cloud Interconnect in Preview.
Resource Manager - Organization Policy managed constraints are a set of constraints built on the custom organization policy platform.
Sensitive Data Protection - The ITALY_PASSPORT infoType detector is available in all regions.
Service Extensions - Service Extensions plugins help you insert WebAssembly (Wasm) plugins in a fully managed serverless environment directly into the data path of most Cloud Load Balancing Application Load Balancers.
SAP Solutions - BigQuery Connector for SAP version 2.8 Version 2.8 of the BigQuery Connector for SAP is generally available (GA).
Cloud Storage - Data Access logs are now compatible with all authenticated browser downloads. Additional functionality is now available for the Object Retention Lock and Bucket Lock features: You can now enable Object Retention Lock on existing buckets using the Console. You can now use the Google Cloud console to get soft delete recommendations for buckets.
Cloud Text-to-Speech - Studio Voices now support synthesis with multiple speakers to generate audios for interviews, interactive storytelling, video games, e-learning platforms, and accessibility solutions.
Cloud TPU - Creating a Multislice TPU environment is now available in the Google Cloud Console. You can now request Cloud TPUs as queued resources in the Google Cloud Console.
Vertex AI - PSC-I Egress is supported for Ray clusters Vertex AI.
Virtual Private Cloud - Support for IPv6 static routes with a next hop internal passthrough Network Load Balancer (next-hop-ilb) is available in Preview.
Workflows - Two standard library functions to support common hashing algorithms have been added: compute_checksum and compute_hmac.