4. Infrastructure as a service
Platform as a service
Software as a service
● CPU, memory, storage, and
networking is provided as a
● The user needs to manage
the OS and the application.
● The platform is a managed
● All the user provides is the
● The platform and software
is provided as a service to
● The user supplies the data.
IaaS versus PaaS versus SaaS (threeCloud ServiceModels)
10. Google Cloud
Cloud SDK and
There are four ways to interact with Google Cloud
11. The Cloud Console provides a web-based GUI for
you to manage Google Cloud projects and resources
● Centralized console for all project data.
● Execute common tasks using simple
● Manage and create projects.
● Access developer tools:
○ Cloud Source Repositories
○ Cloud SDK
○ Cloud Shell
● Access to product APIs.
14. Every Google Cloud service you use is associated
with a project
● Enable services and APIs.
● Enable billing.
● Manage permissions and credentials.
● Track resource and quota usage.
● Programmatically manage your
projects in Google Cloud.
15. Project ID Project name Project number
Globally unique Need not be unique Globally unique
Assigned by Google Cloud
but mutable during creation
Chosen by you Assigned by Google Cloud
Immutable after creation Mutable Immutable
Projects have three identifying attributes
18. Billing account pays for project
A billing account is linked to zero or
Accounts are charged automatically,
invoiced monthly, or invoiced at the
Sub accounts can be used for
separate billing for projects.
How billing works
19. ● gcloud
● Gsutil (py app)
The Cloud SDK is a command-line interface for
Google Cloud products and services
20. ● Browser-based CLI access to resources
● No need to install the Cloud SDK or
other tools locally
● Runs on an ephemeral Compute Engine
VM at no cost to you
● 5 GB of persistent disk storage
● Web preview functionality and built-in
authorization for project/resource
Cloud Shell is an alternative to the Cloud SDK
26. Compute Engine App Engine Cloud Functions
IaaS PaaS Serverless logic Hybrid
Virtual machines with A ﬂexible, zero ops A lightweight fully Cluster manager and
industry-leading platform for building managed serverless orchestration engine built
price/performance highly available apps execution environment for on Google’s container
building and connecting experience
Google Cloud offers a variety of compute services
spanning different usage options
27. Introducing Compute Engine
and optimized VMs
BYOL and sole tenants
Compute Engine lets you create and run virtual
machines on Google infrastructure.
Get access to a variety of predefined and
customizable VM families coupled with consumption
and pricing models, as well as functionality for all of
your application and workload requirements.
30. Proprietary +Confidential
Google Cloud Serverless Compute
Cloud Functions Event-driven Functions-as-a-Service
Run containers on a fully managed
Run source-based web applications on a
fully managed environment
31. App Engine is a platform-centric solution
● Type of PaaS
● No need to buy, build, or operate
● No managing servers or conﬁguring
● Focus on app development instead
● Use a range of languages and tools
● Automatic scaling
36. Deploying containers at scale is different!
A fundamentally different way of
managing applications requires different
tooling and abstractions
● Management, monitoring
● Scaling, replication, sets
Decide what pods(exe unit) to run on
Lifecycle and health:
Keep my containers running despite failures
Make sets of containers bigger or smaller
Naming and discovery:
Find where my containers are now
Distribute traffic across a set of containers
Provide data to containers
Logging and monitoring:
rack what’s happening with my containers
Debugging and introspection:
Enter or attach to containers
Identity and authorization:
Control who can do things to my containers
40. There are three common use cases for cloud storage
1 Content storage and delivery
3 Backup and archival storage
Storage for data analytics and
41. Structured data
First_Name Last_Name Address City Age
Sherlock Holmes 12 Main St Mesa 60
James Bond 23 Old St Napa 43
Scarlett O’Hara 34 New St Derby 23
Marge Simpson 56 West St Cody 36
Notes & text
Structured versus unstructured data
46. Who can do what on which resource
Cloud Identity and Access Management lets admins
authorize who can take action on specific resources
47. Google account or Cloud Identity user
Cloud Identity or Google Workspace domain
Who: IAM policies can apply to any of four types
of user sources
52. Provide an identity for carrying out server-to-server interactions in a project.
Used to authenticate from one service to another.
Used to control privileges used by resources so that applications can
perform actions on behalf of authenticated end users.
Identified with an email address:
Service accounts control server-to-server interactions