Below are various notes and links that I have collected while going deep on Google Compute Engine. For an overview of all the notes and this study adventure in general, the GCP Study Plan is a good start.
- GCE Home
- GCE Docs
- GCE Docs - Concepts
- Preemptible Instance
- Short lived
- Max life 24 hours
- Much lower pricing
- Can be terminated at anytime
- Configure a shutdown script to gracefully handle instance termination, save state to a Cloud Storage bucket
- Compute Instances
- Instance States
- PROVISIONING - resources being reserved for instances
- STAGING - resources acquired, preparing for launch
- RUNNING - booting up or running, can ssh now
- STOPPING - instance being stopped or shutdown before being TERMINATED
- TERMINATED - has shutdown, can be deleted or restarted
- Instance Scheduling Options
- Triggered when there is a service disruption - hardware failure or maintenance
- Can Live Migrate move to another VM host and restart
- Terminate or optionally restart it at the new location
- Can be configured using availability policies onHostMaintenance and automicRestart
- Meta-data available to instance via HTTP requests
- Can long poll for changes
- Can store small amounts of Key Value info
- Can be used to "self discover" information for usage by the instance
- Serial console can be used to debug startup or boot issues
- Instance States
- Custom Machine Types
- Choose custom vCPU and Memory VM configurations
- Feature allows you to scale vertically
- Configure VM to match application needs, best fit VM, no waste
- Pricing
- Discount based model
- No lock in to legacy VM types
- Reduced priced based on usage period, sustained usage discounts
- Predefined machine types, treated as inferred instances for billing, allowing you to start and stop instances
- Algorithm is geared in customers favour, biggest discount possible
- Images
- Multiple standard images
- Premium images, from supported vendors - extra cost
- Images are customized to run on Compute Engine
- Use Compute Engine repositories for RPM/DEB
- IP/Networking configuration tweaks
- Other tweaks detailed in docs
- Can import custom images from on-prem or other clouds
- Images can be stored under an image family so compute instance use latest
- Windows custom images not supported
- Setup bootloader, ensure SSH works, create image file, compress image file, upload it, setup Linux Guest Environment - for GCP features, configure for optimal GCP configuration, implement security bet practices
- Image Management Best Practices
- Community images, not supported by GCP but by community
- Accessing Instances
- Can manage SSH keys manually, be aware that keys will need to removed and cycled as the team members change, prefer using gcloud tool if manual keys are not needed
- Instance Groups
- Managed Instance Groups scale to the number of instances defined in the group, can sit behind a load balancer, use an instance template to define what instances should look like
- Unmanaged Instance Groups, for legacy applications that need to sit behind a load balancer but will be scaled and provisioned manually, snowflakes behind a Load Balancer
- Managed instance groups can use the Instance Group Updater, using various params to control how many minimum instances are maintained and max instances updated at any given time, updates can be canaries before rolling out, can be proactive - will actively update instances or opportunistic - will wait for instances to die or be scaled up or down by an autoscaler. Instance Group Updater can also do restarts or recreations
- Managed instance groups can be updated via rolling updates, they can be paused, continued, rolled back or canceled
- Managed instance groups can have health checks applied to them
- Instances in a Managed instance group can be abandoned from the group to allow you to debug and tweak the services, they will also be removed from load balancers
- Detect and recreate unhealthy instances in the group
- Zonal vs. Regional, regional spans multiple zones in case of zone failure
- Tip, over provision regional managed instances to allow for the unavailability of one zone
- Tip, configure regional autoscaler to have higher max instances and lower target number to account for over provision for zone availability
- Managed instance groups can be used to deploy docker containers
- Autoscaling in a Managed Instance Group done via Autoscale Policy which can be based of Stackdriver metrics, CPU utilization, etc.
- Storage Options
- Persistent disks, local SSDs, Cloud Storage Buckets, RAM disks
- Disks have different limits and performance characteristics
- Number of disks is dependent on vCPUs
- VM IP Addresses
- Static external IP address - available for use by any instance in the project
- Ephemeral external IP addresses - assigned to an instance when started, released once it is terminated or restart
- Regional Static IP - can be assigned to an instance or network load balancer
- Global IP - used with HTTP(s) or SSL load balancing, not an instance
- Load Balancing and Autoscaling
- HTTP(S) load balancing - cross region, can forward based on URL
- Network load balancing - single region, non-HTTP(s) services
- Global, Regional and Zonal
- Assets fall into one of the above categories
- Zones are independent of each other, separate cooling, power, networking control panes
- Regions are collections of Zones
- Users can be restricted to certain quotes in different zones
- Identity Access Management
- Can create a custom service account to assign to an instance to allow it to access GCP services
- Instances provisioned with a default service account that allows read only access to some basic services, this can be deleted
- Container VMs
- Container VMs allow running of docker containers through a definition in a YAML file when the compute engine is created