Introduction to Google Cloud‘s Infrastructure
As you may already know, Google Cloud boasts a world-class network infrastructure, handling massive volumes of internet traffic for applications like YouTube and countless Google Cloud customers. This robust foundation is the result of over two decades of continuous development by Google. Google Cloud’s commitment to innovation with significant investment in open source technologies, industry-leading security practices and the development of cutting edge fully autonomous applications, is well demonstrated.
While Google Cloud offers a powerful infrastructure solution for many workloads, not all workloads are ideally suited for cloud environments and may benefit more from on-premises deployment due to specific requirements.
Understanding the requirements for public cloud
- Regulatory Compliance: Certain sectors, including government agencies (such as the U.S. Department of Defense, and the governments of Singapore and Luxembourg) and other highly regulated industries, must adhere to stringent data residency and security compliance mandates that often necessitate on-premise deployments.
- Network Survivability : Essential operations like McDonald’s in-store systems need on-premises deployments to ensure functionality during internet outages, showcasing the importance of local processing capabilities.
- Bandwidth : Similarly, customers deploying bandwidth-intensive applications like security cameras (warehouses, retail locations) may benefit from on-premises or edge computing solutions to reduce cloud egress costs and improve processing speed.
- Real-Time Industrial Applications: Manufacturers utilising IoT devices for real-time monitoring and optimisation of production lines require local processing to minimise latency and facilitate immediate analysis,
Recognising these requirements, Google Cloud developed a comprehensive solution years ago: Google Distributed Cloud. Let’s dive in !
Google Distributed Cloud’s Focus 2024 : and Beyond
Google Distributed Cloud Flexible Solutions for Your Needs
Google Distributed Cloud (GDC) addresses these diverse needs with two primary configurations:
- Google Distributed Cloud – Connected (formerly GDC-Edge): Ideal for hybrid deployments, this solution seamlessly integrates with Google Cloud, providing a unified management experience for services like Identity and Access Management (IAM), monitoring, logging, and fleet management. The solution is maintained by Google SRE teams who ensure smooth operations of both hardware and software stacks.
- Google Distributed Cloud – Air-gapped (formerly GDC-Hosted): Designed for strict data residency or security needs, this setup provides a fully isolated on-premises cloud environment. While not directly connected to Google Cloud, it offers the same core functionalities with a dedicated on-site operations team.
Optimised Hardware and Software Stack
Let’s dive in the GDC Technology stack
- Industry-Specific Solutions: Google Distributed Cloud offers pre-configured hardware options tailored to specific industries and compliance requirements. These configurations leverage the latest generation of GPUs and CPUs for optimal performance.
- Flexible Deployment Options: The stack utilises a Linux-based host operating system, similar to what powers Google’s own services. This foundation supports both virtual machines (VMs) and containers, providing deployment flexibility for diverse workloads.
- Simplified Kubernetes Management: Google Distributed Cloud leverages GKE Enterprise for comprehensive lifecycle management of the Kubernetes runtime, streamlining container orchestration. This ensures efficient deployment, scaling, and maintenance of your containerised applications.
Google Distributed Cloud : Go further
To empower your modernisation journey, Google is prioritising the development of Google Distributed Cloud services around four key pillars in 2024 and beyond.
Focus on Artificial Intelligence (AI)
Leverage Google’s cutting-edge AI capabilities at the edge to gain deeper insights from your data.
Unleashing the Power of AI at the Edge
Google Distributed Cloud empowers you to harness the transformative power of AI directly at the edge. GDC has consistently invested in pre-trained AI and machine learning (ML) services, providing you with powerful out-of-the-box tools. These tools include:
- Speech-to-text: Convert spoken audio into text format, streamlining data capture and analysis.
- Optical character recognition (OCR): Extract text from images and documents, unlocking valuable information from various sources.
- Translation: Break down language barriers and facilitate global communication with ease.
These pre-trained APIs allow businesses to automate processes and enhance customer interactions effortlessly.
Taking AI capabilities a step further, GDC integrates seamlessly with Vertex AI. This powerful platform equips you with the tools to build custom ML and AI models tailored to your specific business needs.
Vertex AI offers functionalities such as:
- Machine Learning pipelines: Design and orchestrate complex ML workflows for efficient data processing and model training.
- Prediction services: Deploy your trained models into production to generate real-time insights and predictions based on new data.
With GDC and Vertex AI, you gain the flexibility to leverage pre-built AI solutions or create your own custom models, empowering you to unlock the full potential of AI for your organisation.
Expanding AI Capabilities Across Deployments
Google Distributed Cloud (GDC) unveiled exciting advancements at Next ’24, further empowering customers’ AI capabilities across deployments.
Initially available in GDC Air-Gapped (formerly GDC-Hosted) deployments, Google announced these powerful AI features will be accessible in GDC Connected (formerly GDC-Edge) later this year. This commitment to parity ensures you receive the same services, functionalities, and features regardless of your chosen GDC deployment model.
Google Distributed Cloud Roadmap: Aligned with Your AI Needs
Understanding the diverse needs of building AI applications, Google’s roadmap focuses on providing a comprehensive set of capabilities:
- Data Collection and Transformation: Google Managed Kafka and Dataproc (managed Spark) streamline data ingestion and preparation.
- Data Storage: A range of solutions like AlloyDB Omni and partner databases cater to your specific storage requirements or Object Store offers a cost-effective option for handling large data volumes.
- AI and Machine Learning: Vertex AI, with its Garden Model and Gemma integration, empowers you to build and deploy custom AI models.
These capabilities act as building blocks, allowing developers to seamlessly integrate them and create AI solutions tailored to their specific business challenges.
Enhanced Security
Benefit from a zero-trust security approach built into the GDC foundation, protecting your data and applications.
Google Distributed Cloud Security: Built for Trust and Peace of Mind
Google Distributed Cloud (GDC) prioritises security by adhering to a zero-trust model. This approach assumes no entity, internal or external, is inherently trustworthy. Core principles of GDC security include:
- Strict Identity Verification: Every user and device must be rigorously authenticated before gaining access.
- Least Privilege Access: Users are granted only the minimum permissions required to perform their tasks.
- End-to-End Encryption: Data, both at rest and in transit, is secured with robust encryption technologies.
- Continuous Monitoring: GDC employs vigilant monitoring to detect and address potential threats promptly.
Defense-in-Depth Architecture
GDC leverages a robust security framework developed by Google and Mandiant security experts. This multi-layered approach, built upon decades of experience, utilizes proven solutions to minimize attack surfaces and safeguard your assets. The ultimate goal is to provide comprehensive protection for your data and applications, allowing you to focus on your core business with peace of mind.
Identity and Access Management (IAM)
- Multi-Factor Authentication (MFA): Adds an extra layer of security by requiring a second verification factor beyond a password.
- Federated Identity Integration: Allows users to leverage existing credentials from your identity provider for seamless access.
- Role-Based Access Control (RBAC): Defines granular permissions based on user roles, ensuring access is restricted to authorized tasks.
- Attribute-Based Access Control (ABAC): Provides even more granular control by considering additional attributes, such as location or device type.
And more …
- Network Security: GDC utilizes a boundary proxy and bastion host to meticulously audit and control traffic entering and exiting the GDC management plane.
- Data Encryption: GDC offers dedicated key management systems per organization, customer-managed encryption keys, and a centralized x509 Certificate Authority. These measures ensure the confidentiality of your data, both at rest and in transit.
- Hardware and Software Supply Chain Security: GDC safeguards the integrity of its hardware and software through source and build verification, binary authorization, and continuous runtime monitoring for malware and vulnerabilities.
- Advanced Threat Detection: GDC integrates Palo Alto Networks threat prevention technology to provide a managed intrusion detection and prevention (IDS/IPS) solution. This solution monitors north-south traffic for malicious activities, further enhancing your security posture.
Scalability and Flexibility
Scale your infrastructure effortlessly to meet evolving demands, while maintaining the flexibility to adapt to your unique requirements.
GDC Expands Options for Scalability and Choice
Google Distributed Cloud (GDC) unveiled exciting advancements at Next ’24, further empowering customers with scalability and flexibility.
- New Single-Node Option: In addition to the existing three-node configuration launched earlier this year, GDC now offers a single-node option. This provides customers with a more cost-effective entry point and caters to use cases that don’t require high availability on-premises. (and Servers with GPU Accelerators Powered by NVIDIA L4 Tensor Core GPU)
- Enhanced Flexibility with Modular Racks: GDC introduces a new modular rack design philosophy. This allows you to customize your deployment by selecting the optimal combination of compute, storage, networking, and scalability to meet your specific needs. Leverage the latest x86 chip architecture and powerful H100 GPUs for exceptional performance.
Catering to Diverse Needs
The introduction of the single-node option exemplifies GDC’s commitment to providing a wider range of choices. Consider the example of McDonald’s: their on-premises applications require high availability, making the three-node configuration ideal for ensuring business continuity. However, other customers may have different application architectures and may not require the same level of on-premises redundancy. With GDC’s expanded options, you can select the deployment model that best aligns with your unique requirements.
Modernisation Journey with Legacy Support
Modernise your infrastructure seamlessly, while GDC ensures continued support for your existing legacy systems.
The Challenge: Modernization Made Easy
Many on-premises environments rely heavily on virtual machines (VMs) from various vendors, often accompanied by aging infrastructure. GDC aims to simplify this process by offering a solution that:
- Unlocks Container and CI/CD Benefits: Leverage the efficiency and agility of containers and continuous integration/continuous delivery (CI/CD) practices.
- Streamlines Legacy VM Training: Migrate and modernize existing VMs without a complete overhaul.
- Simplifies Operations: Provides a unified platform to manage both modern and legacy workloads.
GDC: Your One-Stop Modernisation Hub
GDC offers a single platform that seamlessly integrates new and existing workloads. Development teams can work with familiar tools like GitOps, VMs, and Kubernetes within a unified control plane. This unified management approach simplifies migration to GDC and enables in-place application modernization, streamlining the entire process.
GDC Delivers a Powerful VM Solution for All Your Needs
Google Distributed Cloud (GDC) offers a comprehensive virtual machine (VM) system designed to cater to a wide range of customer requirements. Whether you need to manage Legacy, small-scale VMs and Heavy-duty enterprise workloads.
Key Capabilities
- Effortless Migration: Leverage a built-in migration tool to seamlessly move your existing VMs to GDC.
- Advanced Features: GDC equips you with enterprise-grade VM features, including advanced networking functionalities and robust GPU support to power even the most resource-intensive tasks.
- Streamlined Operations Management: GDC offers a comprehensive suite of tools for operations management, including Kubernetes Resource Model (KRM) APIs, a command-line interface (CLI), and a user-friendly web UI console. This unified approach simplifies VM management and streamlines overall operational efficiency.
Empowered On-Premises Transformation with trust
This article has provided a thorough overview of Google Distributed Cloud (GDC), a solution thoughtfully crafted to address the dynamic requirements of on-premises environments. We delved into the essentials of GDC, exploring its core features, the rationale behind its design, and its forward-looking development roadmap, tailored to meet customer needs.
I also highlighted the four foundational pillars of GDC’s strategy:
- AI at the Edge: Empowering on-site deployment of enterprise AI applications.
- Security by Design: Emphasizing a zero-trust security model that is ingrained in GDC’s architecture from the outset.
- Scalability and Flexibility: Offering diverse deployment models, including the innovative single-node option, alongside adaptable configurations for computing, networking, and storage that suit various operational needs.
- Modernization Made Easy: Facilitating the integration of legacy systems with contemporary containerized platforms, simplifying the modernization process while supporting ongoing operations.
With these capabilities, GDC equips businesses with the necessary tools to effectively transform and enhance their on-premises infrastructures.
I hope this blog has illuminated the capabilities of GDC and how it can support your organisation’s growth and modernisation objectives.
Elevate Your On-Premises Evolution with Google Distributed Cloud !
Written by : Matthieu Audin – App Modernisation Practice Lead – EMEA at Devoteam G Cloud