GCP Architecture – An 8-Step Framework


Related image

Breaking down the components..

Architecting and designing a scalable, cost effective and transformative business solution on the amazing Google Cloud Platform (GCP) requires a lot of thought and knowledge. To get the Google Cloud Platform (GCP) architecture right, there are many things to consider and we need a comprehensive approach and detailed process to ensure that our solution is robust and can meet expectations. Fortunately Google gives us a great GCP Framework to get this right. Here is the overview of the 8-step process that highlights all the considerations for a successful GCP solution.

GCP Architecture - An 8-Step Framework
8-Step process to architect a solution of the Google Cloud Platform (GCP

Defining the service

  • Qualitative – why do we need solution, what problem does it solve, who are the stakeholders, when do users need/want solution           
  • Quantitative – uptime & downtime needs, calculate cost of data-volume and data-throughput required, number of and location of users
  • Scaling – are there scaling needs right off the bat? when to iterate design, limiting factors as the business grows
  • Size – dimensions, replication and rate of change High level SLA’s required

Business logic layer design

  • Business rules for the solutions
  • How data will be created, stored and changed
  • Microservice architecture if needed
  • 12 factor design
  • Vertical scaling or horizontal scaling
  • Design first, dimension later

Data layer design

  • Data persistence mechanisms (db service and storage service)
  • Data access layer that encapsulates persistence mechanisms and exposes data
  • You can only pick 2 out of these 3 for data design – Consistency, Availability, Partition/Tolerance
  • Considerations – uptime, latency, scale, velocity and privacy
  • Data migration/transfer
  • Choosing between Regional, multi-regional, nearline and coldline storage options

Presentation layer design

  • Network configuration for data transfer within the service (location, load balancing, caching)
  • Cloud CDN – network edge points
  • Multi-cloud with dedicated interconnect if needed
  • Hybrid Cloud network design
  • VPN configurations for reliability and aggregate capacity/bandwidth

Design for resiliency, scalability and DR

  • Failure due to loss of resources needed for service
  • Single points of failure – replicate everything, N+2 always
  • Correlated failures – decouple service, use microservices
  • Failure due to overload
  • Cloud DNS
  • Tiered backup for resiliency
  • Resiliency – Health checks, instance plan, storage plan, network plan
  • DR – Multi-region – app state info, db backup, deployment manager templates (recreate infra)

Design for security

  • Transparency and segregation of duties – what google does and what customer does
  • Firewall security – first wall of defense
  • Secure VPC (distributed firewall, cloud IAM, bastion hosts, isolation through public ip’s)
  • Cloud Interconnect (direct peering, carrier interconnect, vpn, private interconnect)
  • 3rd party virtual appliances – next-gen firewall, logging, monitoring, compliance
  • Global load balancer – built-in ddos protection, autoscaling, cross-region overflow/failover, SSL termination
  • Google network – global network, protection against udp-based attacks
  • VM’s with external IP addresses, without (bastion hosts, ssh)
  • API access control using cloud endpoints
  • Edge protections against DDoS – Cloud CDN, global load balancing, TCP/SSL proxy
  • Network protections against DDoS – cloud network firewall, VM traffic throttling
  • Server side encryption from GCP, Customer managed encryption keys
  • Identity access and auditing (IAM, service accounts, standards compliance, auditing with forseti security open source)

Capacity planning and cost optimization

  • Forecast – monitor growth, predict future demand, plan for launches (estimate instance overhead, persistent disk, network capacity, workload)
  • Allocate – estimate capacity needed, load test and validate, calculate resources required by resource : capacity allocation ratio (alternately, recheck if you need more resources by caching, tuning, better algorithms), optimize disk cost, network cost
  • Approve
  • Deploy

Deployment, monitoring, alerting and incident response

  • Launch checklist – dependencies (shared infra, external 3rd party), Plan for capacity (verify overload handling), Single point of Failures?, Security and access control, rollout plan (gradual, stages, % of users etc)
  • Launch automation via deployment manager
  • Monitoring à white box – user experience, black box – internal, alerts, ticket’s and logging
  • Push and pull based metrics

So these are the key considerations as you start to think about designing a scalable and reliable Google Cloud Platform (GCP) Architecture and the GCP Framework serves as a useful checklist. In a series of blog posts in the following weeks and months, we will attempt to deconstruct the 8-step Google Cloud Platform (GCP) Framework in detail and provide context.

Here’s a link from Google that helps you get an overview as you start planning your GCP journey.

https://cloud.google.com/docs/overview/


Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *