of Engineering at Stack Labs (15 min) 11:30 • What’s new in Anthos - Ayrat Khayretdinov - CNCF Ambassador (10 min) 11:45 • Security - Stacy Véronneau - Solution Principal @Slalom 12:00 • Databases - Bjoern Rost Data Specialist @Google Cloud (10 min) 12:15 Part 2 • Big Data & Analytics - JL Marechaux - Analytics & AI Specialist @Google Cloud 12:30 • AI/ML announcements - JL (15 min) 12:45 • AI/ML Houda 13:00 ◦ Responsible AI: from Theory to Practice ◦ Interpreting ML Models with Explainable AI • AMA
Talk and Cloud User Stories – CFP link: https://www.papercall.io/gdg-cloud-montreal – Who: Cloud Practitioners, Data scientist, Architects, DevOps, SRE – Focus: ML/AI, Google OSS, Google Cloud – How long: 45 min format per speaker + Q&A
for both workloads that require high memory bandwidth • Balance of compute & Memory • For better SAP performance at lower cost • Based on AMD’s chipset
for the best price per GB • Performance PD, offering the best price per IOPS for performance-sensitive workloads such as databases • Extreme PD for the highest performance workloads such as SAP HANA
Provision your VMware environment in Google Cloud in minutes Bring your VMware-based environments to Google Cloud without major modifications Management, networking services, operating platform and backend infrastructure run at scale by Google Cloud Sold and supported by Google Dedicated private cloud vCenter VM VM ESXi Hosts Storage Network VMware vSphere stack On-premises VMware vSphere stack vCenter VM VM ESXi Hosts Storage Network Google Cloud The solution is verified and certified by VMware
Native Capabilities in Your Enterprise Ease migration Move VMware workloads to the cloud as-is No refactoring Maintain continuity Lower costs Deliver efficiency Leverage Google Cloud economies of scale Run securely Run with confidence Provide best in class security Migrate Run Innovate Create operational agility Operational continuity Unified management Innovate Build on Google Cloud services Cloud SQL Tensorflow Google Kubernetes Engine Cloud Operations Anthos Network Cloud Storage BigQuery
Engine (GAE) Web Applications Compute Engine Virtual Machines Build highly scalable applications (rapid scaling) on a fully managed serverless platform. GAE Standard • Source driven • Scale your applications from zero to planet scale • Fully Serverless • Limited to Language GAE Flex • Source & Container • Dockerfile • Deploy any code • Need at least one instance running • Minutes to deploy
Engine Web Applications Kubernetes Engine Kubernetes clusters Compute Engine Virtual Machines Build highly scalable applications (rapid scaling) on a fully managed serverless platform. General purpose Kubernetes clusters that can run any workloads: microservices, statefulsets, batch
number of nodes supported by open-source Kubernetes. • 15 X and 5X outscales other Clouds • Proven at scale by real workloads: ◦ Batching ◦ Microservices Reference: https://www.stackrox.com/post/2020/10/eks-vs-gke-vs-aks/ 5 X 15 X 1
containers calico • IpTables • Based on eBPF • IpTables bottlenecks • Fast due to eBPF • DDOS Protection Linux technology: Service Load-balancing Advanced Features • Advanced Network Policy ◦ L7 Aware Net Policy ◦ FQDN based Egress Policy ◦ NP across Clusters|Cloud • Istio aware ◦ Envoy sidecar acceleration 3
increases performance, security & visibility for containers calico • IpTables • Based on eBPF • IpTables bottlenecks • Fast due to eBPF • DDOS Protection Linux technology: Service Load-balancing Advanced Features • Advanced Network Policy ◦ L7 Aware Net Policy ◦ FQDN based Egress Policy ◦ NP across Clusters|Cloud • Istio aware ◦ Envoy sidecar acceleration K8S OSS APIs - No migration required for end user to Dataplane V2 from Calico! Kubernetes Network Policy Logging
Balancer Type Cluster Scope Backend External LoadBalancer External TCP/UDP LB L4 Pass-through Regional Single Internal LoadBalancer Internal TCP/UDP LB L4 Pass-through Global VIP, Regional backend Single GKE external Ingress (Application LB) External HTTP(S) LB L7 Proxy Single NEG / Pod IP GKE internal Ingress Internal HTTP(S) LB L7 Proxy Single NEG / Pod IP Ingress for Anthos External HTTP(S) LB L7 Proxy Multi NEG / Pod IP
Windows Server images tuned for containers Run Linux and Windows container pods side by side in GKE Upgrade legacy Windows server apps, develop cloud-native microservice architectures, adopt DevOps practices GA April 2020 Managed Control Plane Controllers Scheduler API server etcd Linux Node Pool Node Pool CRI CNI CSI Linux based dockerd.exe kubelet.exe kubeproxy.exe 4
experience • Supports migrations for both Linux and Windows VMs! • Result of migration Artifacts: Container Image, Dockerfile, Data Volume, K8s YAML • Deployable to GKE with Cloud Build or you favorite CI/CD tool Accelerate App Modernization with V2K Migration 5
remained a consistent top contributor to Kubernetes in terms of code commits, pull requests, issues filed, etc. Currently followed by VMware and Red Hat. Kubernetes contributions per company (2014-7 – 2020-01) https://k8s.devstats.cncf.io
Run Containers App Engine Web Applications Kubernetes Engine Kubernetes clusters Compute Engine Virtual Machines Build highly scalable applications (rapid scaling) on a fully managed serverless platform. Serverless containers without lock-in General purpose Kubernetes clusters that can run any workloads: microservices, statefulsets, batch Containers, Functions, Apps & Events
Run Containers App Engine Web Applications Cloud Functions Functions Kubernetes Engine Kubernetes clusters Compute Engine Virtual Machines Event sources Function definitions Build highly scalable applications (rapid scaling) on a fully managed serverless platform. Serverless containers without lock-in General purpose Kubernetes clusters that can run any workloads: microservices, statefulsets, batch “Containers and serverless”
Define declarative policies to enforce secure standards everywhere Built for large companies with complex needs Anthos is a managed application platform for enterprises that want faster modernization and greater consistency in a hybrid and multi-cloud world. Tools to perform no-touch migration & automation Consumption or Subscription-based, patched via automation Based on Kubernetes, Istio, Knative, Tekton
Security) • GCP Architecture • Cloud Security • DevSecOps • Workload on-boarding / migration • Day 2 operations • 15 years of operational knowledge • 25 years of IT experience Expertise Certifications and Published Work • Google Cloud Certified Professional Cloud Architect • Google Cloud Certified Professional Cloud Security Engineer • Technical Editor - Official Google Cloud Certified Associate Cloud Engineer Study Guide • HashiCorp Certified Vault Associate
data in-use while it is being processed!!! • Leverages the Alyso framework and SDK to run your applications in a Trusted Execution Environment (TEE). ◦ https://asylo.dev/ • Built on top of Shielded VMs (OS integrity protection) • Runs on N2D series VMs powered by 2nd Gen AMD EPYC™ processors. Using the AMD SEV feature ◦ Secure Encrypted Virtualization Now on GKE1.18
to networking and abstracting the underlying infrastructure, Private Service Connect makes it easy to connect services across different networks and organizations, and protect your network traffic. In short: • Simplify connectivity to services: You can easily and privately connect to and access Google Cloud services (e.g., Cloud Storage, Bigtable), third-party partner services (e.g. Snowflake), and your company’s own applications. • Protect your network traffic: When consuming services, you can prevent your network traffic from being exposed to the public internet • Accelerate cloud migrations: Since the underlying infrastructure is not exposed, connecting to and managing services is much simpler, more secure and private
available service that simplifies and automates the management and deployment of private CAs while meeting the needs of modern developers and applications. • Answers the need of DevOps environment to use private certificates to protect containers, microservices, VMs, and service accounts ◦ Perfect for: ▪ Short-lived certificates ▪ Environment requiring high availability and scalable CA service that exposes an API • Certificate Authority Service is designed to meet both traditional and emerging needs. With CAS, you can set up a private CA in minutes, rather than the months it would take to deploy a traditional private CA
of private CAs while staying in control of your private keys. • Simpler deployment and management. • Tailored for you. • Enterprise-ready. Devices, apps, and containers Certificate Authority Service Administrator
developers build, secure, and monitor APIs for Google Cloud workloads and serverless backends. • Built on Envoy, giving you high performance and scalability with both consumption-based and tiered pricing options to help you manage cost. • API Gateway gives you all the operational benefits of serverless, such as flexible deployment and scalability, so that you can focus on building great applications. It can manage APIs for multiple backends including Cloud Functions, Cloud Run, App Engine and in the future it will come to Compute Engine, and Google Kubernetes Engine.
your website and in client applications • Uses Google's constantly updated lists of unsafe web resources. • Protects applications from unsafe web resources include social engineering sites—such as phishing and deceptive sites—and sites that host malware or unwanted software. • With the Web Risk, you can quickly identify known bad sites, warn users before they click infected links, and prevent users from posting links to known infected pages from your site. • Web Risk includes data on more than a million unsafe URLs and stays up to date by examining billions of URLs each day.
guides provide specific, informed guidance on helping secure Google Cloud deployments and describe recommended configurations, architectures, suggested settings, and other operational advice. ◦ Google Cloud security foundations blueprint ◦ Container security best practice ◦ Anthos Security blueprints ◦ Security best practice checklists ◦ Cloud Key Management deep dive ◦ BeyondCorp: A new approach to enterprise security ◦ And much more at https://cloud.google.com/security/best-practices
is a video resource that’s focused on solving security problems and helping you create a safer cloud deployment. • Nearly 50 step-by-step videos on specific security challenges or use cases, complete with actionable information to help you solve them. ◦ Topics: ▪ infrastructure security ▪ network security ▪ endpoint security ▪ ... ◦ Playlist: ▪ https://www.youtube.com/playlist?list=PLBgogxgQVM9tEGqcLF7DL_Q0sst5RvPLn
Spanner Non-relational / NoSQL Relational Managed Redis & MemcacheD Serverless, scalable document store Managed MySQL, PostgreSQL, & SQL Server Scalable relational database Low latency, scalable wide column store BigQuery Enterprise data warehouse Data warehouse Database Management Portfolio on GCP Databases On GCE/BMS Microsoft SQL Server Oracle SAP HANA IBM DB2 Built and managed by Google Built and managed by Partners (as a service or Anthos) Managed by you and/or Partners MySQL PostgreSQL MariaDB Non-relational Strategic Partners NDA
Bare Metal OS Bare Metal Tool pack Bring your own OS Bare Metal Solution Interconnect GKE Compute Engine Cloud Router Cloud Firewall Rules Cloud Storage Billing Cloud Virtual Network Co-location DB DB 91 App Bring your own DB or App
Data Catalog (Metadata Management) & Composer (Workflow Orchestration) Dataflow (Streaming) Dataproc (Hadoop/Spark) Data Fusion (Data Integration) Dataprep (Wrangling) Process BigQuery Bigtable Cloud Storage Databases (e.g. Cloud SQL, Spanner) Store BigQuery Dataproc (Spark) Analyze AI Platform Connected Sheets Looker Activate New capabilities BI Engine Omni ML Data QnA Streaming data Google’s Smart Analytics Platform Open & flexible, Intelligent, Proven Batch data
and higher concurrency Materialized Views Precomputed views that periodically cache query results for increased performance and efficiency Partitioning and Clustering Improve performance for queries that use filters and aggregates Stateless compute workers Latency Low High Distributed storage Streaming Ingest (Vortex) Free Bulk Loading Very Hot (GB) Super-fast, Open and Self-tuning Hot (10’sTB) Zero maintenance, Always fresh and Automatic query rewrite Warm (100’s TB) Flexible partitioning (date, integer, hour) and Automatic reclustering Cold (PB) High throughput streaming API with exactly once delivery Adaptive Caching: BI Engine and Materialized Views Multi-level, smart caching architecture delivers maximum performance and real-time insights
Intent identification • Entity matching • SQL generation • Query execution * Analyza: Exploring Data with Conversation, Intelligent User Interfaces 2017, ACM Business Manager Data QnA – Natural language interface for BigQuery
Regression Other Models k-means clustering Time series forecasting Model Import/Export TensorFlow models for batch and online prediction NDA AutoML Tables Linear regression DNN regressor (TensorFlow) Boosted trees using XGBoost AutoML Tables Recommendation: Matrix factorization NEW What’s new in BigQuery ML BQML: ML on structured or semi-structured data directly inside BigQuery
Platform Development Environment AutoML Custom Models Services & Solutions Ease of Implementation Structured Data Sight Language Conversation Services Solutions Structured Data Sight Language Integrated with Built-in Tools On-prem Frameworks Accelerators Document AI Contact Center AI ASL Professional Services Cloud AI Partners Video Intelligence Vision Natural Language Translation Recommendations AI Speech- to-Text Text-to- Speech Dialogflow Enterprise Vision Natural Language Translation Tables Video Datasets Training Dataproc Dataflow Dataprep Data Studio BigQuery Kubeflow Predictions GPU TPU CPU Data Labeling Pre-built Algorithms Notebook (DL) VM Images Looker Edge TPU Cloud Storage Overview of Google Cloud AI
Deliver anywhere in the customer journey 1 Ingest your data 2 Quickly customize for business needs 3 - Data catalog - User event data - ... - Recommandation type - Recommandation objective - Customization - ... - Prediction API Recommendation AI (beta) Highly personalized product recommendations at scale.
Retailer Past sales, inventory, web history Product catalog and descriptions Marketing and Events Pricing and Promotions Store, DC and Location information Insights for retail planners Proprietary Machine Learning models Enrichment of demand signals Product demand predictions and Insights
Notebooks • VM images (with CPU, GPU, TPU) • Support for MLOps • Popular ML frameworks • Integration with Google Cloud services for data collection, storage & processing One platform to build, deploy, and manage machine learning models
AI Platform Pipelines Evaluate Model Validate Model Deploy Model Artifact Store Cloud Storage Processing Cloud Dataflow Scalable Inference AI Platform Prediction Serverless Training AI Platform Training Data warehouse BigQuery Simplified MLOps with AI Platform Pipelines
TPU Cloud TPU Pod GPU P4 P100 T4 K80 V100 CPU Skylake Cloud TPU Pods (v2 and v3 are now GA) Supercomputers for ML TPU (non-pod): 15x to 30x faster than contemporary GPUs and CPUs. Source: TechCrunch article Cascade
AI Contact center insights AI Enable rich interactions with virtual agents (bots). Many languages Many channels Make Agents superheroes in the eye of the customers. Work on the tough problems and solve them efficiently Eliminate grunt work Provide visibility and actionable ways to improve the Contact Center performance UNDERLYING TECHNOLOGIES Contact Center AI TTS STT Dialogflow
gradients Highlights areas of positive attribution XRAI method Highlights areas with + or - influence on positive prediction Explainable AI SDK explanation_metadata.json visualization: { "type": "outlines", # Can also use "pixels" "polarity": "positive", "clip_below_percentile": 70, "clip_above_percentile": 99.9, "color_map": "pink_green", "overlay_type": "grayscale" }
feature importance How individual features in a specific prediction request affected the resulting prediction as compared to the baseline Source: https://cloud.google.com/automl-tables/docs/explain
• Why is my model not performing? Detect data issues • How can I make it better? Iterative workflow End user and Stakeholders • Establish a level of trust • Clarity over model's behavior • Define fallback policies to avoid catastrophic failures
cncfcanada
kzkmaeda
tamaiyutaro
eventhub
ma3tk
harishpillay
stknohg
chibiegg
inesmontani
meow_noisy
ysknsid25
tebiki
paraworld
maggiecrowley
mthomps
holman
brettharned
addyosmani
skipperchong
philnash
gr2m
morganepeng
maltzj
aarron
paigeccino
