upendra25312 · June 5, 2022 07:02 · May 30, 2018 · May 30, 2018 · May 30, 2018 · May 30, 2018
diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -12,6 +12,7 @@
 * [GCP Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc)
 * [GCP Treehouse - Example Solutions](http://gcp.solutions/)
 * [Data Storage Options and Use Cases](https://cloud.google.com/storage-options/)
+* [Hadoop Ecosystem Explained](https://hadoopecosystemtable.github.io/)
 
 ## Courses
 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -11,6 +11,7 @@
 * [GCP Networking Fundamentals](https://www.networkmanagementsoftware.com/google-cloud-platform-gcp-networking-fundamentals/)
 * [GCP Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc)
 * [GCP Treehouse - Example Solutions](http://gcp.solutions/)
+* [Data Storage Options and Use Cases](https://cloud.google.com/storage-options/)
 
 ## Courses
 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -7,6 +7,7 @@
 * [GCP Enterprise Best Practices](https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations)
 * [GCP Designing a Disaster Recovery Plan](https://cloud.google.com/solutions/designing-a-disaster-recovery-plan)
 * [GCP Example Solutions](https://cloud.google.com/solutions/)
+ * [Mobile Gaming Analysis Telemetry](https://cloud.google.com/solutions/mobile/mobile-gaming-analysis-telemetry#scenario_1_transferring_files_from_on-premises_servers)
 * [GCP Networking Fundamentals](https://www.networkmanagementsoftware.com/google-cloud-platform-gcp-networking-fundamentals/)
 * [GCP Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc)
 * [GCP Treehouse - Example Solutions](http://gcp.solutions/)
@@ -583,6 +584,8 @@ When should I use it?
 * Low-latency content delivery
 * Based on HTTP(S) CLB & integrated with GCE & GCS
 * Supports GCP only
+  * HTTP(S) LBs
+    * Backend can be a GCS Bucket
   * Does not support custom origins
 * Supports the following protocols of HTTP/2 and HTTPS
 * Pay for

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -551,8 +551,8 @@ When should I use it?
 * **Regional** **Global**
 * Built into their Software Defined Networking (SDN) system that can naturally handle spikes without any prewarming
 
-* Two types:
-  * Regional Metwork Load Balancer
+* Two types of  availability:
+  * Regional Network Load Balancer
     * Supports:
       * Session Affinity
         * Setting up uses forwarding rules based on IP, protocol (TCP/UDP), and (optionally) port
@@ -562,6 +562,22 @@ When should I use it?
     * Supports:
       * Multi-region failover for HTTP(S), SSL Proxy, and TCP Proxy
 
+* LB Types
+  * HTTPS(S) Load Balancing
+    * HTTP LB
+    * HTTPS LB
+    * Internet facing or single and multi-region
+  * TCP Load Balancing
+    * TCP LB
+    * SSL Proxy
+    * TCP Proxy
+    * Internet facing or single and multi-region
+  * UDP Load Balancing
+    * UDP LB
+    * Internet facing or single region
+
+ ![LB Process Flow](https://cloud.google.com/compute/docs/load-balancing/images/basic-http-load-balancer.svg)
+
 ## Cloud CDN
 * **Global**
 * Low-latency content delivery

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -846,9 +846,9 @@ Say you have an application running within GCP on a GCE instance but you need to
 * [CAPEX vs OPEX](https://www.investopedia.com/ask/answers/020915/what-difference-between-capex-and-opex.asp)
 * `gcloud alpha` vs `gcloud beta` vs `gcloud`
 * How do you share a VPC network from one project to another within an organisation.
- * You have to configure a [Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc)
-* What is a Shared VPC?
- * It's [this](https://cloud.google.com/vpc/docs/shared-vpc)
+  * You have to configure a [Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc)
+    * What is a Shared VPC?
+      * It's [this](https://cloud.google.com/vpc/docs/shared-vpc)
 
 # Training Exercises
 * [Kubernetes](https://kubernetes.io/docs/tutorials/) and [Helm](https://docs.helm.sh/using_helm/#quickstart) within [GCP](https://codelabs.developers.google.com/codelabs/cloud-compute-kubernetes/#0)

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -674,6 +674,8 @@ Say you have an application running within GCP on a GCE instance but you need to
 * Pay for data volume; min 1KB per publish/push/pull request, not charged per message
 * Can even end up being the replacement for things such as AWS Kinesis or Apache Kafka
 
+![Pub/Sub Diagram](https://cloud.google.com/pubsub/images/pub_sub_flow.svg)
+
 #### Components
 * Topic and Subscribers
   * A publisher sends a message to that topic which will then get sent to all the subscribers

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -723,10 +723,9 @@ Say you have an application running within GCP on a GCE instance but you need to
 
 ## Cloud Dataflow
 * **Zonal**
-* Fully Managed
+* Fully Managed Apache Beam
 * Smartly-autoscaled and dynamically redistributes lagging work, mid-job, to optimise run time
 * Batch or Stream MapReduce-like processing
-* Apache Beam integration
 * Integrates with:
   * Cloud Pub/Sub
   * Datastore,

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -9,6 +9,7 @@
 * [GCP Example Solutions](https://cloud.google.com/solutions/)
 * [GCP Networking Fundamentals](https://www.networkmanagementsoftware.com/google-cloud-platform-gcp-networking-fundamentals/)
 * [GCP Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc)
+* [GCP Treehouse - Example Solutions](http://gcp.solutions/)
 
 ## Courses
 
@@ -822,6 +823,19 @@ Say you have an application running within GCP on a GCE instance but you need to
 * **Global**
 * Programmatically manage billing for GCP projects and get GCP pricing
 
+# Development & APIs
+
+## Cloud Endpoints
+* **Global**
+* Handles auth, monitoring, logging, and API keys for APIs backed by GCP
+* Based on NGINX and runs on a container (running on instances), called an ESP (Extensible Service Proxy) which is super fast and hook into the Cloud Load Balancer
+* Uses JWT
+* Integrates with:
+  * Firebase
+  * Auth0
+  * Google Auth
+* Pay per call to your API
+
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 
 * [helm](https://docs.helm.sh/using_helm/#quickstart)

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -747,6 +747,81 @@ Say you have an application running within GCP on a GCE instance but you need to
 * Big Data Visualisation tool for dashboards and reporting
 * Similiar to AWS Quicksight and Tableau
 
+# Operations and Management
+
+## Stackdriver
+* **Global**
+* Family of services for monitoring, logging, and diagnosing apps on GCP and AWS
+
+### Stackdriver Monitoring
+* **Global**
+* Provides visibility into perf, uptime, and overall health of cloud apps
+  * Based on collectd
+* Includes built in custom metrics, dashboards, global uptime monitoring and alerts
+* Can follow a trail, such as Linking from an alert, then to the dashboards, to logs, and then to the traces
+* Premium Monitorigin can support AWS
+* Sends alerts via email, and GCP Mobile App
+  * Premium can send to SMS, Slack, SNS, HipChat, webhook, etc...
+* Pay per time series per month for custom logs-based metrics allotment overages
+
+### Stackdriver Logging
+* **Global**
+* Similar to Splunk and Cloudwatch Logs
+* Store, search, analyse, and alert on log data and events
+  * Based on Fluentd
+* Send any logs through API alongwith built in support for some GCP services and AWS with an agent
+* Create real-time metrics from log data, then alert or chart them on dashboards
+* Send real-time log data to BigQuery for advanced analytics and SQL-like querying
+* When logs are about to expire you can export to GCS
+* Pay per project per month; pay for premium to get more per hour
+
+## Stackdriver Reporting
+* **Global**
+* Counts, analyses, aggregates, and tracks crashes within a centralised interface
+* Alert when a new application error cannot be grouped with existing ones
+* Link directly from notifications to error details
+* Exception stack trace parser knows:
+  * Java
+  * Python
+  * JavaScript
+  * Ruby
+  * C#
+  * PHP
+  * Go
+
+## Stackdriver Trace
+* **Global**
+* Tracks and displays call tree and timings across distributed systems to debug performance
+* Automaticall captures traces from App Engine
+* Zipkin collector allows Zipkin tracers to submit data to Trace
+* Generate reports on demand and get daily auto reports per traced app 
+
+## Stackdriver Debugger
+* **Global**
+* Grabs program state (callstate, vars, expressions) in live deploys
+* Source view supports:
+  * Cloud Source Repository
+  * Github
+  * Bitbucket
+  * Local and Upload
+* Share debuggin session with others all you need to do is send the URL
+* Free to use
+
+## Cloud Deployment Manager
+* **Global**
+* Similar to Terraform and Cloudformation
+* Create and Manage resources via declarative tempaltes
+* Templates written in:
+  * YAML
+  * Python
+  * Jinja2
+* Supports input and output parameters
+* Create and update of deployments both support preview 
+
+## Cloud Billing API
+* **Global**
+* Programmatically manage billing for GCP projects and get GCP pricing
+
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 
 * [helm](https://docs.helm.sh/using_helm/#quickstart)

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -229,6 +229,45 @@ Much more granular access, they are applied at the *Resource* level
 * You can define custom IAM roles at the organisation level
 * Can apply IAM policies at organisation, folder or project levels
 
+## Cloud Audit Logging
+* **Global**
+* Who did what, where, and when?
+* Maintains two audit logs for each project and organisation:
+  * Admin activity
+    * 400 day retention which is free
+  * Data Access
+    * 7 day retention which is free but if you require 30 days of retention then you have to pay
+* This is a Stackdriver service
+
+## Cloud KMS
+* **Regional** and **Global**
+* Low-latency service to manage and use AES256 encryption keys, to protect secrets
+* Rotate keys automatically or on demand
+  * Keeps old active key version, to allow decypting
+* Key deletion has 24 hour delay to prevent accidental or malicious data loss
+* You pay for:
+  * the active key versions stored over time
+  * key use operations such as encyption and decryption
+
+## Cloud IAP (Identity Aware Proxy)
+* Guards apps running on GCP through identity verification instead of VPN access
+* Based on CLB and IAM and woll only pass authorised requests
+* Pay for load balancing / protocol forwarding rules and traffic
+
+![Cloud IAP](https://cloud.google.com/images/products/iap/iap-lead.png "Cloud IAP")
+
+## Security Scanner
+* **Global**
+* Free but limited GAE application vulnerability scanner with "very low false positive rates"
+* Crawler based
+* Can detect:
+  * XSS (Cross-site-scripting)
+  * Flash injection
+  * Mixed content (Is there HTTP content within HTTPS)
+  * Outdated/insecure libraries
+
+
+
 ## Global, Regional, and Zonal Resources
 
 | Resource              | Global | Regional | Zonal | 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -153,31 +153,51 @@ Example: `gcloud compute instances create instance-1 --zone us-central1-a`
 ## API
 
 
-# IAM
+# Cloud IAM
 
 Provides granular access to resources, prevents unwanted access to other resources and adopts the security principle of least privilege.
 
 Core Components:
 * Members (Who)
   * Person (Google Account)
+  * Google Group
   * Service Account
     * Special type of account belonging to your application and can be identified by `<project_number/id>@developer.gserviceaccount.com`
 * Permissions & Roles (What)
   * Role
-    * Collection of *permissions*
+    * Collection of *permissions* to use or manage GCP resources
     * Assigned to users
   * Permissions
     * Give access to a given *resource*
     * Identified by `<service>.<resource>.<verb>`
+      * E.g. `pubsub.subscriptions.consume`
 * Resources
 * Policies
+  * Bind Members to Roles at a hierarchy level
+    * Such as Organisation, Folder, Project or Resource
   * Collection of *Roles* that define who has what type of access
   * Are hierarchally defined, with parent overruling child policy
+
+## Service Accounts
+* **Global**
+* Similar to AWS Role
+* This is a special type of Google account that represents an application, not an end user
+* Can be "assumed" by applications or individual users when authorised
+
+### Service Account Keys
+
+#### GCP-managed keys
+* Keys used by GCP services such as App Engince and Compute Engine
+* Key cannot be downloads
+* Rotated automatically on a weekly basis
+
+#### User-managed keys
+* Keys are created, downloadable, and managed by users
+* Expire 10 years from creation
 
 ## Primitive vs Predefined Roles
 
 ### Primitive
-
 Historical roles before Cloud IAM was implemented, they are applied at the *Project* level and the scope is very broad.
 
 Types:
@@ -191,9 +211,24 @@ Types:
   * Setup project billing
 
 ### Predefined
-
 Much more granular access, they are applied at the *Resource* level
 
+## Cloud Identity
+* **Global**
+* Identity as a Service (IDaaS) to provision and manage users and groups
+* Supports MFA and enforcement, including security keys
+* Identities can be used to SSO with other apps via OIDC, SAML, OAuth2
+* Can sync from AD and LDAP directories via Google Cloud Directory Sync
+* Free Google Accounts for non Google Suite users, tied to a verified domain
+
+## Cloud Resource Manager
+* **Global**
+* Hierarchically manage resources by project, folder, and organization
+  * Organisation is root node in hierarchy
+* Provides a Recycle bin which allows you to undelete projects
+* You can define custom IAM roles at the organisation level
+* Can apply IAM policies at organisation, folder or project levels
+
 ## Global, Regional, and Zonal Resources
 
 | Resource              | Global | Regional | Zonal | 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -597,7 +597,6 @@ Say you have an application running within GCP on a GCE instance but you need to
 * At least once messaging for ingestion, decoupling etc...
 * Can be thought of as the "glue" that links everything together
 * Pay for data volume; min 1KB per publish/push/pull request, not charged per message
-* Has "poll mode" which is similar to AWS SQS
 * Can even end up being the replacement for things such as AWS Kinesis or Apache Kafka
 
 #### Components
@@ -618,7 +617,61 @@ Say you have an application running within GCP on a GCE instance but you need to
 
 ##### Pull
 * Delivers messages to requesting clients and waits for ACK to delete or until the timer expires
-* Lets clients set rate of consumption, and suppors batching and long-polling
+* Lets clients set rate of consumption, and suppors batching and long-polling (Similar to AWS SQS)
+
+## Cloud Dataprep
+* **Global**
+* Visually explore, clean, and prep data for analysis without running servers
+* Ad-hoc ETL, for BA's and not IT professionals
+* Managed version of Trifacta Wrangler
+* Source data can be from the services and types below, formatted in CSV, JSON, or relational:
+  * GCS
+  * BigQuery
+  * File Upload
+* Automatically detects schemas, datatypes, possible joins, and various anomalies
+* Pay for underlying Dataflow job, plus management overhead charge on top of the services accessed
+
+## Cloud Dataproc
+* **Zonal**
+* Batch MapReduce processing via configurable, managed Spark & Hadoop clusters
+* Scales, by removing or adding nodes, even whhile jobs are running
+* Integrates with:
+  * GCS
+  * BigQuery
+  * Bigtable
+  * Some Stackdriver services
+* Pay for:
+  * underlying GCE servers used in the cluster
+  * a Cloud Dataproc management fee per vCPU-hour in the cluster
+* **You should use this service to move *existing* Spark/Hadoop setups to GCP**
+  * You should use Cloud Dataflow for new data processing pipelines
+
+## Cloud Dataflow
+* **Zonal**
+* Fully Managed
+* Smartly-autoscaled and dynamically redistributes lagging work, mid-job, to optimise run time
+* Batch or Stream MapReduce-like processing
+* Apache Beam integration
+* Integrates with:
+  * Cloud Pub/Sub
+  * Datastore,
+  * BigQuery
+  * Bigtable
+  * Cloud ML
+  * Stackdriver
+* Pay for underlying worker GCE via consildated charges
+  * Pay per second for vCPUs, RAM GBs, and Persistent Disks
+  * Dataflow *Shuffle* charged for time per GB used
+
+## Cloud Datalab
+* **Regional**
+* Interactive tool for data exploration, analysis, visualization and machine learning
+* Uses Jupyter Notebook
+
+## Cloud Data Studio
+* **Global**
+* Big Data Visualisation tool for dashboards and reporting
+* Similiar to AWS Quicksight and Tableau
 
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -591,6 +591,35 @@ Say you have an application running within GCP on a GCE instance but you need to
 #### Protocol Bridge
 * Publishes incoming telemtry to Cloud PubSub for processing
 
+## Cloud Pub/Sub (Publish/Subscribe)
+* **Global**
+* Infinitely scalable
+* At least once messaging for ingestion, decoupling etc...
+* Can be thought of as the "glue" that links everything together
+* Pay for data volume; min 1KB per publish/push/pull request, not charged per message
+* Has "poll mode" which is similar to AWS SQS
+* Can even end up being the replacement for things such as AWS Kinesis or Apache Kafka
+
+#### Components
+* Topic and Subscribers
+  * A publisher sends a message to that topic which will then get sent to all the subscribers
+
+##### Messages
+* Can be up to 10MB
+* Undelivered messages are strored for 7 days
+  * There is no DLQ (Dead Letter Queue)
+
+#### Modes
+
+##### Push
+* Delivers to HTTPS endpoints
+* Will delete messages when it receives an HTTP success code
+* Uses a "slow-start" algorithm which ramps up on success and backs off & retries, on failures
+
+##### Pull
+* Delivers messages to requesting clients and waits for ACK to delete or until the timer expires
+* Lets clients set rate of consumption, and suppors batching and long-polling
+
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 
 * [helm](https://docs.helm.sh/using_helm/#quickstart)

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -577,6 +577,20 @@ Say you have an application running within GCP on a GCE instance but you need to
 
 ![GCP Big Data Lifecycle](https://cloud.google.com/solutions/images/data-lifecycle-1.svg "GCP Big Data Lifecycle")
 
+### IoT Core
+* **Global**
+* Fully Managed
+* A service to connect, manage, and ingest data from devices globally
+* Devices connect securely using IoT industry-standard MQTT or HTTPS protocols
+* CA signed certs can be used to verify device ownership on first connect
+* Pay per MB of data exchanged with devices
+
+#### Device Manager
+* Handles device identity, authentication, config, and control
+
+#### Protocol Bridge
+* Publishes incoming telemtry to Cloud PubSub for processing
+
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 
 * [helm](https://docs.helm.sh/using_helm/#quickstart)

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -571,6 +571,12 @@ Say you have an application running within GCP on a GCE instance but you need to
 * Contact CDN provider to set up for GCP project and which regions
 * Free to enable, then pay less for the egress you configured
 
+## Big Data & IoT
+
+### Big Data Lifecycle
+
+![GCP Big Data Lifecycle](https://cloud.google.com/solutions/images/data-lifecycle-1.svg "GCP Big Data Lifecycle")
+
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 
 * [helm](https://docs.helm.sh/using_helm/#quickstart)

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -412,6 +412,11 @@ Notes:
 * Pay for GB-hours used for storage
   * Cheap HDD or fast SSD
 
+When should I use it?
+* Storing 1TB and more of structured data
+* When there is a very high high volume of writes
+* When read and write latency reqwuirements are that of a single digit millisecond range with strong consistency
+* When a clear, straightforward migration from HBase to a managed cloud service is required
 ### Cloud Storage
 * **Regional** **Multi-Regional**
 * Fully Managed

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -391,6 +391,7 @@ TBA
 
 Notes:
 * Cloud Datastore was born as the structured data store for AppEngine
+* Scales from 0 to terabytes worth of data as your application grows
 
 ### Bigtable
 * **Regional**

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -350,7 +350,7 @@ TBA
 * Scaling is manual (both vertically and horizontally)
 
 ### Cloud Spanner
-* **Regional/Multi-Regional/Global**
+* **Regional** / **Multi-Regional** / **Global**
 * Horizontally scalable
 * Strongly consistent
   * Provides external consistency which is far more than stongly
@@ -376,6 +376,22 @@ TBA
     * This gets cheaper when tables are not modified for 90 days
   * Streaming inserts paid per GB
 
+### Cloud Datastore
+* **Regional** / **Multi-Regional**
+* Fully Managed
+* NoSQL DB
+* Similar to DynamoDB
+* Capabilities:
+  * ACID transactions
+  * SQL-like queries
+  * Indexes
+  * RESTful interface
+* Pay for GB-months of storage used
+* Pay for IO operations (r,w,deletes) performed
+
+Notes:
+* Cloud Datastore was born as the structured data store for AppEngine
+
 ### Bigtable
 * **Regional**
 * Fully Managed
@@ -395,19 +411,6 @@ TBA
 * Pay for GB-hours used for storage
   * Cheap HDD or fast SSD
 
-### Cloud Datastore
-* **Regional** **Multi-Regional**
-* Fully Managed
-* NoSQL DB
-* Similar to DynamoDB
-* Capabilities:
-  * ACID transactions
-  * SQL-like queries
-  * Indexes
-  * RESTful interface
-* Pay for GB-months of storage used
-* Pay for IO operations (r,w,deletes) performed
-
 ### Cloud Storage
 * **Regional** **Multi-Regional**
 * Fully Managed

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -572,6 +572,8 @@ Say you have an application running within GCP on a GCE instance but you need to
 * `gcloud alpha` vs `gcloud beta` vs `gcloud`
 * How do you share a VPC network from one project to another within an organisation.
  * You have to configure a [Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc)
+* What is a Shared VPC?
+ * It's [this](https://cloud.google.com/vpc/docs/shared-vpc)
 
 # Training Exercises
 * [Kubernetes](https://kubernetes.io/docs/tutorials/) and [Helm](https://docs.helm.sh/using_helm/#quickstart) within [GCP](https://codelabs.developers.google.com/codelabs/cloud-compute-kubernetes/#0)

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -55,6 +55,8 @@ Example: *us-central1-a*
 
 ![GCP Networking Fundamentals](https://s25119.pcdn.co/wp-content/uploads/topology-1024x589.png "GCP Networking Fundamentals")
 
+### [VPC Networks](https://cloud.google.com/vpc/docs/vpc)
+
 ## Pricing
 
 ### Resources
@@ -66,8 +68,6 @@ Example: *us-central1-a*
   * Egress to some GCP services sometimes free
 
 ### Sustained-use discounts
-
-
 * Sustained use discounts are applied automatically; there is no action required on your part to enable these discounts.
 * Discounts increase
 * You can get up to a 30% net discount for instances that run the entire month.
@@ -83,7 +83,6 @@ Example: https://cloudplatform.googleblog.com/2014/04/introducing-sustained-use-
 TBA
 
 ## Security
-
 * All data is encrypted at rest
 * Network encryption
 ** All control information is encrypted
@@ -562,6 +561,7 @@ Say you have an application running within GCP on a GCE instance but you need to
   * Fastly
 * Contact CDN provider to set up for GCP project and which regions
 * Free to enable, then pay less for the egress you configured
+
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 
 * [helm](https://docs.helm.sh/using_helm/#quickstart)
@@ -570,6 +570,8 @@ Say you have an application running within GCP on a GCE instance but you need to
 * Organsiational setup suing Projects for isolation etc...
 * [CAPEX vs OPEX](https://www.investopedia.com/ask/answers/020915/what-difference-between-capex-and-opex.asp)
 * `gcloud alpha` vs `gcloud beta` vs `gcloud`
+* How do you share a VPC network from one project to another within an organisation.
+ * You have to configure a [Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc)
 
 # Training Exercises
 * [Kubernetes](https://kubernetes.io/docs/tutorials/) and [Helm](https://docs.helm.sh/using_helm/#quickstart) within [GCP](https://codelabs.developers.google.com/codelabs/cloud-compute-kubernetes/#0)

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -8,6 +8,7 @@
 * [GCP Designing a Disaster Recovery Plan](https://cloud.google.com/solutions/designing-a-disaster-recovery-plan)
 * [GCP Example Solutions](https://cloud.google.com/solutions/)
 * [GCP Networking Fundamentals](https://www.networkmanagementsoftware.com/google-cloud-platform-gcp-networking-fundamentals/)
+* [GCP Shared VPC](https://cloud.google.com/vpc/docs/shared-vpc)
 
 ## Courses
 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -7,6 +7,7 @@
 * [GCP Enterprise Best Practices](https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations)
 * [GCP Designing a Disaster Recovery Plan](https://cloud.google.com/solutions/designing-a-disaster-recovery-plan)
 * [GCP Example Solutions](https://cloud.google.com/solutions/)
+* [GCP Networking Fundamentals](https://www.networkmanagementsoftware.com/google-cloud-platform-gcp-networking-fundamentals/)
 
 ## Courses
 
@@ -49,6 +50,10 @@ Example: Multi-region = *us-central*
 
 Example: *us-central1-a*
 
+## GCP Networking Fundamentals
+
+![GCP Networking Fundamentals](https://s25119.pcdn.co/wp-content/uploads/topology-1024x589.png "GCP Networking Fundamentals")
+
 ## Pricing
 
 ### Resources

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -6,6 +6,7 @@
 * [Cloudreach Blog - Passing the exam after an initial failure](https://www.cloudreach.com/blog/cloudreach-hits-120-gcp-certified-experts/)
 * [GCP Enterprise Best Practices](https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations)
 * [GCP Designing a Disaster Recovery Plan](https://cloud.google.com/solutions/designing-a-disaster-recovery-plan)
+* [GCP Example Solutions](https://cloud.google.com/solutions/)
 
 ## Courses
 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -5,6 +5,7 @@
 * [Google Developers Codelabs](https://codelabs.developers.google.com/)
 * [Cloudreach Blog - Passing the exam after an initial failure](https://www.cloudreach.com/blog/cloudreach-hits-120-gcp-certified-experts/)
 * [GCP Enterprise Best Practices](https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations)
+* [GCP Designing a Disaster Recovery Plan](https://cloud.google.com/solutions/designing-a-disaster-recovery-plan)
 
 ## Courses
 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -4,7 +4,7 @@
 * [GCP Certification Quiz](https://quizlet.com/212776254/gcp-certification-flash-cards/)
 * [Google Developers Codelabs](https://codelabs.developers.google.com/)
 * [Cloudreach Blog - Passing the exam after an initial failure](https://www.cloudreach.com/blog/cloudreach-hits-120-gcp-certified-experts/)
-* [Enterprise Best Practices](https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations)
+* [GCP Enterprise Best Practices](https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations)
 
 ## Courses
 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -4,6 +4,7 @@
 * [GCP Certification Quiz](https://quizlet.com/212776254/gcp-certification-flash-cards/)
 * [Google Developers Codelabs](https://codelabs.developers.google.com/)
 * [Cloudreach Blog - Passing the exam after an initial failure](https://www.cloudreach.com/blog/cloudreach-hits-120-gcp-certified-experts/)
+* [Enterprise Best Practices](https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations)
 
 ## Courses
 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -1,6 +1,7 @@
 # Resources
 
 * [Ally's GCP Quiz](https://quizlet.com/255667344)
+* [GCP Certification Quiz](https://quizlet.com/212776254/gcp-certification-flash-cards/)
 * [Google Developers Codelabs](https://codelabs.developers.google.com/)
 * [Cloudreach Blog - Passing the exam after an initial failure](https://www.cloudreach.com/blog/cloudreach-hits-120-gcp-certified-experts/)
 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -493,6 +493,65 @@ TBA
   * Certain services (e.g. VPN)
   * Network egress
 
+## Cloud Interconnect
+* **Regional** **Multi-Regional**
+
+### Use Case
+Say you have an application running within GCP on a GCE instance but you need to let the application access data from a business system on-premise then you would choose to Cloud Interconnect
+
+* Connecting external networks to Google's network
+
+### Direct access to RFC1918 IPs in your VPC - with SLA (Private Connections)
+* Dedicated Interconnect
+* Cloud VPN
+
+### Access to Google public IPs only - without SLA Peering
+* Direct Peering
+* Carrier Peering
+
+## Cloud VPN
+* **Regional**
+* IPsec VPN
+ * To connect to VPC via public internet for low-volume data connections
+ * Persistent, static connections between gateways
+   * Not for a Dynamic client
+ * VPN Gateways must have static IP
+ * **Encrypted link to VPC, into one subnet**
+ * Supports both Static and Dynamic routing
+   * Dynamic is preferred to stop the need to re-establish the connection
+ * 99.9% availability SLA
+ * Pay per tunnel-hour
+ * Normal traffic charges apply
+
+## Dedicated Interconnect
+* **Regional** **Multi-Regional**
+* Direct physical link between VPC and on-prem for high-volume data connections
+* VLAN attachment is private connection to VPC in one region; no public GCP APIs
+* Link are private but not encrypted
+  * You need to layer your own encryption in order to achieve encrypted traffic
+* Redundant connections are advised to provide high availabilty achieving 99.99% SLA.
+  * Without redundant conneciotns the SLA is 99.9%
+* Pay fee per 10Gbps link, plus small fee per VLAN attachment
+
+## Cloud Router
+* **Regional**
+* Dynamic routing using BGP for hybrid networks linking GCP VPCs to external networks
+* Works with Cloud VPN and Dedicated Interconnect
+* Automatically learns subnets in VPC and announces them to on-prem network
+* Without Cloud Router you must manage static routes for VPN
+* Free to setup
+* Pay for VPC egress
+
+## CDN Interconnect
+* **Regional** **Multi-Regional**
+* Direct, low-latency connectivity to certain CDN providers, with cheaper egress
+* For external CDNs, not GCP's CDN service
+* Supports:
+  * Akami
+  * Cloudflare
+  * Fastly
+* Contact CDN provider to set up for GCP project and which regions
+* Free to enable, then pay less for the egress you configured
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 
 * [helm](https://docs.helm.sh/using_helm/#quickstart)

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -471,6 +471,27 @@ TBA
 
 ## Cloud CDN
 * **Global**
+* Low-latency content delivery
+* Based on HTTP(S) CLB & integrated with GCE & GCS
+* Supports GCP only
+  * Does not support custom origins
+* Supports the following protocols of HTTP/2 and HTTPS
+* Pay for
+  * POP to client network egress
+  * HTTP(S) request volume
+  * Per cache invalidation request (not per resource)
+
+* VPC
+* **Global**
+* Global IPv4 unicast SDN for GCP resources
+* **Subnets are Regional**
+* Can:
+  * Be shared across multiple Projects
+  * Be peered with other VPCs
+  * Enable private (internal IP) access to some GCP services (e.g. BQ, GCS)
+* Pay for:
+  * Certain services (e.g. VPN)
+  * Network egress
 
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 

diff --git a/GCP-CA-Notes.md b/GCP-CA-Notes.md
@@ -424,6 +424,54 @@ TBA
   * GCS Bucket
 * Pay for it's actions, such as data transfer
 
+## Google Domains
+*  **Global**
+* Google's registrar for domain names
+* Built-in DNS or custom nameservers
+* Supports DNSSEC
+
+## Cloud DNS
+* **Global**
+* DNS service
+* 100% uptime guarantee
+* Low latency globally
+* Supports DNSSEC
+* Pay for:
+  * Hosted zone, fixed fee
+  * DNS lookups (i.e. usage)
+
+### Static IP
+* **Regional** **Global**
+* Two types:
+  * Regional Static IP
+    * GCE Instances
+    * Network Load Balancers
+  * Global Static IP (Anycast IP)
+    * Global Load Balancers
+      * HTTP(S)
+      * SSL Proxy
+      * TCP Proxy
+*Note:*
+ * Pay for IPs that are not in use
+
+## Cloud Load Balancing (CLB)
+* **Regional** **Global**
+* Built into their Software Defined Networking (SDN) system that can naturally handle spikes without any prewarming
+
+* Two types:
+  * Regional Metwork Load Balancer
+    * Supports:
+      * Session Affinity
+        * Setting up uses forwarding rules based on IP, protocol (TCP/UDP), and (optionally) port
+      * Round Robin
+      * Health Checks
+  * Global Load Balancer
+    * Supports:
+      * Multi-region failover for HTTP(S), SSL Proxy, and TCP Proxy
+
+## Cloud CDN
+* **Global**
+
 # Research
 * [xinetd](https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-services-xinetd.html) 
 * [helm](https://docs.helm.sh/using_helm/#quickstart)
No results found