Gcp

Last month, Google Cloud published Planning for the Worst: Reliability, Resilience, Exit and Stressed Exit in Financial Services. This happens to be a topic I have previously worked on, so I was very interested to hear the perspective that GCP would bring. The wider industry context here is that regulators are very interested in potential risks to the financial system arising from the wholesale migration to cloud computing; in March 2021 the Prudential Regulation Authority in the UK published two supervisory statements closely related to the topic, including Outsourcing and third party risk management, which introduces the concept of a “stressed exit”. That is, if a Cloud Service Provider were to become insolvent, suffer a catastrophic technical failure, or (perhaps more likely) get banned from doing business in a particular geographical region… as a bank, what would you do if you have outsourced all your computing services to that provider? ...

Maglev is the codename of Google’s Layer 4 network load balancer, which is referred to in GCP as External TCP/UDP Network Load Balancing. I read the 2016 Maglev paper to better understand various implementation details of Maglev with an emphasis on security (in particular as affects availability). Maglev uses a scale-out approach, implemented within clusters built from commodity hardware achieving n+1 redundancy, providing greater tolerance to failure compared with traditional hardware load balancers deployed in pairs (only 1+1 redundancy). The collection of Maglev machines are in an active-active setup, with the router balancing across them via Equal Cost Multipath (ECMP) routing. This permits greater hardware utilization compared to an active-passive approach. ...

I recently had cause to remind myself of Google Workspace administrator account best practices. Briefly: Set up separate admin accounts, e.g. admin-alice@example.com to exist side-by-side with alice@example.com. Keep accounts individually identifiable, and ideally ensure there are multiple Super Admins in your organization.1 Avoid using admin-alice@example.com for day-to-day use. One of these Super Admin accounts must be set as the primary account contact, but (due to the previous point) you’re unlikely to be checking the emails very often. Set up a “Secondary email” for the organization to receive alerts and updates. ...

Around this time each year it is especially useful to know when the rubbish is due to be collected by the local council, since the schedule is inevitably disrupted by the holidays until well into January. In fact where I live we have fortnightly collections, with different types of bin collected on alternate weeks, so I never find it easy to remember which bin is due to be put out. ...