The Architecture Center provides content resources across a wide variety of application development subjects.
Application development resources in the Architecture Center
You can filter the following list of application development resources by typing a product name or a phrase that's in the resource title or description.
Apache Guacamole on GKE and Cloud SQL Describes an architecture for hosting Apache Guacamole on Google Kubernetes Engine (GKE) and Cloud SQL. Apache Guacamole offers a fully browser-based way to access remote desktops through Remote Desktop Protocol (RDP). Products used: Cloud SQL, Compute Engine, Google Kubernetes Engine (GKE) |
Application deployment and testing strategies Provides an overview of commonly used application deployment and testing patterns. It looks at how the patterns work, the benefits they offer, and things to consider when you implement them. Products used: Google Kubernetes Engine (GKE) |
Architecture decision records overview Explains when and how to use architecture decision records (ADRs) as you build and run applications on Google Cloud. Products used: Cloud Pub/Sub, Cloud SQL, Google Kubernetes Engine (GKE) |
Architecture for MLOps using TensorFlow Extended, Vertex AI Pipelines, and Cloud Build This document describes the overall architecture of a machine learning (ML) system using TensorFlow Extended (TFX) libraries. It also discusses how to set up a continuous integration (CI), continuous delivery (CD), and continuous training (CT) for... Products used: Cloud Build |
Architectures for high availability of MySQL clusters on Compute Engine Describes several architectures that provide high availability (HA) for MySQL deployments on Google Cloud. Products used: Compute Engine |
Authenticating workforce users in a hybrid environment How to extend your identity management solution to Google Cloud to enable your workforce to authenticate and consume services in a hybrid computing environment. Products used: Cloud Identity |
Automate malware scanning for files uploaded to Cloud Storage This document shows you how to build an event-driven pipeline that can help you automate the evaluation of files for malicious code. Products used: Cloud Logging, Cloud Run, Cloud Storage, Eventarc |
Best practices and reference architectures for VPC design This guide introduces best practices and typical enterprise architectures for the design of virtual private clouds (VPCs) with Google Cloud. Products used: Cloud DNS, Cloud Interconnect, Cloud NAT, Cloud Router, Cloud VPN, Virtual Private Cloud |
Best practices for building containers This article describes a set of best practices for building containers. These practices cover a wide range of goals, from shortening the build time, to creating smaller and more resilient images, with the aim of making containers easier to build (for... Products used: Container Registry, Google Kubernetes Engine (GKE) |
Best practices for mobile game online architectures on Google Cloud Describes best practices for running an API-driven mobile game backend on Google Cloud, providing a reference that game developers can use as a starting point to design an online architecture for mobile games. Products used: App Engine, AutoML Tables, BigQuery, Cloud CDN, Cloud Logging, Cloud Memorystore, Cloud Monitoring, Cloud Run, Cloud SQL, Datastore, Firebase, Firebase Cloud Messaging, Firestore, Google Kubernetes Engine (GKE), Spanner, reCAPTCHA |
Best practices for operating containers This article describes a set of best practices for making containers easier to operate. These practices cover a wide range of topics, from security to monitoring and logging. Their aim is to make applications easier to run in Google Kubernetes Engine... Products used: Cloud Monitoring, Cloud Storage, Google Kubernetes Engine (GKE) |
Best practices for running cost-optimized Kubernetes applications on GKE This document discusses Google Kubernetes Engine (GKE) features and options, and the best practices for running cost-optimized applications on GKE to take advantage of the elasticity provided by Google Cloud. This document assumes that you are... Products used: Compute Engine, Google Kubernetes Engine (GKE) |
Provides guidance on extending your existing, on-premises render farm to use compute resources on Google Cloud (Google Cloud). Products used: BigQuery, Cloud Interconnect, Cloud Storage, Cloud VPN, Compute Engine, Dedicated Interconnect |
Build hybrid and multicloud architectures using Google Cloud Provides practical guidance on planning and architecting your hybrid and multi-cloud environments using Google Cloud. Products used: Anthos, Cloud Load Balancing, Compute Engine, Google Kubernetes Engine (GKE) |
Building a serverless DevOps pipeline for Salesforce with Cloud Build This document shows you how to build a serverless CI/CD pipeline for Salesforce using Salesforce Developer Experience (SFDX) and Cloud Build. Products used: Cloud Build, Cloud Storage |
Building internet connectivity for private VMs Describes options for connecting to and from the internet using Compute Engine resources that have private IP addresses. Products used: Cloud Load Balancing, Cloud NAT, Compute Engine, Identity-Aware Proxy |
C3 AI architecture on Google Cloud Develop applications using C3 AI and Google Cloud. Products used: Cloud Key Management Servoce, Cloud NAT, Cloud Storage, Virtual Private Cloud |
Centralized network appliances on Google Cloud This document is intended for network administrators, solutions architects, and operations professionals who run centralized network appliances on Google Cloud. Knowledge of Compute Engine and Virtual Private Cloud (VPC) networking in Google Cloud is... Products used: Cloud Load Balancing, Compute Engine |
CI/CD pipeline for developing and delivering containerized apps Describes how to set up and use a development, continuous integration (CI), and continuous delivery (CD) system using an integrated set of Google Cloud tools. Products used: Artifact Registry, Cloud Build, Cloud Deploy, Google Kubernetes Engine (GKE) |
Cloud Monitoring metric export Describes a way to export Cloud Monitoring metrics for long-term analysis. Products used: App Engine, BigQuery, Cloud Monitoring, Cloud Pub/Sub, Cloud Scheduler, Datalab, Looker Studio |
Configuring SaaS data protection for Google Workspace data with Spin.AI How to configure SpinOne - All-in-One SaaS Data Protection with Cloud Storage. |
Connect Google Virtual Private Clouds to Oracle Cloud Infrastructure using Equinix Shows how to use Equinix Network Edge and Partner Interconnect to deploy multicloud connectivity between Google Cloud VPC networks and Oracle® VCNs. Products used: Cloud Interconnect, Compute Engine, Virtual Private Cloud |
Connected device architectures on Google Cloud A series of documents that provide information about IoT architectures on Google Cloud and about migrating from IoT Core. |
Controls to restrict access to individually approved APIs Many organizations have a compliance requirement to restrict network access to an explicitly approved list of APIs, based on internal requirements or as part of adopting Assured Workloads. On-premises, this requirement is often addressed with proxy... Products used: assured Workloads |
Cost optimization for Google Cloud Observability Describes ways that you can understand your usage of Google Cloud Observability services and optimize your costs when using them. Products used: Cloud Logging, Cloud Monitoring, Cloud Profiler, Cloud Trace, Error Reporting |
Deploy an Active Directory forest on Compute Engine Describes how to deploy an Active Directory forest on Compute Engine in a way that follows the best practices. Products used: Cloud DNS, Compute Engine, Identity-Aware Proxy |
Deploy an enterprise developer platform on Google Cloud Describes the enterprise application blueprint, which deploys an internal developer platform that provides managed software development and delivery. |
Design secure deployment pipelines Describes best practices for designing secure deployment pipelines based on your confidentiality, integrity, and availability requirements. Products used: App Engine, Cloud Run, Google Kubernetes Engine (GKE) |
A set of capabilities that drive higher software delivery and organizational performance, as identified and validated by the DevOps Research and Assessment (DORA) team. |
Disaster recovery planning guide The first part of a series that discusses disaster recovery (DR) in Google Cloud. This part provides an overview of the DR planning process: what you need to know in order to design and implement a DR plan. Products used: Cloud Key Management Service, Cloud Storage, Spanner |
Distributed load testing using Google Kubernetes Engine Explains how to use Google Kubernetes Engine (GKE) to deploy a distributed load testing framework that uses multiple containers to create traffic for a simple REST-based API. |
Elastically scaling your MySQL environment Describes how to vertically scale (scale up and down) a high availability MySQL database cluster deployment (primary and replica database). Products used: Cloud Deployment Manager, Compute Engine |
File storage on Compute Engine Describes and compares options for file storage on Compute Engine. Products used: Compute Engine, Filestore |
From edge to mesh: Expose service mesh applications through GKE Gateway Combines Anthos Service Mesh with Cloud Load Balancing to expose applications in a service mesh to internet clients. Products used: Anthos Service Mesh, Cloud Load Balancing, Google Kubernetes Engine (GKE) |
GKE Enterprise reference architecture: Google Distributed Cloud Virtual for Bare Metal Describes the reference architecture used to deploy Anthos on bare metal and is based on Anthos architecture foundations and principles. Products used: Anthos, Compute Engine, Google Kubernetes Engine (GKE) |
Global load-balancing architectures using DNS routing policies This document describes how you can combine multiple regional load balancers with Google DNS routing policies to create global load-balancing architectures. The document is aimed at network engineers, solutions architects, and operations... Products used: Google Load Balancing |
Google Workspace Backup with Afi.ai Describes how to set up an automated Google Workspace backup using Afi.ai. Products used: Cloud Storage |
Hub-and-spoke network architecture Evaluate the architectural options for designing hub-and-spoke network topologies in Google Cloud. Products used: Cloud NAT, Cloud VPN, Virtual Private Cloud |
Hybrid and multicloud architecture patterns Discusses common hybrid and multicloud architecture patterns, and describes the scenarios that these patterns are best suited for. Products used: Cloud DNS, Cloud Interconnect, Cloud Pub/Sub, Cloud Run, Cloud SQL, Cloud Storage, Google Cloud Armor, Google Kubernetes Engine (GKE), Looker |
Hybrid and multicloud monitoring and logging patterns Discusses monitoring and logging architectures for hybrid and multicloud deployments, and provides best practices for implementing them by using Google Cloud. Products used: Anthos, Cloud Logging, Cloud Monitoring, Google Kubernetes Engine (GKE) |
Hybrid and multicloud secure networking architecture patterns Discusses several common secure network architecture patterns that you can use for hybrid and multicloud architectures. Products used: Cloud DNS, Cloud Interconnect, Cloud NAT, Cloud VPN, Compute Engine, Google Cloud Armor, Google Kubernetes Engine (GKE) |
Identify and prioritize security risks with Wiz Security Graph and Google Cloud Describes how to identify and prioritize security risks in your cloud workloads with Wiz Security Graph and Google Cloud. Products used: Artifact Registry, Cloud Audit Logs, Cloud SQL, Cloud Storage, Compute Engine, Google Kubernetes Engine (GKE), Identity Access Management, Security Command Center |
Image processing using microservices and asynchronous messaging Shows how to implement microservices using Google Kubernetes Engine (GKE) and Pub/Sub to invoke long-running processes asynchronously. Products used: Artifact Registry, Cloud Build, Cloud Pub/Sub, Cloud SQL, Cloud Storage, Cloud Vision, Compute Engine, Container Registry, Google Kubernetes Engine (GKE) |
Implementing Binary Authorization using Cloud Build and GKE Shows how to use Binary Authorization for Google Kubernetes Engine (GKE). Binary authorization is the process of creating attestations on container images for the purpose of verifying that certain criteria are met before you can deploy the images to GKE. Products used: Artifact Registry, Binary Authorization, Cloud Build, Cloud Key Management Service, Cloud Source Repositories, Google Kubernetes Engine (GKE) |
Implementing Cloud Run canary deployments with Git branches and Cloud Build Shows how to implement a deployment pipeline for Cloud Run that implements a progression of code from developer branches to production with automated canary testing and percentage-based traffic management. Products used: Cloud Build, Cloud Run, Cloud Source Repositories, Container Registry, Google Kubernetes Engine (GKE) |
Infrastructure for a RAG-capable generative AI application using GKE Shows you how to design the infrastructure for a generative AI application with RAG using GKE. Products used: Cloud SQL, Cloud Storage, Google Kubernetes Engine (GKE) |
This document is the first in a four-part series about designing, building, and deploying microservices. Products used: Cloud SQL, Cloud Trace, Google Kubernetes Engine (GKE) |
Jump Start Solution: Cloud SDK Client Library Interact with Google Cloud using the Google Cloud SDK Client Libraries to transform and query information. |
Jump Start Solution: Dynamic web application with Java Run a dynamic web application built using Java and deployed on Google Kubernetes Engine (GKE). |
Jump Start Solution: Dynamic web application with JavaScript Run a dynamic web application built using JavaScript and deployed on Cloud Run. |
Jump Start Solution: Dynamic web application with Python and JavaScript Run a dynamic web application built using Python and JavaScript and deployed on Cloud Run. |
Jump Start Solution: Ecommerce platform with serverless computing Run a containerized ecommerce application in a serverless environment using Cloud Run. |
Jump Start Solution: Ecommerce web app deployed on Kubernetes Run a microservices-based ecommerce application deployed on Google Kubernetes Engine (GKE) clusters. |
Jump Start Solution: Stateful app with zero downtime deployment on Compute Engine Use a blue-green deployment pattern to update a live app on Compute Engine VMs with minimal downtime. |
Jump Start Solution: Stateful app with zero downtime deployment on GKE Use a rolling-update deployment pattern to update a live app on Google Kubernetes Engine (GKE) with minimal downtime. |
Jump Start Solution: Three-tier web app Run a three-tier web app in a serverless environment using Cloud Run. |
Logging and monitoring on-premises resources with BindPlane Describes considerations and design patterns for using Cloud Logging, Cloud Monitoring, and BindPlane to provide logging and monitoring services for on-premises resources. Products used: Cloud Logging, Cloud Monitoring |
Migrate containers to Google Cloud: Migrate Kubernetes to GKE A series that helps you plan, design, and implement your migration from a self-managed Kubernetes environment to Google Kubernetes Engine (GKE). Products used: Google Kubernetes Engine (GKE) |
Helps you plan, design, and implement the process of migrating your application and infrastructure workloads to Google Cloud, including computing, database, and storage workloads. Products used: App Engine, Cloud Build, Cloud Data Fusion, Cloud Deployment Manager, Cloud Functions, Cloud Run, Cloud Storage, Container Registry, Data Catalog, Dataflow, Direct Peering, Google Kubernetes Engine (GKE), Transfer Appliance |
Migrating On-Premises Hadoop Infrastructure to Google Cloud Guidance on moving on-premises Hadoop workloads to Google Cloud... Products used: BigQuery, Cloud Storage, Dataproc |
MLOps: Continuous delivery and automation pipelines in machine learning Discusses techniques for implementing and automating continuous integration (CI), continuous delivery (CD), and continuous training (CT) for machine learning (ML) systems. |
Modernization path for .NET Framework applications on Google Cloud Looks at the common limitations of monolithic applications and describes a gradual yet structured process for modernizing them. Products used: Anthos, Cloud Run, Cloud SQL, Compute Engine, Google Kubernetes Engine (GKE), Migrate for Compute Engine |
Multi-architecture container images for IoT devices The first part of a series that discusses building an automated continuous integration (CI) pipeline to build multi-architecture container images on Google Cloud. |
NetApp Cloud Volumes Service for Google Cloud Describes the workflow for using NetApp Cloud Volumes Service, a fully managed, cloud-native data storage service that provides advanced data management capabilities and highly scalable performance. Products used: Compute Engine, Virtual Private Cloud |
Onboarding best practices for state, local, and education organizations Defines onboarding considerations and best practices for creating a Google Cloud and Google Workspace environment for state, local, and education (SLED) organizations, which often have unique IT needs compared to other enterprises. Products used: Cloud Billing, Google Workspace, Identity and Access Management |
Optimizing resource usage in a multi-tenant GKE cluster using node auto-provisioning How to use node auto-provisioning to scale a multi-tenant Google Kubernetes Engine (GKE) cluster, and how to use Workload Identity to control tenant access to resources like Cloud Storage buckets. Products used: Cloud Build, Cloud Storage, Google Kubernetes Engine (GKE) |
Overview of identity and access management Explores the general practice of identity and access management (generally referred to as IAM) and the individuals who are subject to it, including corporate identities, customer identities, and service identities. Products used: Cloud Identity, Identity and Access Management |
Patterns and practices for identity and access governance on Google Cloud There are a number of Google Cloud products and services that you can use to help your organization develop an approach for identity governance and access management for applications and workloads running on Google Cloud. This document is intended... Products used: Cloud Audit Logging, Google Groups, Identity and Access Management |
Patterns for automated compliance testing using Chef InSpec Patterns for automating policy and compliance checks for your Google Cloud resources using Chef InSpec. Products used: Anthos Config Management, Security Command Center |
Patterns for connecting other cloud service providers with Google Cloud Helps cloud architects and operations professionals decide how to connect Google Cloud with other cloud service providers (CSP) such as Amazon Web Services (AWS) and Microsoft Azure. Products used: Cloud Interconnect, Dedicated Interconnect, Partner Interconnect |
Patterns for scalable and resilient apps Introduces some patterns and practices for creating apps that are resilient and scalable, two essential goals of many modern architecture exercises. Products used: Cloud Load Balancing, Cloud Monitoring, Cloud SQL, Cloud Storage, Compute Engine |
Patterns for using Active Directory in a hybrid environment Requirements to consider when you deploy Active Directory to Google Cloud and helps you choose the right architecture. Products used: Cloud Identity |
PCI Data Security Standard compliance Shows how to implement the Payment Card Industry Data Security Standard (PCI DSS) for your business on Google Cloud. Products used: App Engine, BigQuery, Cloud Functions, Cloud Key Management Service, Cloud Logging, Cloud Monitoring, Cloud Storage, Compute Engine, Google Kubernetes Engine (GKE), Sensitive Data Protection, VPC Service Controls |
This guide is intended to help you address concerns unique to Google Kubernetes Engine (GKE) applications when you are implementing customer responsibilities for Payment Card Industry Data Security Standard (PCI DSS) requirements. Disclaimer: This... Products used: Google Cloud Armor, Google Kubernetes Engine (GKE), Sensitive Data Protection |
Performing a PITR of a PostgreSQL database on Compute Engine Create a demonstration database and run an application workload. Then, you configure the archive and backup processes. Next, you learn how to verify the backup, archive, and recovery processes. Products used: Cloud Storage, Compute Engine |
Reference architecture: Resource management with ServiceNow Provides architectural recommendations to integrate Google Cloud assets into ServiceNow discovery tools. Products used: Cloud Asset Inventory, Compute Engine |
Resource mappings from on-premises hardware to Google Cloud Shows how to find the right resource mappings from on-premises hardware to Google Cloud. Products used: Cloud Monitoring |
Scenarios for exporting Cloud Logging: Compliance requirements Shows how to export logs from Cloud Logging to Cloud Storage to meet your organization's compliance requirements. Products used: Cloud Audit Logs, Cloud Logging, Cloud Storage |
Security blueprint: PCI on GKE The PCI on GKE blueprint contains a set of Terraform configurations and scripts that demonstrate how to bootstrap a PCI environment in Google Cloud. The core of this blueprint is the Online Boutique application, where users can browse items, add them... Products used: Google Kubernetes Engine (GKE) |
Security log analytics in Google Cloud Shows how to collect, export, and analyze logs from Google Cloud to help you audit usage and detect threats to your data and workloads. Use the included threat detection queries for BigQuery or Chronicle, or bring your own SIEM. Products used: BigQuery, Cloud Logging, Compute Engine, Looker Studio |
Sending notifications for Google Cloud events Shows DevOps teams how to get notifications for important Google Cloud events pushed to their collaboration platforms, such as Google Chat, Slack, or Microsoft Teams. Products used: Cloud Functions, Cloud Logging, Cloud Pub/Sub |
Serverless web performance monitoring using Cloud Functions Describes how to create a web-performance-monitoring app using Google Cloud serverless technologies. Performance plays a major role in the success of any web app. Products used: Cloud Functions, Cloud Pub/Sub, Cloud Storage, Firestore |
Set up Chrome Remote Desktop for Linux on Compute Engine Shows you how to set up the Chrome Remote Desktop service on a Debian Linux virtual machine (VM) instance on Compute Engine. Chrome Remote Desktop allows you to remotely access applications with a graphical user interface. Products used: Compute Engine |
Set up Chrome Remote Desktop for Windows on Compute Engine Shows you how to set up the Chrome Remote Desktop service on a Microsoft Windows virtual machine (VM) instance on Compute Engine. Chrome Remote Desktop allows you to remotely access applications with a graphical user interface. Products used: Compute Engine |
Setting up a Pub/Sub proxy for mobile clients on GKE Shows you how to publish messages from mobile or client-side apps to Pub/Sub by using a proxy that handles authentication and authorization logic instead of client-side credentials. Products used: Cloud Build, Cloud Endpoints, Cloud Pub/Sub, Container Registry, Google Kubernetes Engine (GKE), Identity and Access Management |
Strategies to migrate IBM Db2 to Compute Engine Describes best practices for a homogeneous Db2 migration to Compute Engine. It is intended for those who are migrating Db2 environments to Google Cloud. Products used: Compute Engine |
Support your migration with Istio mesh expansion Describes an architecture that uses an Istio service mesh to migrate from a legacy environment to Google Kubernetes Engine (GKE). Products used: Google Kubernetes Engine (GKE) |
Tokenizing sensitive cardholder data for PCI DSS Shows how to set up an access-controlled credit and debit card tokenization service on Cloud Functions. Products used: Cloud Key Management Service, Firestore, Identity and Access Management |
Describes how to harden data transfers from Amazon Simple Storage Service (Amazon S3) to Cloud Storage using Storage Transfer Service with a VPC Service Controls perimeter. Products used: Access Context Manager, Cloud Storage, Storage Transfer Service, VPC Service Controls |
Twelve-factor app development on Google Cloud This document describes the popular twelve-factor app methodology and how to apply it when you develop apps that run on Google Cloud. If you use this methodology, you can make scalable and resilient apps that can be continuously deployed with maximum... Products used: App Engine, Cloud Functions, Cloud Source Repositories, Compute Engine, Container Registry, Google Kubernetes Engine (GKE) |
Use a CI/CD pipeline for data-processing workflows Describes how to set up a continuous integration/continuous deployment (CI/CD) pipeline for processing data by implementing CI/CD methods with managed products on Google Cloud. Products used: Cloud Build, Cloud Composer, Cloud Source Repositories, Cloud Storage, Compute Engine, Dataflow |
Shows how to use Apache Hive on Dataproc in an efficient and flexible way by storing Hive data in Cloud Storage and hosting the Hive metastore in a MySQL database on Cloud SQL. Products used: Cloud SQL, Cloud Storage, Dataproc |
Use distributed tracing to observe microservice latency Shows how to capture trace information on microservice applications using OpenTelemetry and Cloud Trace. Products used: Cloud Build, Cloud Trace, Compute Engine, Google Kubernetes Engine (GKE) |
Using Cloud SQL for MySQL Second Generation as a mobile game backend database A well-tested pattern for building an online game backend uses a relational database, such as MySQL. This database stores game world state and essential persistence data. For basic session-based games, the database holds nothing more complicated than... Products used: Cloud Pub/Sub, Cloud SQL, Compute Engine, Google Kubernetes Engine (GKE) |
Using Jenkins for distributed builds on Compute Engine Shows how to create a Jenkins continuous integration system to run your builds using on-demand Jenkins agents in Compute Engine, to store your build artifacts in Cloud Storage, and to apply a lifecycle policy to move older build artifacts in Cloud Storage to less expensive storage options. Products used: Cloud Storage, Compute Engine |
Using Memorystore for Redis as a game leaderboard Shows you how to use Memorystore for Redis to build an ASP.NET-based leaderboard application running on Google Kubernetes Engine (GKE), and then post and retrieve scores using a separate JavaScript-based sample game. Products used: Google Kubernetes Engine (GKE), Memorystore for Redis |
Using Microsoft SQL Server backups for point-in-time recovery on Compute Engine Perform backups on a Compute Engine SQL Server instance, including how to manage these backups and store them in Cloud Storage and how to restore a database to a point in time. Products used: Cloud Storage, Compute Engine |
How to host a website on Google Cloud. Google Cloud provides a robust, flexible, reliable, and scalable platform for serving websites. Products used: App Engine, Cloud Storage, Compute Engine, Google Kubernetes Engine (GKE) |