Skip to content

Storage

Cloud Storage

Good for Binary, non-structured data and object data such as images, media serving, backups.

  • Cloud Storage : a global, secure, and scalable object store for immutable data such as images, text... * * Objects are stored in containers called buckets.

  • Cloud Storage SketchNote.

  • CLI examples.

Cloud Storage has four storage classes :

  • Standard : Default class.
  • Nearline : Minimum storage duration 30 days.
  • Coldline : Minimum storage duration 90 days.
  • Archive : Minimum storage duration 365 days, read < 1 per year.

Caution

Bucket name must be UNIQUE across all GCP organizations.
You cannot change bucket location type after creation.

Access Control

IAM , ACL , Signed Policy Document, Signed URLs : Can be used together to control access.

You can use IAM for the project to control which individual users or SA can see the bucket.
For most purposes Cloud IAM is sufficient BUT ACLs offer finer control for even more detailed control.

ACL is a mechanisms used to define who has access to your buckets and objects, as well as what the level of access to have.
The maximum number of ACL entries you can create for a bucket or object is 100.
With ACL you can give access to a specific user, all authenficated users or public access.

  • given.user@gmail.com.
  • allAuthenticatedUsers.
  • allUsers # to make public.

A signed policy document further refines the control by determining what file can be uploaded
by someone with a signed URL( signed and Timed Cryptographic Key).

For some applications it is easier and more efficient to grant limited time access tokens that can be used by any user
instead of using account based authentication for controlling resource access.

Signed URLs allow you to do this for cloud storage. You create a URL, the grants read or write access to a specific cloud storage resource, and specifies when this access expires.
Example using private account key and gsutil: gsutil signurl -d 10m path/to/privatekey.p12 gs://bucket/object/

Filestore

Cloud Filestore is a fully managed network storage(NAS) of Compute Engine and GKE.

Good for Network Attached Storage(NAS) such as Latency, Sensitive workloads.
Can easily grow or shrink instance as needed.

Persistent Disk

Persistent disks are durable Network Storage devices that your VMs can access like physical disks in a desktop or a server.
The data on each persistent disk is distributed across several physical disks.

During instance creation, you can attach up to 127 secondary non-boot zonal persistent disks.
The maximum attached capacity for persistent disks is 257 TB per instance.

The persistent disk can be zonal or regional.

Resize a disk

You can increase the disk size at any time, whether or not the disk is attached to a running VM. You cannot decrease the size of a persistent disk.

Share a disk between VM

You can attach a non-boot persistent disk to more than one VM in read-only mode, which lets you share static data between multiple VM.
You can attach an SSD persistent disk in multi-writer mode to up to two N2 VM instances simultaneously so that both VMs can read and write to the disk.