SkarpSkarp

Chapter 2 of 26

Google Cloud Fundamentals: Architecture, Regions, and Core Services

Before you configure projects or spin up VMs, get oriented to Google Cloud’s global infrastructure and how core services fit together in real-world solutions.

27 min readen

Big Picture: Google Cloud Architecture and the Exam

Why This Module Matters

Before you launch your first VM or container, you need a mental map of how Google Cloud is built and how core services fit together. This is foundational for projects and the Associate Cloud Engineer exam.

What You Will Learn

You will learn: how regions, zones, and multi-regional services work; how projects and the resource hierarchy are structured; when to choose each core compute and data service; and how to use Console, Cloud Shell, and `gcloud`.

A Running Scenario

We will use a startup web app scenario: frontend, API, database, analytics, and management. Each new concept will connect to this scenario so it is easier to remember and apply on exam questions.

How To Study This

Focus on patterns, not memorizing every service: where does it run (region, zone, multi-region)? Is it serverless or VM-based? Is it for transactions, files, or analytics? This is how the exam frames questions.

Global Infrastructure: Regions, Zones, and Multi-Regional Services

Regions

A region is a specific geographic area, like `us-central1` or `europe-west1`. You pick a region for most compute and data so you can control latency and meet data residency or compliance needs.

Zones

A zone is an isolated deployment of infrastructure within a region, like `us-central1-a`. Multiple zones in a region are connected with fast links but are isolated enough to limit failure impact.

Multi-Regional and Global

Some services or storage locations span multiple regions (dual-region, multi-region) or are global. This boosts availability and durability but can change latency and cost trade-offs.

Exam Patterns

Exam phrases like "high availability in one region" usually mean using multiple zones. "Disaster recovery across continents" hints at multiple regions or multi-regional services.

Choosing Locations: Three Mini Scenarios

Scenario 1: HA in One Region

EU web app needs to stay up if one data center fails. Use region `europe-west1`, a regional MIG or regional GKE cluster across zones like `b` and `c`, plus regional Cloud SQL.

Scenario 2: Global Static Content

Global marketing assets: store in Cloud Storage `US` multi-region, fronted by a global HTTP(S) Load Balancer with Cloud CDN to improve latency and availability.

Scenario 3: EU Data Residency

Financial data for EU customers: keep compute and Cloud SQL in an EU region like `europe-west1`, and use Cloud Storage with `eu` multi-region or EU-only regional locations.

Availability vs Compliance

Ask: which choices provide high availability (multi-zone, multi-region) and which satisfy latency or compliance (specific region or multi-region like `eu`)?

Projects and Resource Hierarchy: Where Everything Lives

The Resource Hierarchy

Google Cloud organizes resources in a hierarchy: Organization at the top, optional folders, then projects, and finally individual resources like VMs and buckets at the bottom.

Projects Are the Core Container

Projects are where you enable APIs, attach billing, set many IAM policies, and create resources. Every VM, bucket, or SQL instance must belong to exactly one project.

Why It Matters for Engineers

An Associate Cloud Engineer often works across multiple projects, deploying and securing resources and monitoring operations. You must always know which project you are operating in.

Startup Example Hierarchy

Org: `startup.com`. Folders: `prod`, `non-prod`. Projects: `webapp-prod`, `webapp-dev`, `data-analytics`. Resources like GKE clusters and BigQuery datasets live inside these projects.

Core Compute Services: Compute Engine, GKE, Cloud Run, Cloud Functions

Compute Engine

Compute Engine provides virtual machines where you manage the OS and software. Use it when you need full control, custom runtimes, or long-running workloads. Supports autoscaling via managed instance groups.

GKE

Google Kubernetes Engine runs your containers on managed Kubernetes clusters. You manage deployments and services; Google manages the control plane. Ideal for microservices and teams already using Kubernetes.

Cloud Run

Cloud Run runs your stateless containers serverlessly. You give it a container image; it scales from zero based on traffic and exposes HTTPS endpoints. Great for APIs and web services with minimal ops work.

Cloud Functions

Cloud Functions runs event-driven functions. You write small pieces of code that react to HTTP requests, Pub/Sub messages, or Cloud Storage events. Perfect for glue logic and small automation tasks.

Compute Choice: Match Workloads to Services

Workload A: Legacy App

Legacy Java app with custom OS dependencies and long-running threads fits best on Compute Engine, where you control the OS and can use managed instance groups for scaling.

Workload B: Microservices

Microservices with multiple containers per service and existing Kubernetes configs fit best on GKE, which provides full Kubernetes APIs with a managed control plane.

Workload C: Spiky HTTP API

A stateless, containerized HTTP API with unpredictable traffic fits Cloud Run, which scales from zero, manages infrastructure, and bills per use.

Workload D: Event-Driven Tasks

Simple logic triggered by events like Cloud Storage uploads fits Cloud Functions. It is event-driven and serverless, ideal for glue code and automation.

Core Data Services: Cloud Storage, Cloud SQL, BigQuery

Cloud Storage

Cloud Storage is object storage for files like images, videos, logs, and backups. Data lives in buckets with regional or multi-regional locations and supports lifecycle rules for tiering and deletion.

Cloud SQL

Cloud SQL provides managed MySQL, PostgreSQL, and SQL Server. It is ideal for transactional app data that needs ACID properties, such as users, orders, and configuration tables.

BigQuery

BigQuery is a serverless data warehouse for analytics. It runs SQL queries over massive datasets, with storage and compute billed separately. Great for reporting and BI workloads.

Choosing the Right Store

App transactions? Use Cloud SQL. Large files or logs? Use Cloud Storage. Large-scale analytics across many rows? Use BigQuery. Many real solutions combine all three.

Quick Matching Exercise: Data and Compute Choices

Match Data Workloads

Match each requirement to Cloud Storage, Cloud SQL, or BigQuery. 1) Long-term JSON logs with occasional analysis. 2) Customer orders with transactional updates. 3) Monthly reports over billions of events.

Data Matching Answers

Answers: 1 → Cloud Storage (plus BigQuery for analysis). 2 → Cloud SQL (transactions). 3 → BigQuery (analytics). Note how each maps to files, transactions, or analytics.

Match Compute Workloads

Match each requirement to Compute Engine, GKE, Cloud Run, or Cloud Functions: 1) Simple HTTP API in a container with idle periods. 2) Windows legacy app. 3) Many microservices on Kubernetes. 4) Code on file upload.

Compute Matching Answers

Answers: 1 → Cloud Run. 2 → Compute Engine. 3 → GKE. 4 → Cloud Functions. Focus on control vs convenience and whether the workload is event-driven.

Management Tools: Console, Cloud Shell, and gcloud CLI

Google Cloud Console

The Console is a web UI to manage resources, view logs, and configure settings. It is ideal for visual exploration, quick changes, and understanding the resource hierarchy.

Cloud Shell

Cloud Shell is a browser-based Linux shell running in a Google-managed VM. It comes with `gcloud`, `kubectl`, and more, pre-authenticated to your account and project.

gcloud CLI

The `gcloud` CLI lets you manage resources from the command line. You use it to create VMs, set the active project, manage IAM, and script deployments.

Choosing a Tool

Use Console for navigation and visualization, Cloud Shell for quick authenticated terminal access, and `gcloud` for repeatable commands and automation. Cloud Shell avoids local installs.

Hands-On Taste: Using Cloud Shell and gcloud

You do not need to run these commands now, but reading and understanding them will help you in labs and on the exam.

Below is a mini walk-through using Cloud Shell and `gcloud` to set a project, list compute zones, and create a VM.

```bash

1. Set your active project

Replace YOURPROJECTID with an actual project ID

gcloud config set project YOURPROJECTID

2. List available zones in a region (for example, us-central1)

gcloud compute zones list --filter="region:(us-central1)"

3. Create a small VM in a specific zone

gcloud compute instances create demo-vm-1 \

--zone=us-central1-a \

--machine-type=e2-micro \

--image-family=debian-12 \

--image-project=debian-cloud

4. List VMs in the project

gcloud compute instances list

```

Key ideas to notice:

  • `gcloud config set project` controls which project your commands affect. Always confirm this on the exam.
  • Zone selection (`--zone=us-central1-a`) directly ties your VM to a zone within a region.
  • Machine type and image determine the VM's resources and OS.

Thought exercise: if you wanted higher availability for this VM-based workload, what would you change? Hint: instead of a single VM, you might create a managed instance group across multiple zones in the same region.

Quiz 1: Regions, Zones, and Services

Test your understanding of locations and core services.

Your company needs a highly available web application for users in Asia, and it must keep running if a single zone fails. Which design is MOST appropriate?

  1. Deploy a single Compute Engine VM in asia-southeast1-a and take daily snapshots.
  2. Deploy a managed instance group across two zones in asia-southeast1 and place a regional Cloud SQL instance in asia-southeast1.
  3. Deploy Cloud Run services in asia-southeast1 and store data in a multi-region Cloud Storage bucket with location set to US.
  4. Deploy two standalone VMs: one in asia-southeast1-a and one in us-central1-a, using a global HTTP load balancer.
Show Answer

Answer: B) Deploy a managed instance group across two zones in asia-southeast1 and place a regional Cloud SQL instance in asia-southeast1.

The requirement is high availability within a region (survive a single zone failure) for Asian users. A managed instance group across multiple zones in asia-southeast1 plus a regional Cloud SQL instance in the same region meets this. A single VM is a single point of failure. Using US multi-region storage moves data far from Asian users. Splitting VMs across asia and us-central1 adds latency and does not provide zonal redundancy within a single region.

Quiz 2: Compute and Data Service Selection

Check your ability to choose the right core service.

You are building an event-driven image processing pipeline. When a user uploads a photo to a Cloud Storage bucket, you need to generate thumbnails and store metadata in a relational database. You want minimal infrastructure management. Which combination is MOST appropriate?

  1. Compute Engine VMs running a custom daemon that polls the bucket, plus Cloud SQL.
  2. Cloud Functions triggered by Cloud Storage events, plus Cloud SQL.
  3. GKE cluster running a deployment that watches the bucket, plus BigQuery.
  4. Cloud Run service exposed via HTTP, plus Cloud Storage only.
Show Answer

Answer: B) Cloud Functions triggered by Cloud Storage events, plus Cloud SQL.

The workload is event-driven on file upload and you want minimal infrastructure management. Cloud Functions integrates directly with Cloud Storage triggers and is serverless, matching the requirement. Cloud SQL handles the relational metadata. Polling from VMs or a GKE cluster adds unnecessary ops overhead. BigQuery is not a relational transactional store, and Cloud Run would require you to wire up Pub/Sub or HTTP triggers manually.

Key Term Flashcards: Core Concepts

Flip through these mental flashcards to reinforce core terms before moving on.

Region
A specific geographic area, such as us-central1 or europe-west1, where you can run resources and store data. Regions contain one or more zones.
Zone
An isolated deployment of infrastructure within a region, such as us-central1-a. Multiple zones in a region provide higher availability when used together.
Project
A core container in Google Cloud that holds resources, APIs, IAM policies, and billing configuration. Every resource belongs to exactly one project.
Compute Engine
Google Cloud's virtual machine service, giving you OS-level control and the ability to run custom software, with features like managed instance groups.
Google Kubernetes Engine (GKE)
A managed Kubernetes service where Google manages the control plane and you run containerized workloads using Kubernetes APIs.
Cloud Run
A fully managed compute platform that runs stateless containers, automatically scaling based on HTTP requests or events and scaling to zero when idle.
Cloud Functions
A serverless, event-driven compute service where you run small pieces of code triggered by events such as HTTP requests or Cloud Storage changes.
Cloud Storage
Google Cloud's object storage service for unstructured data like files, images, and backups, using buckets with regional or multi-regional locations.
Cloud SQL
A managed relational database service supporting MySQL, PostgreSQL, and SQL Server, suitable for transactional application data.
BigQuery
A serverless, highly scalable data warehouse designed for running analytical SQL queries over large datasets, with separate storage and compute billing.
Google Cloud Console
The web-based user interface for managing Google Cloud resources, viewing logs, and configuring settings across projects.
Cloud Shell
A browser-based shell environment running in a Google-managed VM, preloaded with tools like the gcloud CLI and authenticated to your account.

Putting It Together and Next Steps in Your Path

What You Now Know

You have a mental map of regions, zones, and multi-regions; the resource hierarchy; core compute and data services; and the main management tools: Console, Cloud Shell, and `gcloud`.

From Concepts to Architectures

You can now sketch an architecture with Cloud Run or GKE for APIs, Cloud SQL for transactions, Cloud Storage for files, and BigQuery for analytics, all in an appropriate region.

Exam Connection

These ideas feed into many exam tasks: picking regions and zones, matching workloads to services, and safely using `gcloud` in the correct project.

Your Next Moves

Next in this Skarp path: take the diagnostic, then a mock exam to pressure-test these concepts. Weak topics will surface in your spaced review and gap guide for deeper practice.

Key Terms

Zone
An isolated deployment of infrastructure within a region, such as us-central1-a. Multiple zones in a region provide higher availability when used together.
Region
A specific geographic area, such as us-central1 or europe-west1, where you can run resources and store data. Regions contain one or more zones.
Project
A core container in Google Cloud that holds resources, APIs, IAM policies, and billing configuration. Every resource belongs to exactly one project.
BigQuery
A serverless, highly scalable data warehouse designed for running analytical SQL queries over large datasets, with separate storage and compute billing.
Cloud Run
A fully managed compute platform that runs stateless containers, automatically scaling based on HTTP requests or events and scaling to zero when idle.
Cloud SQL
A managed relational database service supporting MySQL, PostgreSQL, and SQL Server, suitable for transactional application data.
gcloud CLI
A command-line tool that lets you manage Google Cloud resources by running commands to create, configure, and monitor services from a terminal.
Cloud Shell
A browser-based shell environment running in a Google-managed VM, preloaded with tools like the gcloud CLI and authenticated to your account.
Cloud Storage
Google Cloud's object storage service for unstructured data like files, images, and backups, using buckets with regional or multi-regional locations.
Compute Engine
Google Cloud's virtual machine service, giving you OS-level control and the ability to run custom software, with features like managed instance groups.
Cloud Functions
A serverless, event-driven compute service where you run small pieces of code triggered by events such as HTTP requests or Cloud Storage changes.
Google Cloud Console
The web-based user interface for managing Google Cloud resources, viewing logs, and configuring settings across projects.
Associate Cloud Engineer
An Associate Cloud Engineer deploys and secures applications, services, and infrastructure, monitors operations of multiple projects, and maintains enterprise solutions to ensure that they meet target performance metrics.
Google Kubernetes Engine (GKE)
A managed Kubernetes service where Google manages the control plane and you run containerized workloads using Kubernetes APIs.

Finished reading?

Test your understanding with a custom practice exam on this chapter.

Test yourself