Hands-on Keynote: Building trust for speedy innovation

Hi, I'm Armour. I need developer relations, Google Cloud relations. You might ask. We are Engineers, who love talking to people or hands on that includes developers. Operators Engineers data scientist, any technical practitioner? Who makes the information? Technology world? Go round. We are constantly inspired by and in all of what you do. We succeed by supporting you along the journey to immortalize, your applications and innovate ever since Google Cloud started working with you.

We learned a lot about the challenges of building and operating Enterprise workloads. While also dealing with the business imperative too costly anyway, for instance, we see teams struggling with these four problem areas, they're constantly occupied with lots of non productive and in many cases, Reinventing the wheel for things that have you figured out many times over Second, the businesses are afraid of frequently updating, their high-value were closed due to stability and security concerns, which significantly hinders the rate of

innovation, struggle, to keep up with all the men dates, and all compliance, all the things that curity availability you name it. And forth. It's almost impossible to write applications once and have them run anywhere, whether that be on premises in the clouds or at the edge. And as you know, this isn't about whether you're in the middle of you have made the transition to the cloud already but you still Tasty China. We want to help you significantly accelerate the speed with, which you solve create and innovate. We do this in three ways. We think it's important

to automate as much as possible. This means eliminating, repeatable tasks in pursuit of important objectives. Such as secure by default monitoring by default and Attica stink, and continuous integration and delivery. In other words that stop Reinventing the wheel, Seconds. We want to increase your productivity. We know that everyone comes from different backgrounds and works in different environments with different tools. We Embrace this diversity by supporting your favorite open source, Frameworks and enterprise software applications. And we do this as you see

in this talk, not just on the infrastructure sign with efforts, like over Nancy's, but also for developers by supporting code. Editor is like in Ellijay and visual studio code. Search you need portability options for where you were close one. Our goal is to enable you to my two applications once than have them anywhere with minimal to no coaching. Why is prosperity carrying over all the security governance and observability requirements? To demonstrate how Google Cloud helps you with all of this microlux. And I will highlight the key parts of a journey from

migration to innovation. We would use a sample of financial application that we called them. Go back a traditional to 2 year business application that simulates the bank. It's already been migrated from virtual machines two containers running in Google Cloud. What's next in the Malaysian Journey for demo Bank? Let's talk to my colleague, Megan and develop relations engineer for and also to find out. Hi Megan. Great to see you. Would you like some absolutely you go?

Thank you. Let's take a look at how demo bank is running in containers on antos. I'm starting in the Google frog console where I've deployed the app onto a coverlet. He's engine cluster in my project, I actually have multiple customers running for development staging and production loss of cluster running an AWS which I registered to the empress dashboard. This AWS cluster is running some Legacy workloads that we're trying to migrate into Google. But for now, we can see the status of that cluster in the end of stash bored. Let's take a look at the production clusters to see what's

running demo. Bank is a two-tier web app with the front end and to back in one back and has written and pythons the other in Java, the back ends are monolithic each with an embedded sequel, database as someone who works with Bob from administrators. A lot, something I really like about antos is the observability. You get right out of the box. Let's navigate to anthis service mesh to check it out. When I'm, I going to demo Bank from virtual machines, two containers running on antos. Each workload hear the front end. The account service house and the service mesh enabled tracks, all the

requests flowing through the app and generates metrics like request throughput and latency. I didn't talk to refactor to work. Loads to get these metrics, it all just works, and the result is that I can see a live Network topology diagram of the application at runtime. So as an admin, or a platform engineer, the answers dashboard is like my co-pilot showing me. What's happening with the app from this dashboard. I can also dial into one of these services to be metrics and service. Help from there, I can set up service level objectives or a solos to ensure that the op is meeting any

required thresholds for availability and performance. Cancel service matches also integrated into Google Cloud monitoring. So I can create a single dashboard to see all the metrics relevant to the application, from the app, code level to database metrics all the way down to the underlying infrastructure because I just migrated to sap from the ends two containers Vista. Sports are really useful and will help me figure out how the right size. My work loads into appropriate, resources request over all existing workflows into an. Tha's helps me gain visibility at all levels of the staff

at you later on her. However, this is not the end of the Malaysian Journey, organization is a continuous journey to improve your ability to deliver quality solution, easier faster and more security officer. Do migration to anthos demo bank is now more secure available unresponsive. But next, they need to accelerate the rate with which they deliver improvements and Innovations to meet the ever-increasing customer expectations. Interface demo Bank wants to expand its online capabilities and serve more lines of business.

to do this, we can adopt a microservices, architecture versus Duty are so that we can skip out and feature teams can own Individual Services to list more quickly as the Quizlet To help with this mobilization Journey. Google Cloud provides end-to-end development tuning which allows you to focus on your business logic and automation takes care of filling in the rest for you. Furthermore, you can integrate more quickly with the confidence of knowing that automated will detect production issues early for you. Let's not talk to Daniel a software engineer working on Spring boot Integrations

for go plow and see how we can quickly develop and you microservice using tools that you are already familiar with he Daniel we can't hear you. Try this might thank you, Robert. Should modernize our application. Let's driver factoring the authentication features of demo. Bang to a separate microservice. This area per app has experienced a lot of growth and increased traffic. Normally this task would be complexed. We're going to take advantage of a variety of Google Cloud

managed services for less maintenance and better availability, and also use various tools to make use of cloud. Much easier for the new microservice, we will use cloud sequel for a database. And will configure it for high availability with the click of a button next. Let's start running some coat. Our development team uses Java and prefers the spring boot framework. Will create a spring boot service from start. Spring. I owe to generate some starter code for this project select gcp support as a dependency which allows us to easily integrate with Google cloud services. Now, as we were able

to just focus on the business logic, there will be some points where we can leverage more cloud services. In addition to the database. For example, use a private key to encrypt authentication tokens previously. This key was stored in an on-premises Secret store like hashicorp vault, Google Cloud. You can continue to use Vault if you need to before this damnable switch to Google secret manager, which is a secure way of storing secrets on the cloud. So you don't have to manage the infrastructure yourself. We can use spring Cloud gcp. Libraries to access the secret through the applications

configuration, without any extra coat spring cloud gcp is one of the many libraries and schools maintained by Google in partnership with the open source Community. Also as part of the modernization effort will Trace service calls have centralized logging and generate custom metric using spring Cloud gcp. All of these features can be added to your app to configuration a lot to. This is the big idea, we don't have to write any extra code to do all this. And with minimal configuration, you can now see in application traces, in the cloud trace and clicking show, Lost will show you the logs

associated with each request. You can also see jvm and application-level metrics exported the cloud monitoring and explore them in a dashboard. Now, because our application has no custom code to access. Google cloud services. It's portable across hybrid environments. If you need to deploy the same application on premises, simply change the configuration without modifying the coat and similarly and on-premises application can easily adopt Google cloud services through just configuration everything before you ship it for class sequel to start. The post stress sequel instance, with data for

testing, we can use a third-party open source project call testcontainers. Now, the database container is automatically started. When we run in integration tests for cloud, databases such as firestore Cloud spinner, you can use our local emulators will use it. Another alternative is a bill pack which can achieve a similar these tools, let you use best practices without needing feet expertise, and container tools. Let's also run a application locally to test that. I can easily do this with the cloud code extension in either

IntelliJ, orvius code, ID and launch the entire stack and Minnie chew. So I can see everything working end-to-end on my local machine if I make it. What is the code now? Clock automatically redeploy. My changes into the local environment. All right. Everything looks good. I'm ready to checking the code and see how gets pushed the production back to you on her. Thanks Daniel, that was awesome. As Daniel showed you Google Cloud provides comprehensive end-to-end development to link, namely IDE extensions Integrations, with widely used Frameworks and 40 - plow services. This

significantly accelerate your productivity so we can realize the true potential of application modernization while using skills and tools you already know and have. So, what's next? It looks like we're ready to Floyd Daniels, new service into our antos. Environment is here to help you with that. As we increase the number of demo Bank Services, it's important that we built consistent and Automation in our processes. This is word continuous integration and deployment commonly known as the ICD comes in. Vit D helps you to quickly confidently and safely roll out

updates for many services in Terrell. This means you can innovate with lower risk and our velocity. Let's bring Megan back to show you how blue clown supports you to release new services in a secure and low-risk way. Hi, Megan. Before you start have some more coffee. Thank you. Are Now, let's take a look at Daniel's pull request in the demo Bank. Repository, the repo use GitHub actions for continuous integration here on Daniels Branch. We have integration and functional test, running to make sure that Daniels code changes are

compatible with the other demo bank. If your eyes once I review Daniels code, I can go ahead and hit merge. Doing this will automatically trigger a release pipeline running in Google Cloud. Build this pipeline built the demo bag container images. Then uses binary authorization to sign all the images. This help us ensure that any container image deployed to gka is safe. Once this pipeline complete, another Cloud Bill pipeline starts up. This is our continuous deployment pipeline, which takes the released appointment manifest configured with the new image tags and the Flies it to the

production tku Koster. Then from our development stock Channel Club. They'll send us a notification that the new service has successfully deployed now that the containers running I can control how traffic gets sent to this new service. To ensure a safe rolled up because the existing account service is still serving request. I'm going to keep it running in the cluster for now, but I can use service mesh to rewrite a cheapy request from the account service, monolith to the new user service with no code changes. And on top of that sends only a small percentage of that traffic to Daniel's user

service. Then I can return to the answering service, best dashboard to be metrics for how the user service is faring in production. Then incrementally sends more traffic to it. Once I know it's healthy, I can even take it a step further and configure security policies. For this new service management is a tool that allows you to push policy configuration to a get repository and automatically think those policies down to your clusters. This can help you apply or Glide policies across many services at once. Because we're dealing with a banking application data, security is really important. The one

thing I can do is create a policy to encrypt all HTTP traffic across all the demo Bank were close once and it stinks. This policy from get, I can return to the service mesh dashboard to see the encryption status for all of our services. Here I can now see that traffic to Daniel's new user service is encrypted with mutual TLS authentication. So that's how I use Google Cloud to put a new service into production on Anthem, over to you armor. Thanks Meghan for showing us the CI CD process for demo Bank services. I think this is super cool for several reasons.

First, it's really compelling. How safety and risk reduction are top-of-mind throughout the. Entire release process will ensure the safety of the deployment itself, its ability to serve traffic without errors and the eccentricity of the release artifact. Through binary authorization Second notice how the automation supported by Cloud, build GitHub actions and and those policies helped build a safety. automation with uses human input, which in turn reduces the possibility of human error, code

changes several times per day, confident, that for instance, use a bit encryption will automatically be maintained A very key point. This entire talk is that safety speed up Innovation and increases room for creativity. Now that we're here, we are in a good position to take advantage of more. What will Cloud offers in this case? Let's see what machine learning can do for our financial services workload. Let's call Sarah. Hummer having her application and data in Google Cloud allows us to easily tap into other parts of our platform

in are at finding a way to flag. Fraudulent transactions, quickly will save everyone a lot of time and money. Machine learning is a great fit for this all. You've been crying automl tables and a iPod for notebooks to build our solution and I'll explain ability to understand how our model is making predictions as a data scientist. I'd like to do my data preprocessing for the notebook environment where I can interact directly with the inquiry data, I'll do this with Claudia were using a publicly-available, big create a set of credit card, transactions to train our model for each

transaction. We have data on the time amount and a few other variables. We see that the original date is that heavily imbalance which could negatively affect the quality of our model is reduced and balance. I'm using a technique called downsampling to take all of the examples for minority class fraud and random sample of While still maintaining a diverse sample of the nonprofit data. Next, I am saving updated it that to a new bakery table. This data is now ready to be sent to a lot to build train and a player model Ollie's Auto Mall tables. It'll let me do all of these

things without writing any model code with Auto Mall tables, I can train and I'll model it while keeping my data and big bright. When I pressed train, automl picture of transforming our data into the correct format and finding the best model type for our top Fortune. Italy. Auto now has some optimization methods to handle the remaining data and balance. After down. Sampling here, I'm choosing to optimize. Our models performance on are less common class during training now that are models train. Let's look at some of valuation metrics. The confusion Matrix tells us the percentage from

each class that are model predicted correctly. This model reach 86% accuracy with no false positives on are frogs last, which is looking pretty good rather than writing our own algorithm of hard-coded rules for Fraudulent transactions. We built a model to do this by finding patterns in our data. Even with a high-quality model, it's important to understand what letter model to predict fraud through the explainable. AI integration with automl tables. We can see which features our model is relying on most to make a prediction. I can now play my model with one click. Then I can get

predictions in the uir with the automobile production API. Let's try it out will make a transaction with this credit card and see if our model flagged it as fraud was like, this is not a real. Oh wait this is a banking demo. Not a baking demo. Let's go back to the code. I'm making a request to the auto email tables prediction API for my notebook, to get a test prediction on our model with feature attribution. An API response, we get the models prediction, any instance level attribution values indicating which features are model relied on most. Make this

prediction for my notebook sentence. I can create a new version of the day and even programmatically. Kick-off model retraining, let's bring our model for more time and see if automl, is able to create a better model. In addition to testing are deployed model from The Notebook. We also want to get predictions my whether we want to keep the clients of simple and handle, calling the model and parting the prediction response on the server, I'll take the python code that calls are deployed model and put it in Cloud. Run, Cloud run. Let's make a code in any language and deploy in a scalable

container environment without worrying about infrastructure management. With two commands, I can deploy the container to Cloud run that. It's triggered whenever a transaction is made for my banking app. Are we under a tan are python coding model? We can also make use of cloud runs traffic, splitting feature to serve new versions of our service to a small percentage of users. To test out my cloud. Run service. I'm making a curler Quest. Do it here. Although the service is employed, I'm only charged for the time is being used in. Squadron, supports auto-scaling by default. This means

it'll Skelton zero when there are no requests and just like that from data, preprocessing, and big parade to deployed autonauts, tables model, B, built-in end and fraud detection solution. With the rights. Will machine learning really is a piece of cake. Would you like some Hummer? Thanks Tara. That looks delicious. I can't wait to taste it. That was very impressive. We just so house on applied for the affection to our financial services to natter, you use any tools, she already knows, I believe that every industry could innovate around the kind of cows kill data

analytics and machine learning easily available to go to the engineers an animist. Also stepping back as Meghan and Daniel showed you, we are bringing to death and apps and integrated set of automated capabilities. That represent the best of what we've learned about. Code were closed and tooling over many years while developing our own can scale consumer services. The end result is that we make you as productive as possible while improving the quality of your store and enabling faster and safer release rates. We bring this to you through your favorite

open source on third-party Frameworks, Enterprise applications, tools and languages meeting you where you are. So you can start building immediately with the skills and called you already. Have you saw Megan use mpow SoundCloud build to deploy and operate containerized applications in a safe to take them away, which means developers can focus more on the application. Logic, rest of the infrastructure allowing them to retreat at a faster rate. You're So Daniel, you spring Boot and Springtown gcp to set up tracing logging and monitoring with only complication changes. This also means that

your code is portable to any provider on premises or the edge. And you feel sorrow. Go from raw data to explain deployed, automl model old without moving data. From this query, this means you can train high-quality models with less code, allow you to focus on improving the predictions and getting them faster to your end users. Is there more we have the group house too? Because some program which allows you to specialize in our products in an industry organized way. We also have our YouTube channel blogs and online tutorial Ultra by many of our engineers at Google.

Whether you are already using Google cloud or just starting, I hope we have inspired you on your application organization and the power of innovation Journey. We are so excited to be working with you. Let's get solve it. Now, I can finally enjoy this, all started delicious cake. How do I get to spend with you? Make my life easier. The Run only Take 5 minutes to find my solution. To Floyd Data product was not only having all the applications that I needed but it was extremely easy to find up a tank in the clouds within a few seconds. And it took

me two whole days to get everything up and running. Now. When I move to Google to Beanie Boos acting is just took me 2 minutes. I really do love you so we see that you become focused in it. What you want to do, I put my email. If you have to play everything from spread, These people are so broken.