Google Cloud Labs Walkthrough Collection

This walkthrough documents a series of Google Cloud labs that systematically build proficiency across core GCP services. The progression follows a predetermined learning path from development environment setup through advanced messaging patterns, providing multiple implementation approaches for each service.

Lab 1: Set Up an App Dev Environment on Google Cloud

Establishing a robust development environment is crucial for productive cloud development. This lab configures Google Cloud’s integrated development tools to create a seamless coding and deployment experience.

Implementation Process

Environment Activation:

1. Access Cloud Shell from the Google Cloud Console
2. Verify pre-installed development tools and configurations
3. Initialise the workspace with project-specific settings

Repository Integration:

# Clone sample application repository
git clone https://github.com/GoogleCloudPlatform/training-data-analyst.git
cd training-data-analyst/courses/developingapps/demos

API Service Enablement:

# Enable essential development APIs
gcloud services enable cloudbuild.googleapis.com
gcloud services enable run.googleapis.com
gcloud services enable artifactregistry.googleapis.com

Development Tools Configuration:

• Launch Cloud Shell Editor for integrated code editing
• Configure Cloud Code extensions for enhanced debugging capabilities
• Establish Cloud Source Repositories for version control integration

Insights

Cloud Shell provides a consistent, fully-configured development environment that eliminates local setup complexity while maintaining enterprise-grade security and performance. The integrated toolchain supports modern development practices including continuous integration and containerised deployments (CI/CD).

Lab 2: Cloud Storage Quickstart - Cloud Console

Object storage forms the foundation of most cloud applications. This lab explores Google Cloud Storage through the web interface, establishing fundamental concepts for data management and access control.

Implementation Process

Bucket Creation and Configuration:

1. Navigate to Cloud Storage > Buckets
2. Create bucket with globally unique name: [PROJECT-ID]-demo-bucket
3. Configure storage class and location based on access patterns
4. Apply appropriate lifecycle policies for cost optimisation

Object Management Operations:

1. Upload sample files through the console interface
2. Configure object-level permissions and metadata
3. Test public access and download functionality
4. Implement folder structures for organisational clarity

Access Control Implementation:

• Configure bucket-level IAM policies
• Apply object-level access control lists (ACLs)
• Test anonymous access patterns for public content

Insights

The console interface provides visibility into storage operations and cost implications. Understanding the relationship between storage classes, regional placement, and access patterns is critical for optimising both performance and costs in production environments.

Lab 3: Cloud Storage Quickstart - CLI/SDK

Command-line access to Cloud Storage enables automation and integration with development workflows. This lab demonstrates programmatic storage management using gsutil and the Cloud SDK.

Implementation Process

CLI-Based Bucket Operations:

# Create bucket with specific configuration
gsutil mb -c STANDARD -l us-central1 gs://$DEVSHELL_PROJECT_ID-cli-demo

# Upload files with metadata
echo "Sample content for CLI demonstration" > demo-file.txt
gsutil cp demo-file.txt gs://$DEVSHELL_PROJECT_ID-cli-demo/

Access Control Management:

# Configure bucket-level permissions
gsutil iam ch allUsers:objectViewer gs://$DEVSHELL_PROJECT_ID-cli-demo

# Set object-specific ACLs
gsutil acl ch -u AllUsers:R gs://$DEVSHELL_PROJECT_ID-cli-demo/demo-file.txt

Advanced Operations:

# Synchronise local directory with bucket
gsutil -m rsync -r ./local-folder gs://$DEVSHELL_PROJECT_ID-cli-demo/folder/

# Configure CORS for web applications
gsutil cors set cors-config.json gs://$DEVSHELL_PROJECT_ID-cli-demo

Insights

CLI-based storage management enables Infrastructure as Code practices and seamless integration with CI/CD pipelines. The gsutil tool provides powerful features for bulk operations, synchronisation, and advanced configuration that are essential for production workloads.

Lab 4: Cloud IAM Quickstart

Identity and Access Management forms the security foundation of cloud infrastructure. This lab implements role-based access control patterns that scale from development through enterprise production environments.

Implementation Process

User and Service Account Management:

1. Navigate to IAM & Admin > IAM
2. Add new members with appropriate role assignments
3. Create service accounts for application authentication
4. Generate and manage service account keys securely

Role-Based Access Control:

# Assign predefined roles to users
gcloud projects add-iam-policy-binding $DEVSHELL_PROJECT_ID \
  --member="user:example@company.com" \
  --role="roles/storage.objectViewer"

# Create custom roles for specific requirements
gcloud iam roles create customStorageRole \
  --project=$DEVSHELL_PROJECT_ID \
  --title="Custom Storage Role" \
  --permissions="storage.objects.get,storage.objects.list"

Service Account Implementation:

# Create service account for application use
gcloud iam service-accounts create demo-service-account \
  --display-name="Demo Service Account"

# Assign appropriate roles to service account
gcloud projects add-iam-policy-binding $DEVSHELL_PROJECT_ID \
  --member="serviceAccount:demo-service-account@$DEVSHELL_PROJECT_ID.iam.gserviceaccount.com" \
  --role="roles/storage.objectAdmin"

Insights

Implementing least-privilege access principles from the beginning prevents security issues as applications scale. Service accounts enable secure application-to-service authentication without managing user credentials in code.

Lab 5: Cloud Monitoring Quickstart

Observability is essential for maintaining reliable cloud applications. This lab establishes comprehensive monitoring, alerting, and logging capabilities using Google Cloud’s operations suite.

Implementation Process

Monitoring Dashboard Creation:

1. Access Cloud Monitoring > Dashboards
2. Create custom dashboard for application metrics
3. Configure charts for system and custom metrics
4. Implement SLI/SLO tracking for service reliability

Alerting Policy Configuration:

# Create alerting policy using gcloud
gcloud alpha monitoring policies create --policy-from-file=alert-policy.yaml

Log-Based Metrics:

1. Navigate to Logging > Logs-based Metrics
2. Create metrics from application logs
3. Configure log sinks for long-term storage and analysis
4. Implement structured logging for improved searchability

Insights

Proactive monitoring prevents issues from impacting users and provides data-driven insights for optimisation. Establishing monitoring early in development creates visibility into application behavior and performance characteristics.

Lab 6: Cloud Run Functions Quickstart - Console

Serverless functions enable event-driven architectures and microservices patterns. This lab demonstrates function deployment and management through the Cloud Console interface.

Implementation Process

Function Creation and Deployment:

1. Navigate to Cloud Functions > Create Function
2. Configure trigger type (HTTP, Cloud Storage, Pub/Sub)
3. Implement function code in the inline editor
4. Deploy with appropriate memory and timeout settings

Example HTTP Function:

exports.helloWorld = (req, res) => {
  const name = req.query.name || req.body.name || 'World';
  res.status(200).send(`Hello ${name}!`);
};

Security and Access Control:

• Configure IAM roles for function invocation
• Implement authentication and authorisation patterns
• Test function execution and performance metrics

Insights

Cloud Functions provide cost-effective compute for event-driven workloads and API endpoints. The pay-per-invocation model makes them ideal for variable workloads and integration scenarios.

Lab 7: Cloud Run Functions Quickstart - Command Line

Command-line function deployment enables automation and integration with development workflows. This lab demonstrates programmatic function management using the gcloud CLI.

Implementation Process

CLI-Based Function Deployment:

# Deploy HTTP function from local source
gcloud functions deploy hello-http \
  --runtime nodejs18 \
  --trigger-http \
  --allow-unauthenticated \
  --source ./function-source

# Deploy event-triggered function
gcloud functions deploy process-file \
  --runtime python39 \
  --trigger-bucket $DEVSHELL_PROJECT_ID-uploads \
  --source ./processing-function

Environment Configuration:

# Set environment variables for function
gcloud functions deploy configured-function \
  --set-env-vars DATABASE_URL=postgresql://...,API_KEY=secret123

# Configure function memory and timeout
gcloud functions deploy optimized-function \
  --memory 512MB \
  --timeout 300s

Insights

CLI-based deployment enables Infrastructure as Code practices and seamless integration with CI/CD pipelines. Version control of function source code and configuration ensures reproducible deployments across environments.

Lab 8: Pub/Sub Quickstart - Console

Asynchronous messaging enables decoupled, scalable architectures. This lab implements publish-subscribe patterns using the Cloud Console interface for topic and subscription management.

Implementation Process

Topic and Subscription Setup:

1. Navigate to Pub/Sub > Topics
2. Create topic: demo-topic with appropriate retention policies
3. Create subscription: demo-subscription with delivery configuration
4. Configure dead letter queues for message handling failures

Message Publishing and Consumption:

1. Use console interface to publish test messages
2. Monitor subscription delivery metrics
3. Configure acknowledgment deadlines and retry policies
4. Implement message filtering for selective consumption

Insights

Pub/Sub provides reliable message delivery with automatic scaling and global availability. Understanding message ordering, exactly-once delivery, and flow control is crucial for building robust event-driven systems.

Lab 9: Pub/Sub Quickstart - Command Line

Programmatic messaging operations enable automation and integration with application workflows. This lab demonstrates CLI-based Pub/Sub management for operational efficiency.

Implementation Process

Topic and Subscription Management:

# Create topic with custom configuration
gcloud pubsub topics create demo-topic \
  --message-retention-duration=7d

# Create subscription with specific settings
gcloud pubsub subscriptions create demo-subscription \
  --topic=demo-topic \
  --ack-deadline=60 \
  --message-retention-duration=7d

Message Operations:

# Publish messages to topic
gcloud pubsub topics publish demo-topic \
  --message="Hello from CLI" \
  --attribute=environment=development

# Pull messages from subscription
gcloud pubsub subscriptions pull demo-subscription \
  --auto-ack \
  --limit=10

Insights

CLI-based messaging operations enable scripted workflows and integration testing. Understanding subscription delivery models and message acknowledgment patterns is essential for reliable message processing.

Lab 10: Pub/Sub Quickstart - Python

SDK integration enables native messaging capabilities within applications. This lab demonstrates Python client library usage for production-ready messaging implementations.

Implementation Process

Client Library Setup:

# Install required dependencies
pip install google-cloud-pubsub

Publisher Implementation:

from google.cloud import pubsub_v1
import json

# Initialise publisher client
publisher = pubsub_v1.PublisherClient()
topic_path = publisher.topic_path(project_id, "demo-topic")

# Publish message with attributes
data = json.dumps({"user_id": 123, "action": "login"}).encode("utf-8")
future = publisher.publish(topic_path, data, environment="production")
message_id = future.result()
print(f"Published message ID: {message_id}")

Subscriber Implementation:

from google.cloud import pubsub_v1

# Initialise subscriber client
subscriber = pubsub_v1.SubscriberClient()
subscription_path = subscriber.subscription_path(project_id, "demo-subscription")

def callback(message):
    print(f"Received message: {message.data.decode('utf-8')}")
    message.ack()

# Start listening for messages
flow_control = pubsub_v1.types.FlowControl(max_messages=100)
streaming_pull_future = subscriber.subscribe(subscription_path, callback=callback, flow_control=flow_control)

Insights

Native SDK integration provides optimal performance and error handling capabilities. Implementing proper flow control, error handling, and graceful shutdown patterns ensures reliable message processing in production environments.

Architectural Patterns and Integration

These foundational labs establish patterns that scale to enterprise architectures:

Event-Driven Architecture: Pub/Sub messaging enables loose coupling between services, supporting microservices patterns and reactive systems that respond to business events rather than direct API calls.

Serverless Computing: Cloud Functions provide compute capability that scales to zero, reducing costs while maintaining responsiveness. This approach works particularly well for event processing and API endpoints with variable traffic.

Security-First Design: IAM integration across all services ensures consistent access control. Service accounts enable secure service-to-service communication without credential management complexity.

Observability Integration: Cloud Monitoring provides unified visibility across all services, enabling proactive issue detection and performance optimisation through data-driven insights.

Production Readiness Considerations

Moving from lab exercises to production requires additional considerations:

Scalability Planning: Understanding service limits, quotas, and scaling characteristics enables architecture decisions that support growth requirements.

Cost Optimisation: Implementing appropriate storage classes, function sizing, and monitoring retention policies optimises costs while maintaining performance requirements.

Security Hardening: Production environments require additional security measures including VPC configuration, private service access, and audit logging.

Disaster Recovery: Multi-region deployments and backup strategies ensure business continuity and meet compliance requirements.

This comprehensive lab series provides the foundation for building production-ready cloud applications using Google Cloud Platform’s managed services and development tools.