What's new in the Architecture Center

(New guide) Choose a design pattern for your agentic AI system: Learn how to select an agent design pattern to build your agentic AI system.

Design storage for AI and ML workloads in Google Cloud: Updated storage recommendations for training and serving workflows. Revised the scaling capacity and performance tiers for Managed Lustre.

(New guide) RAG infrastructure for generative AI applications in Google Cloud: Provides a list of reference architectures to deploy a generative AI applications with retrieval-augmented generation (RAG) in Google Cloud.

(New guide) VPC Network Peering Cross-Cloud Network with NVAs and regional affinity: Describes how to deploy network virtual appliances (NVAs) in a single-region Cross-Cloud Network architecture.

(New guide) Multi-agent AI system in Google Cloud: A reference architecture to help you design robust multi-agent AI systems in Google Cloud.

(New guide) RAG infrastructure for generative AI using Google Agentspace and Vertex AI: Design infrastructure for a generative AI application with retrieval-augmented generation (RAG) using Google Agentspace and Vertex AI.

(New guide) Best practices for securing apps and resources by using context-aware access: Describes best practices for using context-aware access to secure apps and resources.

(New guide) GraphRAG infrastructure for generative AI using Vertex AI and Spanner Graph: Shows how to design infrastructure for GraphRAG-capable generative AI applications in Google Cloud by using Vertex AI and Spanner Graph.

File storage on Compute Engine:

• Added information about Google Cloud Managed Lustre and DDN Infinia.
• Updated the protocol specifications for Filestore.
• Updated the protocol and performance specifications for NetApp Volumes.

Multi-regional deployment on Compute Engine: Technical updates to align design recommendations with Google Cloud Well-Architected Framework core principles.

Single-zone deployment on Compute Engine: Technical updates to align design recommendations with Google Cloud Well-Architected Framework core principles.

Hub-and-spoke network architecture: Added Network Connectivity Center as a design option.

AI and ML perspective: Operational excellence: Major update to expand the operational excellence recommendations in the AI and ML perspective.

Parallel file systems for HPC workloads: Added guidance about Google Cloud Managed Lustre.

Design storage for AI and ML workloads in Google Cloud: Updated to include Cloud Storage FUSE, Anywhere Cache, Hyperdisk ML, and Google Cloud Managed Lustre.

(New guide) Optimize AI and ML workloads with Cloud Storage FUSE: Learn how to optimize performance for AI and ML workloads on Google Kubernetes Engine (GKE) by using Cloud Storage FUSE.

(New guide) Oracle E-Business Suite with Oracle Exadata in Google Cloud: Shows how to build the infrastructure to run Oracle E-Business Suite applications with Oracle Cloud Infrastructure Exadata in Google Cloud.

Infrastructure for a RAG-capable generative AI application using Vertex AI and Vector Search: Updated the data processing component in the reference architecture to use a Cloud Run function in place of a Cloud Run job.

Google Cloud Architecture Framework: Security, privacy, and compliance: Major update to align the recommendations with core principles of security.

Best practices and reference architectures for VPC design: Updates to the document to reflect feature releases over the past months.

Cross-Cloud Network for distributed applications: Updates to the document set to reflect feature releases over the past months.

(New guide) Optimize AI and ML workloads with Parallelstore: Learn how to optimize performance for artificial intelligence (AI) or machine learning (ML) workloads with parallel file system storage by using Parallelstore.

Google Cloud Architecture Framework: Reliability pillar: Major update to align the recommendations with core principles of reliability.

(New guide) Confidential computing for data analytics and AI: Provides an overview of confidential computing, explores use cases for data analytics and federated learning across various industries, and includes architecture examples for some use cases.

Infrastructure for a RAG-capable generative AI application using Vertex AI and AlloyDB: Added more design alternatives.

Infrastructure for a RAG-capable generative AI application using GKE: Added design alternatives.

(New guide) Stream logs from Google Cloud to Datadog: Provides an architecture to send log event data from across your Google Cloud ecosystem to Datadog Log Management. The architecture is accompanied by a deployment guide.

(New guide) Infrastructure for a RAG-capable generative AI application using Vertex AI and Vector Search: Describes how to design infrastructure for a generative AI application with retrieval-augmented generation (RAG) by using Vector Search.

(New guide) Deploy and operate generative AI applications: Describes how you can adapt DevOps and MLOps processes to develop, deploy, and operate generative AI applications on existing foundation models.

(New guide) Migrate from AWS Lambda to Cloud Run: Describes how to design, implement, and validate a plan to migrate from AWS Lambda to Cloud Run.

(New guide) Enterprise application on Compute Engine VMs with Oracle Exadata in Google Cloud: Provides a reference architecture for an application that's hosted on Compute Engine VMs with connectivity to Oracle Cloud Infrastructure (OCI) Exadata databases in Google Cloud.

(New guide) Business continuity with CI/CD on Google Cloud: Learn how to plan and implement business continuity and disaster recovery (DR) for the CI/CD process.

Google Cloud Architecture Framework: Cost optimization: Major update to align the recommendations with core principles of cost optimization.

(New guide) Scalable BigQuery backup automation: Build a solution to automate recurrent BigQuery backup operations at scale, with two backup methods: BigQuery snapshots and exports to Cloud Storage. This architecture is accompanied by a deployment guide.

Design an optimal storage strategy for your cloud workload: Updated guidance about storage recommendations and storage options decision tree with information about Hyperdisk ML and Hyperdisk Balanced. Updated file storage guidance based on performance scalability and supported file system protocols.

(New guide) Enterprise application with Oracle Database on Compute Engine: Provides a reference architecture to host an application that uses an Oracle database, deployed on Compute Engine VMs.

(New guide) Select a managed container runtime environment: Learn about managed runtime environments and assess your requirements to choose between Cloud Run and GKE Autopilot.

(New guide) Use generative AI for utilization management: A reference architecture for health insurance companies to automate prior authorization (PA) request processing and improve their utilization review (UR) processes.

Architecting disaster recovery for cloud infrastructure outages: Added DR guidance for Organization Policy Service.

(New guide) Manage and scale networking for Windows applications that run on managed Kubernetes: Discusses how to manage networking for Windows applications that run on Google Kubernetes Engine using Cloud Service Mesh and Envoy gateways. This reference architecture is accompanied by a deployment guide.

Disaster recovery scenarios for data: Added guidance about using the following capabilities to back up and recover self-managed databases deployed in Google Cloud:

• Backup and DR Service
• Persistent Disk Asynchronous Replication

Disaster recovery scenarios for applications: Added guidance about using the following capabilities to back up and recover applications deployed in Google Cloud:

• Backup and DR Service
• Persistent Disk Asynchronous Replication

File storage on Compute Engine: Added guidance about Filestore Regional.

(New guide) Architect your workloads: Design resilient, single-region environments on Google Cloud.

Architecting disaster recovery for cloud infrastructure outages: Updated the DR guidance for Google Security Operations SIEM.

(New guide) From edge to multi-cluster mesh: Globally distributed applications exposed through GKE Gateway and Cloud Service Mesh: Describes exposing applications externally through Google Kubernetes Engine (GKE) Gateways running on multiple GKE clusters within a service mesh.

(New guide) From edge to multi-cluster mesh: Deploy globally distributed applications through GKE Gateway and Cloud Service Mesh: Provides the steps needed to deploy applications externally through Google Kubernetes Engine (GKE) Gateways running on multiple GKE clusters within a service mesh.

(New guide) Migrate from AWS to Google Cloud: Migrate from Amazon RDS for SQL Server to Cloud SQL for SQL Server: Describes how to design, implement, and validate a plan to migrate from Amazon Relational Database Service (RDS) to Cloud SQL for SQL Server.

Infrastructure for a RAG-capable generative AI application using Vertex AI: Added a design alternative that uses Vertex AI Vector Search for the vector store and semantic search components in the architecture.

(New guide: 1 of 4) Cross-Cloud Network for distributed applications: Provides an overview about how you can design Cross-Cloud Network for distributed applications.

Design an optimal storage strategy for your cloud workload: Added information about the Regional service tier of Filestore.

(New guide) C3 AI architecture on Google Cloud: Develop applications using C3 AI and Google Cloud.

Architecting disaster recovery for cloud infrastructure outages: Added DR guidance for Personalized Service Health.

Disaster recovery building blocks: Added information about the soft-deletion feature in Cloud Storage.

Architecting disaster recovery for cloud infrastructure outages: Added DR guidance for Vertex AI online predictions.

Architecting disaster recovery for cloud infrastructure outages: Added DR guidance for Vertex AI batch predictions.

(New guide) Infrastructure for a RAG-capable generative AI application using GKE: Design the infrastructure to run a generative AI application with retrieval-augmented generation (RAG) using GKE, Cloud SQL, and open source tools like Ray, Hugging Face, and LangChain.

Architecting disaster recovery for cloud infrastructure outages: Added DR guidance for Vertex ML Metadata.

Architecting disaster recovery for cloud infrastructure outages: Added DR guidance for Vertex AI Pipelines.

(New guide) Model development and data labeling with Google Cloud and Labelbox: Provides guidance for building a standardized pipeline to help accelerate the development of ML models.

(New guide) Jump Start Solution: Generative AI RAG with Cloud SQL: Deploy a retrieval augmented generation (RAG) application with vector embeddings and Cloud SQL.

(New guide) Build and deploy generative AI and machine learning models in an enterprise: Describes the generative AI and machine learning blueprint, which deploys a pipeline for creating AI models.

AI and machine learning resources: Added introduction information with guiding links to our generative AI and traditional AI resources.

(New guide) Design storage for AI and ML workloads in Google Cloud: Select the recommended storage options for your AI and ML workloads.

Design an optimal storage strategy for your cloud workload: Added guidance about data transfer options.

(New guide) Configure networks for FedRAMP and DoD in Google Cloud: Provides configuration guidance to help you comply with design requirements for FedRAMP High and DoD IL2, IL4, and IL5 when you deploy Google Cloud networking policies.

Architecting disaster recovery for cloud infrastructure outages: Added information about zonal and regional resilience of Sole Tenant Nodes.

From edge to mesh: Deploy service mesh applications through GKE Gateway: Switched from Ingress API to the more modern Gateway API. Updated relevant sections to reflect this change.

(New guide) Single-zone deployment on Compute Engine: Provides a reference architecture for a multi-tier application that runs on Compute Engine VMs in a single Google Cloud zone and describes the design factors to consider when you build a single-zone architecture.

Disaster recovery building blocks: Updated the guidance for Google Kubernetes Engine (GKE) with information about the Backup for GKE and multi-cluster Gateway features.

Architecting disaster recovery for cloud infrastructure outages: Added information about zonal and regional resilience of Connectivity Tests and Network Analyzer.

(New guide) Import logs from Cloud Storage to Cloud Logging: Import logs that were previously exported to Cloud Storage back to Cloud Logging. This architecture is accompanied by a deployment guide.

Architecture fundamentals: This page provides a consolidated view of the Architecture Center resources that provide fundamental architectural guidance applicable to all the technology categories.

(New guide) Okta user provisioning and single sign-on: Set up federated user provisioning and single sign-on using Okta.

File storage on Compute Engine: Changed Filestore High Scale to Zonal, updated Filestore Zonal support for the CSI Driver, added Google Cloud NetApp Volumes, and removed NetApp Cloud Volume Service.

(New guide) Deploy an enterprise developer platform on Google Cloud: Provides a blueprint to help enterprises set up a developer platform for building and managing container-based applications in Google Cloud.

(New guide) Jump Start Solution: Stateful app with zero downtime deployment on GKE: Update a live app without a noticeable disruption by using the Stateful app with zero downtime deployment on GKE app.

(New Guide: 2 of 3) Hybrid and multicloud architecture patterns: Discusses common hybrid and multicloud architecture patterns, and describes the scenarios that these patterns are best suited for.

Adds new content and revises existing content.

(New Guide: 3 of 3) Hybrid and multicloud secure networking architecture patterns: Discusses several common secure network architecture patterns that you can use for hybrid and multicloud architectures.

Adds new content and revises existing content.

(New guide) Data transformation between MongoDB Atlas and Google Cloud: Data transformation between MongoDB Atlas as the operational data store and BigQuery as the analytics data warehouse.

Design an optimal storage strategy for your cloud workload: Updated the capacity numbers for Hyperdisk and Local SSD.

Architecting disaster recovery for cloud infrastructure outages: Added information about zonal and regional resilience of Certificate Authority Service.

(New series) Migrate across Google Cloud regions: Start preparing your workloads and data for migration across Google Cloud regions.

• (New guide) Design resilient single-region environments on Google Cloud
• (New guide) Prepare data and batch workloads for migration across regions

(New guide) Set up an embedded finance solution using Google Cloud and Cloudentity: Describes architectural options for providing your customers with a seamless and secure embedded finance solution.

(New guide) Migrate to Google Cloud: Minimize costs: Minimize costs of your single- and multi-region Google Cloud environments, and of migrations across Google Cloud regions.

Google Cloud Architecture Framework: Reorganized the Reliability category and moved SLO content to new pages.

Deploy Apache Guacamole on GKE and Cloud SQL: Updated deployment to use Artifact Registry, and updated Cloud Shell commands for compatibility with latest Terraform provider.

Parallel file systems for HPC workloads: Added Sycomp Storage Fueled by IBM Spectrum Scale as an option for parallel file system (PFS) storage, and replaced NetApp Cloud Volumes Service with Google Cloud NetApp Volumes.

Parallel file systems for HPC workloads: Added Parallelstore and Weka Data Platform as options for parallel file system (PFS) storage.

Designing networks for migrating enterprise workloads: Adds Cross-Cloud Interconnect functionality and updates Private Service Connect information.

Scalable TensorFlow inference system: Converted the Tensorflow inference system guide into a reference architecture that includes design considerations.

PCI DSS compliance on GKE: Updated to meet the requirements of PCI DSS version 4.0, use Cloud IDS instead of a third-party IDS, and use the PodSecurity admission controller instead of PodSecurityPolicy.

Architecting disaster recovery for cloud infrastructure outages: Added DR guidance for Access Transparency.

Best practices for running tightly coupled HPC applications: Updated to include guidance for H3 compute-optimized VMs.

Architectures for high availability of PostgreSQL clusters on Compute Engine: Added information about the write-ahead log and the Log Sequence Number.

(New guide) Migrate from AWS to Google Cloud: Migrate from Amazon EKS to GKE: Design, implement, and validate a plan to migrate from Amazon EKS to Google Kubernetes Engine.

Migrating Node.js apps from Heroku to Cloud Run: Updated for the latest Heroku changes.

Twelve-factor app development on Google Cloud: Added new product information and security considerations. Removed outdated content.

(New guide) Identify and prioritize security risks with Wiz Security Graph and Google Cloud: Describes how to identify and prioritize security risks in your cloud workloads with Wiz Security Graph and Google Cloud.

(New guide) Connect Google Virtual Private Clouds to Oracle Cloud Infrastructure using Equinix: Use Equinix Network Edge and Partner Interconnect to deploy private, multi-cloud connectivity between Google Cloud VPC networks and Oracle® VCNs.

Stream logs from Google Cloud to Splunk: Converted the Google Cloud-to-Splunk logging guide into a reference architecture that includes design considerations.

Decide the network design for your Google Cloud landing zone: Added more details to the design options.

Google Cloud Architecture Framework: Updated the best practices in the Cost Optimization category.

Landing zone design in Google Cloud: Updated the section, "Identify resources to help implement your landing zone."

Google Cloud Architecture Framework: AI/ML: Updated the list of AI and ML services in the System Design category.

(New guide) Import data from an external network into a secured BigQuery data warehouse: Describes an architecture that you can use to help secure a data warehouse in a production environment, and provides best practices for importing data into BigQuery from an external network, such as an on-premises environment.

(New guide) Use distributed tracing to observe microservice latency: Shows how to capture trace information on microservice applications using OpenTelemetry and Cloud Trace.

(New guide) Deploy a secured serverless architecture using Cloud Functions: Provides guidance on how to help protect serverless applications that use Cloud Functions (2nd gen) by layering additional controls onto your existing foundation.