Foundations of a scalable website on GCP
Starting a website can be hard, we get it. There are many vendors you have to work with and steps to tie together. What DNS records do I need to add? How do I enable DNSSEC? Is my website secure and safe from cyber attacks? These types of questions plague millions of website operators globally. We are excited to share that it is possible to manage all of these steps in one location using Google Cloud.
Google Cloud offers you the ability to manage the entire lifecycle of a website from start to finish. You no longer have to worry about managing different subscriptions and understanding the integration between vendors. Leveraging the Google Cloud offering will allow for you to have a scalable, reliable, and safe deployment. Additionally, there are extra benefits that you can take advantage of, like getting Google Managed SSL certificates for free and taking advantage of best in class DDoS protection with our Cloud Armor solution.
The following architecture diagram illustrates all of the components of the solution.
Key components of the solution:
Compute and Storage
Global HTTPs Load Balancer
Buying a Domain on Google Cloud
Purchasing and verifying a domain can be a tricky process with many steps. Cloud Domains makes this easy and straightforward to manage. Cloud Domains integrates seamlessly with Cloud DNS making the management even easier. There is full API support which allows for programmatic management if you are managing a larger portfolio.
Managing DNS with Google Cloud
Our Cloud DNS solution is a managed DNS infrastructure which is scalable and highly available. Easy management of private and public DNS zones makes this a one stop shop for DNS management. Public DNS records are anycasted globally using Google’s distributed network. It is easy and straightforward to enable DNSSEC which will help protect your end users from malicious actors.
Initializing Compute and setting up static object storage
Running your backends on Google Cloud compute has numerous advantages. You can use a managed instance group to run your websites. Managed instance groups allow for a highly scalable and efficient deployment. When demand goes up the number of instances will scale seamlessly, and likewise if demand falls the active compute can scale down. This allows for you to only be running what you need at a given moment. You can easily create multi-zone deployments which increases reliability and performance. With full API support, automation and management is easy and fast. Using a managed instance group allows for you to automatically and safely deploy updates with a variety of customizations available.
For static objects you can store them in our Cloud Storage solution. This is perfect for content like images and videos which are not constantly changing. You can store large quantities of data which is available worldwide. It is easy to transfer content into Cloud Storage with multiple tools available.
Setting up an external https load balancer
The external https load balancer is a global proxy-based layer 7 solution that serves as the entry point for all of your traffic onto Google’s network. Our advanced load balancing solution allows for integrated traffic management and is highly customizable to fit your needs. You can leverage a Google managed SSL certificate for easy deployment and ongoing management.
Securing your traffic with Cloud Armor
Cloud Armor is Google’s best in class DDoS defense solution and Web Application Firewall (WAF). You can rest easier knowing that Google’s network has your back. We have a long history of mitigating some of the most complicated and largest DDoS attacks on record ( blog link). With Cloud Armor you can additionally take advantage of preconfigured WAF rules (Mod Security Rule Set 3.02), adaptive protection, and recently rate limiting. All of this ensures that your website stays online and is protected from attacks.
Caching static content with Cloud CDN
For content that is cacheable like images or short videos, you can use Cloud CDN to enable fast and cost efficient delivery. Google has Cloud CDN pops all over the world which will help ensure that users from the regions that matter to you have a seamless and fast experience. Cloud CDN is easy to enable and get started with.
If you would like to see a further overview of the architecture and components of this solution as well as a detailed configuration walkthrough please check out this video.
For more information on any of these solutions please check out their respective documentation hubs: