Terraforming a Landing Zone on Google Cloud

A landing zone is a well-defined and secure architecture on a cloud platform that serves as a starting point for an organization's cloud adoption journey. It typically includes a set of foundational resources, such as virtual private clouds (VPCs), subnets, security groups, and identity and access management (IAM) policies, that are required to establish a secure and stable environment for running applications and workloads on the cloud.

A landing zone on Google Cloud Platform (GCP) is a set of resources that are created and configured in a specific way to meet the organization's security and compliance requirements, as well as to support its future cloud adoption strategy. These resources can include VPCs, subnets, firewall rules, IAM policies, and other cloud services that are needed to build and deploy applications on GCP.

The main purpose of a landing zone is to provide a secure and compliant environment for organizations to migrate their applications and workloads to the cloud, and to enable them to quickly and easily scale and manage their cloud infrastructure as their needs evolve over time. It serves as a foundation for an organization's cloud infrastructure and helps to ensure that it is well-architected, reliable, and secure.

Here is a basic Terraform script that you can use to create a landing zone on Google Cloud Platform (GCP):This script creates a virtual private cloud (VPC) network, a subnet within that network, and a firewall rule that allows incoming SSH connections from any IP address.

# Configure the Google Cloud provider
provider "google" {
  # Your GCP project ID
  project = "my-gcp-project"

  # The region where you want to create your resources
  region  = "us-central1"
}

# Create a VPC network
resource "google_compute_network" "my-vpc" {
  name                    = "my-vpc"
  auto_create_subnetworks = "true"
}

# Create a subnet
resource "google_compute_subnetwork" "my-subnet" {
  name          = "my-subnet"
  network       = google_compute_network.my-vpc.self_link
  ip_cidr_range = "10.0.0.0/16"

  # The region where you want to create your subnet
  region        = "us-central1"
}

# Create a firewall rule
resource "google_compute_firewall" "allow-ssh" {
  name    = "allow-ssh"
  network = google_compute_network.my-vpc.self_link

  allow {
    protocol = "tcp"
    ports    = ["22"]
  }

  source_ranges = ["0.0.0.0/0"]
}

You can then use this script as a starting point and customize it to meet your specific requirements. For example, you can add additional resources, such as Compute Engine instances or Cloud Storage buckets, and define their properties and dependencies.

Empirical Evaluation of FinOps Framework for Sustainable Cloud Engineering | Doctoral Research | Prasanjit Singh

Alongside my work in the Cloud Computing industry spanning 15+ years, I have always been a student and pursued academics. It was this quest that led me to complete my Bachelors and Masters degree in Computer Science and I am honoured to be now shortlisted as a PhD scholar in the same field.

In my doctoral pursuit, my research interests generally revolve around building & evaluating frameworks to achieve energy and cost efficiency for cloud computing systems. With the modern cloud computing platforms becoming increasingly large-scale and distributed there is a dire need to implement cost-effective and energy efficient systems that would lower carbon footprint for the whole planet. Following this spirit, and the advancements in the areas of Green Cloud Computing and evolution of FinOps practices, I'm pursuing an empirical approach to a sustainable form of distributed computing systems. 

My approach to addressing systems research challenges is grounded on concrete understanding through practical evaluation of real systems. In summary, the objectives of this research work are:

• To create and analyze FinOps frameworks to achieve energy and cost efficiency for cloud computing systems.
• To perform a detailed review and concrete knowledge of the practical assessment of real-time FinOps systems.
• To embed sustainability into daily design, development and operational processes in cloud engineering.

I would be documenting my research outcomes in this repository and my youtube channel amongst other faculties. Thanks!

[FinOps] Cost Optimisation Strategies in Alibaba Cloud | Prasanjit Singh

Alibaba Cloud offers a plethora of services to assist customers with their Cloud cost management, i.e., the structural planning that lets a company manage the costs of cloud technology. However, many users struggle to control their expenditure. Here are some points that you can use to reduce Alibaba Cloud costs for your company.

• Terminate unused ECS instances

Using Alibaba Cloud Cost Explorer Resource Optimization, you can get a report of idle or low-utilization instances. Once you identify these instances, you can stop or downsize them. Once you stop an instance, you must also terminate it. This is because if you stop an instance, your EBS costs will still be incurred. By terminating ECS instances, you will also stop EBS and ECS expenses.

• Cut oversized instances and volumes

Before deciding which instances and volumes need to be reduced, an in-depth analysis of all available data is required. Do not rely on data from a short period of time. The time frame for a data set should be at least one month, and make sure to check for seasonal peaks. Remember that you will not be able to reduce EBS volumes. So, once you know the appropriate size you require, create a new volume, and copy the data from the old volume.

• Use private IPs

Whenever you communicate in the Alibaba ECS network using public IPs or Elastic load balancer, you will always pay Intra-Region Data Transfer rates. Use private IPs to avoid paying this extra fee.

• Delete low-usage Alibaba EBS volumes

Track Elastic Block Storage (EBS) volumes for at least 1 week and identify those that have low activity (at least 1 input/output per second per day). Take a snapshot of these volumes (in case you will need them at a future date) and then delete them.

• Use Alibaba Cloud Savings Plan

Alibaba Cloud Savings plan is a flexible pricing model running for one to three years. In this model, you pay a lower price on ECS and Fargate usage for a promise of a steady amount of usage during the specified period. The agreed usage amount is usually discounted by more than 30%. Alibaba Cloud Savings Plan is ideal for stable businesses that know their resource requirements.

• Utilize Reserved Instances

By reserving an instance, you may save up to 70%. But, if you don't use the reserved instance as much as you expected, you may end up overpaying. This is because you will pay 24/7 utilization for the entire reserved period regardless of whether you used the resource or not.

• Buy reserved instances on the Alibaba Cloud marketplace

The Alibaba Cloud Marketplace is like a stock market. You can sometimes buy Standard Reserved Instances at extremely affordable prices in comparison to buying directly from Alibaba Cloud. In this way, you can end up saving almost 75%.

• Utilize Alibaba ECS Spot Instances

Spot instances can reduce costs by almost 90%. Spot instances are great for workloads that are fault-tolerant, for example, big data, web servers, containerized workloads, and high-performance computing (HPC). Auto-scaling automatically requests spot instances to meet target capacity during interruptions. 

• Configure autoscaling

Autoscaling allows your ECS fleet to increase or shrink based on demand. By configuring autoscaling, you can start and stop instances that don't get used frequently. You can review your scaling activity using the CLI command. Review the results to see whether instances can be added less aggressively or to see if the minimum can be reduced to serve requests with smaller fleet sizes.

• Choose availability zones and regions

The cost of Alibaba Cloud varies by region. Data transfers between different availability zones are charged an extra fee. It is therefore important to centralize operations and use single availability zones.