字幕表 動画を再生する 英語字幕をプリント SANDEEP PARIKH: Welcome, everybody. Thanks for coming. I know the day's been running a little bit long, so I will hopefully not keep you too long. Welcome to the session between you and happy hour. Hopefully, we'll get you out of here just in time to get some drinks and get some snacks. My name is Sandeep Parikh. I run the cloud solutions architecture team for Americas East, for Google Cloud Platform, and today, I want to talk to you about building a collaborative data platform. Effectively, you've got teams of individuals spread across your company, that have to work together in some meaningful way, and you need them to share data, talk to each other, basically build something together. So, how do you enable that? So, we're going to walk through some of the ways that we tell a lot of customers, and developers, and partners how to do that stuff in the real world. First, we're going to meet our hypothetical team of individuals, and we're going to learn about the tasks that have to do, and the tools that they typically use. And then, we'll jump into mapping the tools they use to the tools available in Google Cloud, so you can start to see how they might get a consistent set of tools and work together. And then, we're going to talk about how we enable collaboration. This is how we do things, like set up teams to do self-service and easy data discovery. I'm probably going to trivialize a handful of details, but stay with me, it'll make sense as we get through it. And then, I want to cover what the new workflow's like once you get all this stuff up and running, and then give you a couple little things and tips on how to get started. Does that make sense to everybody? Head nods? OK, good. All right, so let's meet the team. All right, so first, we've got about four individuals. We've got a data scientist, a data engineer, a business analyst, and an app developer. Ultimately, they all have three things in common. They use different data sets, those data sets are all in different formats, and they all use different tools, right? So, there's not a ton of overlap here, and that's kind of the challenge. So, let's assume for a second, or let's imagine for a second, we've got this team, and their job is to build a recommendation engine for a retail site. So, what are the kinds of things that each person on the team is going to need to be successful in order to do their job? So, the first thing we'll cover is the data, and then we'll talk about the tools. So, from a data perspective, Alice, the data scientist, needs kind of cleansed, normalized data. Things that have no longer log files, right, not just raw rows from a database, but things that actually make sense. And those could be, for example, stuff like purchase history, product history, product metadata, click streams, product reviews. All the stuff that it would take to actually craft and model a recommendation problem. Then, we've got Bob, the data engineer. He's going to have to take all of the raw data and turn it into something useful. So, he's probably going to need things like, logs information, product transactions or purchase history, product metadata, as well. This is all the stuff that's coming in straight off the application, that he's got to turn into something useful for other parts of the organization. Then, there's Ned. Ned is the business analyst, and he needs a lot of aggregated data, things that he can use to generate statistics and understanding about how the business is performing. Not just, again, rows or log files, but again, that next level up from, sort of, the basics. And then, finally, we have Jan, the app developer. She's going to need users and product predictions, or recommendations. She's going to be able to-- she needs to be able to build new microservices that expose things like this recommendation engine to the end user. So, that can be things like a recommendations API, access to wish lists, some knowledge around similar users or similar products, how things complement each other. But, you can see there's a little bit of overlap here, but not a ton, right. They all need something different and they kind of need it in a slightly different format. Now, if you think about sort of a-- I tried to draw a sequence diagram here, and it got a little complicated, so I simplified it a little bit. But, ultimately, Alice and Bob have to agree and talk to each other. Bob and Ned have to agree and talk to each other. Ned and Alice have to talk each other, and Jan and Alice have to talk to each other. You know, there's a lot of communication happening. And, listen, I love talking to my coworkers just as much as the next person, but if you're spending all of your time trying to explain to them what you need, when you need it, where it came from, what it should look like, it becomes challenging, right. It slows down the ability for them to make progress and work quickly. Ultimately, this is the problem that we see a lot of folks having out in the, world, right? They each have to find data sets. They each have to figure out who owns it. They have to figure out how things are related to each other, and they have to manage all that by themselves, which, again, takes time away from their ultimate task. Just by a show of hands, does this sound familiar to anybody? Oh, that's a scary number, actually. Maybe I shouldn't have asked that question. No, but that this is great, right? This is how we have to-- we have to find, understand, what the problem is, then try to solve it together. All right, so let's talk about tools. That's the first step. We need to understand what everyone's working with in order to kind of make the next jump. So, Alice is the data scientist, huge fan of Python, like myself. It's like her Swiss army knife, she uses it for just about everything. Typically, does a lot of her work with IPython or Jupyter notebooks, pulls data down, does it on her workstation, you know, slices dices data, uses a lot of pretty common data science frameworks, uses things like, NumPy, SciPy, scikit-learn, Pandas, because she has a history, and/or likes data frames. That's a typical approach, from a data science perspective. Bob is a huge fan of Java, right? He does lots of big ETL pipeline work, does a lot of orchestrating data from one format to another, or multiple sources of data together into something that looks cohesive on the other end. So, he's typically using tools like MapReduce or Spark. In some cases, he might be using Apache Beam, which you'll actually hear more about over the next couple days, as well. Ned is like a spreadsheet guy. He loves SQL and he loves spreadsheets. So, what he likes to do is build custom reports and dashboards, very SQL-driven, got to have some kind of access to a data warehouse, so he can do giant-- you know, kind of cube rotations and understanding. Basically, he's got to be able to prove to the business how products are performing, why things like a recommendation engine is even necessary. So, it's his responsibility to kind of facilitate that. And then, we've got Jan, the app developer. Jan's a typical kind of polyglot app developer. Likes writing stuff on microservices, likes delivering features very quickly, you know, may have a language preference one way or the other, but has to maintain a lot of the existing infrastructure. So, that could be things like node apps. That could be simple things like Python apps with Flask or Ruby apps with Sinatra, all the way up to like kitchen sink frameworks, like Django or Rails. Just depends, right, whatever the use case is. So, we've gotten that far. So, we understand their task, we know who all the key players are, and we know the things that they like to use. So, the next step for us is, how do we figure out which tools they should be using in Google Cloud? All right, we can skip that slide. So, what we'll do is let's lay out a handful of the tools that are available. And we're not going to cover everything that's in GCP right now, because we don't have enough time, and I want you guys to have snacks at some point soon. So, what we'll do is kind of focus on the core set of things that are critical for each of those individual roles to have access to. So, the first part, you know, for things like applications, we've got Compute. So, with things like virtual machine or virtual instances with Compute Engine, manage Kubernetes clusters with Container Engine, or just kind of manage container deployments, or Docker container deployments with App Engine. It's a good place to start. On the storage front, cloud storage for objects, Cloud SQL for relational data, Cloud Datastore for, you know, NoSQL, or non-relational datasets, and Cloud Bigtable for wide column. And then, on the data and analytics, are then the more processing kind of side, Dataproc for managed Hadoop and Spark clusters, Datalab for IPython notebooks, BigQuery for kind of an analytical data warehouse, and data flow for running managed Beam, Apache Beam pipelines. And then, the last column, or the last kind of group, is machine learning. So we've got cloud machine learning, which is kind of running TensorFlow models, and running them at scale, things like the natural language API, the speech API, or the vision API. As you start to think about the team that we just introduced, and you start looking at this sort of bucket of tools, of this set of puzzle pieces, you can start to see where things are going to kind of fit together There's a consistent set of tools here that we can map back on to the team. So let's walk through each one of those individually, really quickly. So, for data science workloads, Alice has a couple of options. We already talked about the fact that she's a fan of Python, so that maps really well. So, with Python, she has two options. She can either use Cloud Datalab, or she can use Cloud Dataproc with Jupyter. With Datalab, what she gets is a complete Python dev environment. You know, it's bundled in with like NumPy, SciPy, Matplotlib, so she can kind of kick off her work, and build those charts, and build those, kind of understanding, or on the data set as she would. Additionally, on top of that though, it's also got built-in support for TensorFlow and BigQuery. This means she's got a complete environment to go and start maybe prototyping models that she wants to build with TensorFlow, if she's trying to build a very compelling recommendation mechanism. Or, if she needs data that lives in BigQuery, she can actually do inline SQL statements there, and pull data back out, or offload queries to BigQuery, as well. So, she's got a handful of options there. The nice thing about Datalab is that it's based on Jupyter, so, it's got a little bit of background. So, it should look very familiar to her. But it is somewhat constrained onto just Python. If she's got more specific needs, or wants to include additional frameworks or kernels, then we have to look at something like Cloud Dataproc plus Jupyter. So, what you can do is you can spin up a Cloud Dataproc cluster-- again, a managed YARN cluster, effectively-- and then have Jupyter pre-installed on there and ready to go. So, it takes about 90 seconds to fire up a Hadoop cluster, anywhere from like three, to like a couple of thousand nodes. In this case, for Alice, I think just three nodes is probably appropriate, and her goal is to just spin this up and get Jupyter pre-installed. Once she's got Jupyter, then she's back to the exact same environment she had on her laptop, support for over 80 different languages and frameworks or kernels. But, the nice thing also is built-in support for PySpark and Spark MLlib. So, you know, if you're kind of trying to figure out where the machine learning line sort of falls, there's definitely a handful of more sessions you can attend around things like TensorFlow or on Dataproc. What I would urge you to do is, if you've got kind of an individual like this in your organization, is have them explore both. TensorFlow might be appropriate. Spark MLlib might be appropriate. And there should be a clean distinction between what they can each do. All right, on the data processing front, same thing. Bob's got a couple of different options. He can either use Cloud Dataproc or he can use Cloud Dataflow. With Dataproc, again, we just talked about this briefly, but managed Hadoop and Spark clusters, the nice thing about Dataproc-- and I'm only going to spend a minute on this, so, by all means, if you're interested we can do questions afterwards-- but the nice thing about Dataproc is that it turns that kind of mindset of a Hadoop cluster or a YARN cluster, on its head. You end up going away from having a cluster-centric view of the world, and turning it into more of a job-centric view of the world. So instead of firing up a thousand-node cluster that everybody shares, you could have every individual job have their own thousand-node cluster. And as long as those jobs can be done in less than 24 hours, you can actually take advantage of things like preemptible OVMs or preemptible instances. Those instances are about 80% off list price. So, you get the ability to do this job dramatically faster than ever before, because you have all this extra compute sitting around, and you get to do it really cheaply, because it only takes a few hours anyway. So Bob's got that option. He can also do things like tune the cluster parameters, or if he's got custom JAR files he needs, easily bootstrap those across the cluster, doesn't matter. So, h has that option. The other approach is to use Dataflow. Dataflow is a managed service that we have for running Apache Beam workloads. Apache Beam is basically a programming model, or an approach, that unifies batch and stream processing into one. When you take Beam workloads or Beam pipelines and you push them to Cloud Dataflow, we run those for you in a totally managed, kind of automatically scalable fashion. So, that's pretty nice. And Apache Beam workload's on Cloud Dataflow, actually support templates for kind of like easy parameterization and staging and things like that. The way I kind think about the relationship here of which path you go down is really a question of what do you have existing already. If you've got a huge investment in Spark or MapReduce jobs, or just kind of like oozy workflows around those things, by all means, go down to Cloud Dataproc group. It's a turnkey solution. You can take your job and just push it to a new cluster, just like that. If it's net new and you're starting from scratch, I think Beam is a good approach to look at. It's relatively new, so it's a little bit young. It's definitely not as mature as some of the other components in the Hadoop ecosystem. But, it does have this really, really, really critical advantage where you can take a batch pipeline and turn it into a streaming pipeline just by changing a couple of lines of input. So Bob's got a couple of options here, to kind of match up to what he typically likes to work with. All right, Ned's use case is actually really simple. He needs a data warehouse. He needs a data warehouse that supports SQL, and that can scale with whatever size of data he needs, or that he's got access to, and he's got to be able to plug it into a whole host of tools, kind of downstream. So, BigQuery's a great fit for him, enterprise cloud analytical data warehouse. It's a fully managed mechanism. We often use the word server-less, though I hate that term, so I apologize. It supports standard SQL and it does scale up to a kind of petabyte scale. So, he has the option of running something that's anywhere from data sets that are about gigabytes all the way up to petabytes, and still get responses back within seconds. BigQuery is great, because it does support kind of batch loading, or streaming inserts, as well. And it's got built in things like security and durability and automatic availability, and all the other good stuff. But, ultimately, the best part is that Ned gets to use SQL, gets to query really, really large data sets, and visualize and explore the data as he's used to, with the typical tools and expertise he's got. When it comes time to create reports and dashboards and things like that, there's a couple of options he has. One, he can use Data Studio, which is built into the platform. So, it's kind of like a Google Doc style approach, where I can create a new report, and then I can share that with everybody in the company without actually having to create multiple copies. And people can edit things like parameters and watch the difference in those reports, and see how they look. But effectively, he has the ability to create those reports and dashboards. Alternatively, he could use things like Tableau or Looker, or other business intelligence tools that he's that he's a fan of. So, he's got a handful of options there. And the nice thing also is that because of all this approach, like BigQuery also supports other kind of JDBC infrastructure, so a lot of the tooling that Ned is typically used to can plug right into BigQuery, as well. So, the last one is Jan. We talked about this earlier. Jan likes to deploy and scale microservices, so she's got two easy options there. If she's really, really focused on complex container orchestration, writes them-- wants to deploy things that way, Container Engine's a great fit. It's based on open sourced Kubernetes. We've got built-in health checking, monitoring, logging. We've got a private Container Registry, or she can go down the app engine route, and just take her Docker containers, and push them up, and we'll auto-scale them for her. The good thing is that along with kind of the same health checking, monitoring, and logging, App Engine also includes a built-in load balancer up front, has things like version management, traffic splitting, as well, and automatic security scanning. So, again, a couple of options here that kind of make sense for her. So, that's right. We're all done. Everybody's got tools, they can all work, and everybody is off-- off to the races. That's not true. We've only just kind of scratched the surface. So, they all have a consistent set of tools to work with, but we actually haven't enabled any of the collaboration bits yet. So, we still have to figure out how to get them, not only to work together, but actually to work in a way that makes sense, and scales up. Right. Their team is four people today. It could be eight, 12, 16, you know, in a few weeks. So, we've got to come up with a better approach to managing the data that they need access to. So, if you're trying to enable collaboration, there are a handful of things you're really going to think about. The first is, you've got to find consistency. And it's not just consistency in the tool set, right? That's also important, but you also need consistency in terms of where do you expect data to be coming from, where do you expect data to be used downstream, right? That's really important. If you can't agree on the sources, if you can't agree on what the downstream workloads are, it's hard to really understand how everybody should work together and use the same set of tools. The next thing you want to do, is take a really good hard look at all the data that you're trying to get access to. And this isn't true for every piece of data that lives in your organization, right? It might be things that are focused on certain sets of the company, like certain teams, or certain tasks, but ultimately, you've got to figure out where all this data lives, and take an inventory on it, right? Take an inventory on it, and make sure it's in the right storage medium for everyone to use as time goes on. The next thing you want to do is come up with an approach around metadata, right? This is pretty simple, but if you're trying to figure out who owns a piece of data or where it came from, what other data sets it's related to, what are some of the types of data that are located in this data set without actually having to go query it, that's a really challenging problem to do, when you think about having hundreds or thousands of individual pieces of data spread out across your infrastructure. Then, you want to enable discovery and self-service. You want people to be able to go find these things by themselves and pull them down as needed, without having to go, again, spend all that time arguing with people about formats, and availability, and tooling, and worrying about where you're going to store it, as well. And then the last thing is security, right Don't leave that on the table. It's certainly important to understand security, and more broadly, identity, right, to make sure we're tracking access to all these things. All right, so how do we start with this? I throw this in there. You have to kind of embrace the concept of a data lake. I'm not suggesting you have to go build one. I know it's a totally loaded buzzword and term, but you have to build-- you have to embrace the idea of it, on some level, right? And this is kind of what I said earlier-- if you start at the very bottom, you first have to understand what are all the sources of data I've got, right? At least get everybody to agree in the room where data is coming in from, and what it looks like. Once you do that, you want to find some, again, consistency on which tools are we going to use to store data? You're not going to consume every single part of the platform, right? It doesn't make sense to just use every service because it's there. Find the ones that make the most sense for the data that you've got. And we'll go through that a second, as well. And the last thing is, what are the use cases, right? How is the data going to get used over time, right? It's important that you understand what those use cases are, because they're going to drive back to the data-- or to the storage mediums. And it's important to pick the storage mediums, because that's going to depend pretty heavily on how the data comes in, where it comes from, and what it looks like. All right, so where should data live, right? We know the sources, we know the workloads, but what do we do in the middle there? How do we figure out which places to put data? So this is kind of a simple decision tree. And I'll go into a little bit more depth on the next slide as well. But some of this you can kind of simplify, right? If it's really structured data, you're kind of down to two options. Is it sort of OLTP data, or is that OLAP data, right? Is it transactional, or is that analytical? If it's transactional, Cloud SQL's a great fit, right? It's a typical relational database, no frills, does what it does, and it does it really well. On the analytical side, you have BigQuery, right? So it depends on what the use case is that's starting to drive it-- not just the structure, but with the use cases. The next column is semi-structure. So, you've got something that you might know the schema for, but it could change. It could adapt in flight. People might be deploying new mobile apps somewhere that customers are going to use. They're going to start capturing data they weren't capturing before. All those things are possible. So, if you've got semi-structured data, then it's a question of, how do I need to query that data? Again, we're back to what is the downstream use case? If it's something where you need to query in any possible field that you write in, data source is a good choice. When you write a piece of JSON to Cloud Datastore, we automatically index every key by default. That's part of that JSON. Now, you can turn that off, if you want to, or you can pick the keys you want, but, ultimately, you have the ability to query anything that you've written in there. Whereas when you put data in a Bigtable, you're basically stuck with trying to have to query by the row key. And that's actually pretty powerful for a lot of really great use cases, especially like time series data or transactional data. But it's not a great fit, again, if you want to try to query some random column, you know, somewhere buried throughout the dataset. And the last one is object, images media, that sort of thing, that just go straight into cloud storage so, it's a pretty simple approach. So, if you break this out a little bit and start getting in a few more examples, you kind of end up with a chart that looks like this. We just covered object storage really quickly a second ago great for binary data, great for object data, media, backups, that sort of thing. On the non-relational side for Cloud Datastore, it's really good for hierarchical data. Again, think of like JSON as a good example there, to fit in there, obviously, great on like mobile applications, that sort of thing. On the Bigtable side, really, really powerful system for heavy reads and writes, but you have the row key only, as your only option. There's a little bit of filtering you can apply outbound on a query, but really, it's driven by the row key. So you've got a very specific workload you can use at a Bigtable on the relational side you have two options. And I mentioned-- and I didn't mention Spanner yet, and it's still a little bit early on Spanner, but I did want to put it into context for kind of, for everybody in the room. Cloud SQL's great for web frameworks. Typical web applications that you're going to build, typical CRED applications are great. Spanner's really interesting. It's new for us. It's still early. Spanner hasn't gone into general availability quite yet, but it's an interesting thing to keep an eye on, especially as people are building kind of global-facing applications, where their customers could be just about anywhere, and having a mechanism that has a globally distributed SQL infrastructure is really powerful. So, it's something to keep your eye on as you kind of make more progress with GCP. And the last one is warehouse data. Data warehouse, BigQuery, that's the right place to put that. So, this is where it gets interesting. You found the tools, you found the sources, and you found the workloads. How do you continue on this path of enabling self-service and discovery? So, you've taken all the data sets. We've taken inventory of all of them. They're all located in the right places, but there might be a lot of it. So how do we enable people to actually find the things they're looking for over time? And this is where metadata is really important, because I think if you guys can kind of guess where I'm going, ultimately, what we're going to do is we're going to try to build a catalog, and that catalog is what's going to drive everyone's usage downstream, and everyone's ability to work on their own. So, in order to build the catalog, though, you've got to agree on metadata. And actually, as it turns out, fortuitously, or fortunately I should say, the Google research team actually just published an interesting blog post about facilitating discovery of public data sets. And in it they cover things like ownership, provenance, the type of data that's located-- that's contained within the data set. They relationships between various data sets, can you get consistent representations, can you standardize some of the descriptive tools that we use to do it. It's basically just JSON. There's nothing fancy about this, but it forces everyone to come up and say, I have a consistent representation of every single data set. So, you start to imagine, if you have 100 data sets strewn across the company, you're only saying to everybody, if you are an owner of a data set, just publish this small little JSON file, and hand it over to us, and now we can start cataloging this data. That's really powerful. What's even better is, if you've got that JSON data, we already had a place to put it. So, you have two options here. You can either push that JSON data into Cloud Datastore or into BigQuery. And I'll kind of cover the difference here. Cloud Datastores are a great place for this data, for a variety of reasons. Again, JSON's really well represented. You can query about any possible field there. But the downside is, that Datastore doesn't really have kind of a good user-facing UI. It's very much application-centric. So, if you want to go ahead and build a little CRED API on top of this thing, Datastore can be a good fit. The other option is, frankly BigQuery. You know, same idea around Datastore and storing JSON, in fact, this is an example of-- this screenshot as an example of what this JSON looks like in BigQuery, because it does support nested columns. BigQuery is great because, you've got a UI attached to it. There's a console right there, so you can actually run SQL queries on it. SQL's relatively universal across a lot of folks. They understand it really easily. So, this might make a little bit more sense. To be totally fair and totally honest with you guys, when I typically recommend this approach, I often will push people to BigQuery, as a place to build this data catalog around, because it just makes sense, and it plugs into a lot of downstream tools. Datastore can make sense, but it's very, very particularly dependent on how the team wants to work. For trying to find kind of a good generic solution to start with, BigQuery's a great fit. So, once you've done that, you've pushed-- we've inventoried, we've cataloged, we've got metadata, and we've got everything living inside of BigQuery now. So, how does this change the workflow? I'm only going to pick on one, because they're all going to start looking a little bit similar, if I keep eating through it. But, let's talk about the data science workflow. So, for Alice, now instead of having to go talk to Bob, or go talk to Ned, or go talk to Jan, or talk to anybody else in the company about what data is out there that she can use, the first thing she can do is start to query the catalog. So, she can just drop into the BigQuery UI, and run a simple SQL query, and explore the data sets that she has access to. The next thing she can do, because part of what's in there, one of the pieces of metadata, is what is the URL, or what is the download location for this, she can go ahead and pull that data into her environment. Again, whether she's running a Cloud Datalab notebook, or a Jupyter notebook, she can pull that data into her environment. And then, she can start to prototype a TensorFlow model, for example. She could start building a little bit of a TensorFlow model and running some early analysis of measuring how well her recommendation engine might be working. Once she does that, she might have created some new datasets. She might have actually taken something and said, now I actually have training data and test data to work against. So, now that she's created two new datasets, the next thing she's going to do is upload those to the catalog. Write the metadata, push that in, so now other people that might want to build this stuff later on, have access to the same training and testing that she used. So, we're starting to create this kind of lifecycle around. Making sure that if you create something new, make sure it gets shared with everybody as quickly as possible. And then, she's going to continue on her work like she normally does. She'll train her machine-learning models. She might push that TensorFlow model to, like, the cloud ML service. And then, because the cloud ML service that she created is actually a data kind of a resource, she can actually create a catalog entry for that service. So, now if someone says, I want to find a recommendation service within the catalog, as long as she's tagged and labeled everything appropriately, they could find the URL for that service immediately. And this is a bit of a simplification, or oversimplification, of the amount of work it takes to do all this. But, if you start to extrapolate these steps out, she's been able to work at her own pace without having to worry about trying to find who owns what, who has access to what she has access to, because we've built this data catalog. We've built this approach to metadata. Over time, we're kind of getting to this point where we can start building again toward self-service. So, just like we have a SQL-- a great SQL interface for querying that data catalog, you might want to continue down the self-service path and say, can we make these things even more discoverable? Can we put like a CRED API on top of this? So, one option is to take a small application or small CRED API that sits in front of this BigQuery metadata catalog and deploy that in, like, Compute Engine, or App Engine, or Container Engine, and front it with, like, cloud endpoints. The reason you might go down this road is particularly around good API management, and building-- again, consistent and clear access. Because the best way you can enable sort of self-service is, obviously, giving everybody access to it, but also giving everybody access to in a way that is most beneficial to them. So, if you've got a lot of folks who are very API-driven, or want to build new applications all the time, having an API endpoint that they can hit to learn more about the data catalog is very, very beneficial. And over time, you can actually start to extrapolate this step even further, and start fronting all of the data sources you've got. So, not only do you have a CRED API in front of the catalog, but you might actually have one in front of every single dataset. So now, again, you're enabling this further, you know, deeper level of access to data. And this might be a little bit overkill for the team of four people, but imagine if that was a team of 400 or 500 people. As you think about this kind of approach permeating the entire organization, everyone wants to have access, and you've got to start building these things for scale over time. So, picking the right tools up front lets you adopt that, and again, lets new teams pick this approach up, as well. Before we finish this, I do want to talk a little bit about security, early security and identity, in kind of a broad sense. We've got a great set of identity and access management tools called Cloud IAM. There's a ton of sessions about it throughout the next couple of days, so I urge you guys, if you're interested to go dig into it. What I really want to cover here though, is this idea that there's policy inheritance that goes from the top all the way to the bottom. That means, at any level, if you set a policy on data access or control, it does filter all the way down. So, if you've got an organization or a single project that's kind of the host project in your project account with GCP, and you've got individual projects for maybe dev staging, Q&A, that sort of thing, or production, and then you have individual resources underneath those projects, you can actually control who has access to what, as long as you've set your organization up correctly. I'm not going to go too deep here, but, basically, the idea is to walk away with is, we have the ability to control who can see what, and who can pull things down, and that's really what you want to control. And, for example, if you dig into BigQuery a little bit, you've got a handful of roles and different responsibilities, or different access controls that they've got based on that stuff. So, as you look at what kind of what-- if you look at and think about what it's going to take to build for the future, I put the site up again, because it's really important, if you do nothing else, if you build nothing else, you have to get agreement. That's the most important thing. If you can't adopt this idea that we have to have consistency around data sources, data workloads, and then the tools we're going to use to work with that data, this is going to be a long road. As much as I talk about the products and the blue hexagons and stuff, a lot of this is a cultural shift in an organization. It's kind of a lifestyle change. You have to get everybody on the same page. And part of doing that is saying, can we add consistency? Or can we make this a consistent view of the world that we can all agree upon? And this might be a small subset of what you end up with. It could be a much, much larger picture with a lot more pieces to it, but it's important that everybody agrees, again, what the data is going to look like coming in, what it's going to get use for on the way out, and where it's going to live while it's sitting in your infrastructure. As you think about-- as you kind of get through that consistency piece-- and, you know, that's a tough road, but once you get through that, then the next step is really getting around to some building the catalog. Can you catalog all the data sets? Do you know exactly what lives throughout the organization? Can you get everyone to kind of pony up and say, all you have to do is write this little snippet of JSON, and we'll be able to leave you alone for the next few days. If you can build the catalog, that's a great first step. Then the next thing you want to do, is make sure your teams have access to the tools they need to do this work. And this is not just the tools that are in GCP, but it's also, like, the API access, or the SQL access to the datasets. Can they get those things? Have you set up identity and understanding security correctly, so that everybody has access? Because what you want people to be able to do is work on their own, without having to go bother anyone else. If they can do everything they need to do without interacting with somebody else, then when they do interact, and they go have lunch together, it's a lot friendlier conversation, as opposed to arguing about who has access to data. [MUSIC PLAYING]
B1 中級 米 連携型ビッグデータプラットフォームの構築方法(Google Cloud Next '17 (How to architect a collaborative big data platform (Google Cloud Next '17)) 309 24 Johnson に公開 2021 年 01 月 14 日 シェア シェア 保存 報告 動画の中の単語