Migration challenges from Redis to Memorystore - google-cloud-platform

I have learned that Memorystore has full support for Redis protocols but there are some limitations. Please help me address the following challenges.
Unlike Redis Memorystore doesn't seem to support Master-Slave provisioning to incorporate Read Write/Read Only specific requests. Is there any workaround?
Existing Redis setup has password protected authentication mechanism in place? How do we enable Auth config for Memorystore?
Existing application level client codes are written in C++. Is there any workaround to leverage the existing codes to connect Memorystore?
Thanks in advance.

I will try to address your questions individually, for better formatting and in case you have further doubts on them.
As you mentioned and confirmed by a Google Agent here, Memorystore doesn't support Master-Slave provision. For now, it doesn't have a workaround for it as well. I believe opening a Feature Request with Google or answering the above Google Group question might be a good option, to receive an official return from Google.
For you to configure authentication in your Memorystore, you need to create a service account and set an environment variable. The steps to achieve that are the following:
In the Cloud Console, go to the Create service account key page.
Go to the Create Service Account Key page
From the Service account list, select New service account.
In the Service account name field, enter a name.
From the Role list, select Project > Owner.
Click Create. A JSON file that contains your key downloads to your computer.
Set the environment variable using the following command - next is an example: export GOOGLE_APPLICATION_CREDENTIALS="/home/user/Downloads/[FILE_NAME].json".
There isn't official support to C++, however, you can use Client Libraries to connect to the API of the language you want. It might be worth it to give it a try with connecting to C++. I found this repository provided by Google, related to C++, that can be used to connect. This seems to be the only available option.
I hope these answers will help you, clarifying your doubts about the product.
Let me know if the information helped you!

Related

Google Cloud Run service url (discovery)

I am running several gcloud services which have assigned urls automatically in following format:
https://SERVICE_NAME-XXXXXXX-ew.a.run.app/
This is not particularly easy to work with and to pass these URLs to clients. Alternative is to use the custom domain, but this needs hardcoding subdomains within DNS records (as far as I understand) and I would like to avoid that and use the default URLs.
What is the best practice to work with these URLs? I can imagine keeping some mapping of service->URL and passing it to clients, but I would like to avoid reinventing the wheels.
Edit: I've released an external tool called runsd that lets you do this. Check it out: https://github.com/ahmetb/runsd
Thanks for this question! The "Service discovery by name" for Cloud Run is very much an active area of work. Though, there are no active timelines we can share yet.
You can see a prototype of me running this on Cloud Run here: https://twitter.com/ahmetb/status/1233147619834118144
APIs like Google Cloud Service Directory linked are geared more towards custom/DIY service discovery you might want to build to your RPC stack such as gRPC. It's more of a managed domain name directory, that you can integrate with your RPC.
If you are interested in participating an alpha for this feature in the future, drop me an email at ahmetb at google.
You can use a beta service Service Directory.
At service deployment
Create your service with a name and the URL as metadata
In your code
Request the service metadata with its name, and get the URL
Use the url
You can't use the endpoint feature of the service because your don't have IP/Port.
However, for now, there is client library and you have to use API directly.

Unable to create the first GCP project via API

I'm trying to create a Dialogflow Agent via API, It require a GCP project that also have to be created via API.
Actually both works well when the end user has already been once in the GCP console and accept the new terms and services.
The problem is that I would like to create the agent without the end user to have to perform any action on Google Cloud Platform.
Before it was possible, but it seems Google added a new terms of services for APIs on the GCP console that pop up the first time the user log in.
My question is, do you think there's any possibility to accepte those terms of services via Oauth or any other possibility?
Seems like Dialogflow still does it well.. so it should be possible :p
TY.
As stated by #John Hanley the user must login to accept the TOS so that the user-entity is bound to the Terms. Here you may find all the information regarding Google APIs Terms of Service.

what are the security best practices with twilio and firebase?

I was looking for a tutorial or stackoverflow thread but I couldn't find a best practice how I can do it.
I have an ios swift app and I want to send sms if a user create an add a record in Firebase, like sending an invitation to someone or doing something which could affect other user.
According to some post on the internet and on your blog I need a server side script which makes it safe and I don't have to store those information in my swift code. Like here: https://www.twilio.com/blog/2016/11/how-to-send-an-sms-from-ios-in-swift.html
Currently I don't have a server. Only thing that I have is a Firebase account.
What is a best practice regarding security? For instance shall I create a webserver on AWS or just a AWS S3 bucket would be enough and shall I store those credentials or php codes there?
I'm quite new in the these things and unfortunately I don't know whom shall I ask.
Can somebody help me?

One account for some services

I cannot found some examples how to create a single account system for all services. For example, Google and Microsoft are use these structure. I have site and some services and I need to user registers at once and can use all service and site. But I never made this earlier and don't know even how to build so services.
Now I think make an auth service with OAuth 2 support. And my services connect to this service and authenticate in it. After the connected service gets a user ID and creates a local account with more details (which needed only for this service) and global user ID. But maybe someone know another solution. Just I don't sure that is the best solution.
P.S. I don't ask for examples of code or something else. I just need to understand the principle of operation of such related services as they interact.

Django + Google SSO openid

I would like to have my application http://app.acquee.com/designer to accept a google account as a login. I found a bunch of libs for django but most work on top of existing Django authentication system that I do not use. I have my own set of user tables where I keep user info and privileges.
Any suggestion on how to integrate that with the Google Openid?
Seems I will have to do it manually using python-openid. Or could I use django-openid?
However, with the latter, I don't even know how to issue the discover command.
Regardless, I get stuck on google's step 5, sending a login authentication request (optionally with OAuth parameters) to the provided endpoint address. Can someone provide a sample request? is it a GET/POST? content?
Cheers
You can try https://launchpad.net/django-openid-auth - I'm using it in a commercial project, for both regular Google Accounts and Google Apps accounts. I remember that it was the most convincing one at the time I was doing a review, although I can't give you any details now due to my short memory. Anyway - it's working great.