GRR with GCS Blobstore and Cloud Pub/Sub Service
GRR with GCS Blobstore and Cloud Pub/Sub Service Authored by Dan Aschwanden and Mikhail Bushkov, copied with permission. Introduction In this article we provide a macro-level outline of how GRR Rapid Response (or GRR) can make use of Google Cloud Storage (GCS) Buckets for its blobstore as well as using Cloud Pub/Sub to communicate with Fleetspeak . Leveraging GCS Buckets and Cloud Pub/Sub could be beneficial if you are looking for means to improve the runtime performance of a large-scale GRR deployment (i.e. with tens of thousands of clients). Both the GCS blobstore and Cloud Pub/Sub significantly reduce the utilization of the main GRR datastore and the amount of message processing. Figure 1 - GRR architecture with GCS Blobstore and Cloud Pub/Sub We will also cover the topic of Google Kubernetes Engine (GKE) Workload Identity Federation which provides Kubernetes workloads with access to Google Cloud resources by using Identity and Access Management (IAM) federated identities ins