Save time by applying audience lists at the campaign level

Reaching your most valuable and engaged customers at the moment they’re ready to act is critical in moving them along the path to a purchase. Remarketing lists for search ads (RLSA) and Customer Match can help you do that by customizing your campaigns for people who’ve previously interacted with your business. However, getting started can be time-consuming, especially if you have a lot of ad groups. To make it easier for you to manage your audience lists at scale, you can now apply them at the campaign level. 

Campaign-level audience lists also make it easy to measure and change your bid adjustments. Instead of trying to change your bid adjustments for each individual ad group, you can confidently optimize at the campaign level where you’re more likely to have enough data to make an informed decision. Learn more audience bid adjustment best practices here.

Many advertisers are already using campaign-level search audiences to save time and make better optimizations:

“Campaign-level audiences have proven to be a great way to apply our remarketing lists at scale. Our campaigns often contain so many ad groups - using RLSA in the past required hours spent applying audiences to each one and analyzing the results by ad group. By applying them at the campaign level, we can be confident that no ad group is overlooked, while saving us time that can be better spent on helping our customers find their new home.”
– Debra Carroll, Senior SEM Manager at Redfin 
“Being able to apply all of our audiences at the campaign level has drastically simplified the process of adding lists to multiple campaigns, as most of our campaigns have hundreds of ad groups. This allowed us to apply our bid adjustments in bulk, which has resulted in smarter spending and increased ROAS from our search campaigns.”
– Nathan Eagan, PPC Specialist at Webstaurant

With campaign-level search audiences, you now have more flexibility than ever in how to engage with your customers. Learn more about using campaign-level audiences in the Help Center, and read our best practices guide to learn how you can reach the right audience with a message that resonates.

Source: Inside AdWords


CSEdWeek 2016: Proud to be part of the CS community

Editor’s Note: Every year during Computer Science Education Week, partners and educators come together to encourage millions of students to try computer science (CS). This year, Google is focusing on improving perceptions of CS while making it more accessible for underrepresented students. Follow along here throughout this week (Dec 5 - 11) to find out what we've learned from the latest research about CS education, what we're doing for CSEdWeek and how each of us can help champion #CSForAll.

It takes countless hours and dedication to fill the CS gap in today's schools. Thanks to a lot of hard work by organizations and educators, the CS education landscape in the U.S. is changing for the better — 40 percent of K-12 principals say they’re offering CS classes this year with programming and coding, up from 25 percent last year.

We’re grateful to have collaborative partnerships with many organizations, educators and others working to make computer science accessible to students every day. As this year’s CSEdWeek comes to a close, we'd like to acknowledge some of our partners dedicated to making #CSforall a reality. To all of the nonprofits, institutions, and the students themselves, committed to CS education: We’re proud to be a part of your community.

Supporting nonprofits working to close the CS education gap

We partner with many nonprofits to bring CS education opportunities to every student.  Here are some recent projects:

CS OPEN: helping underrepresented minorities and girls pursue STEM

Last year, National Girls Collaborative Project (NGCP) announced a new initiative at the White House: the Computer Science Outreach Program Evaluation Network (CS OPEN). This program provides community-building opportunities and grants so that nonprofits can evaluate their work in order to improve it. With support from Google, CS OPEN currently funds 12 organizations helping underrepresented minorities and girls pursue their STEM interests, including the STEM Academy at Oregon State University. The Academy engages K-12 youth in programs designed to increase college attendance and participation in the STEM fields. Through a recent CS OPEN grant, the Academy was able to move from a 1-page survey evaluation to full interviews and observations in order to understand how their programs were truly engaging youth.

“With the support for full evaluation of our initiatives, we were able to make real, actionable changes to our program that will actually make more impact for the students we serve.”  - Cathy Smith, Director, STEM Academy @ OSU

Next year, we'll be helping provide an additional $50K in seed funding in 2017 to help even more nonprofits evaluate and learn from their inspiring work.

MentorNet: empowering college students to pursue CS careers

Sometimes, students just need a little advice from someone who's done it before. MentorNet has made it possible for professionals to use their skills to offer career insights, project assistance, and guidance to university students pursuing a career in STEM. MentorNet partners with igniteCS, an initiative at Google, that provides funding and resources for groups of college and university students to make a difference in their local communities through CS mentorship. The 2017 funding round opens in January, so If you’re a current university student, learn more on our website.

I can say without a doubt, that having a MentorNet mentor while in college is one of the most eye-opening and impactful things for a student. Aza T Student, Boise State University

If you’re a student studying STEM, check out free opportunities for mentors through MentorNet.

Meet the new generation of computer scientists

Making CS accessible for all takes more than programs and partnerships. Research shows that students and parents see fewer portrayals of women, Hispanic or Black computer scientists in today's media. That makes us especially inspired by the many students who are helping redefine what it means to be a computer scientist. These role models are using CS to solve real-world problems and make a difference. Here are a few of their stories:

Lilia, 18: code can connect passionate people to volunteer opportunities

Lilia.jpg

"OOL is a bridge between passionate people who want to change the world and projects that need that passion”

 -Lilia

Lilia, an 18-year-old student from Mexico, recently won an award in the 2016 Technovation World Pitch competition, for her app, OOL. The first app of its kind in Mexico, OOL creates a bridge between nonprofit organizations and the people of Mexico, by connecting them to each other. Volunteer opportunities are presented to the user through a dynamic interface and, with a single click, the volunteer match is complete.

Made with Code is joining forces with Iridescent to launch the 2017 Technovation Challenge, and we're excited to see Lilia inspire next year's participants to create their own apps to tackle real-life issues. 

Anika, 14: code can help diagnose Alzheimer's and predict breast cancer

andrewweeksphotography2016GSF_000227 (1).jpg
Computer science doesn’t just mean coding in your basement” - Anika

Anika, a high school sophomore in Cupertino, CA volunteered in a senior care facility last year, which led her to learn more about Alzheimer's disease. She was shocked to learn that with no standard test for diagnosis, most doctors rely on their own opinions. By extracting image features from MRI scans, Anika built an interface for doctors to upload an image, enter some basic patient information, and get a reliable Alzheimer's diagnosis.


Anika’s innovative app won her a Global Finalist seat at the 2015 Google Science Fair and again in 2016, when she used code to predict the likelihood of a patient developing breast cancer by analyzing images from previous mammograms. We can’t wait to see what Anika does next.

We’re humbled to be a part of the community of organizations that are making CS education accessible to all students. As CSEdWeek comes to a close, we’re humbled to be a part of the community of organizations that are making CS education accessible to all students.


Update on Android and Google Play’s progress in enterprise

Two years ago, we launched Android for Work to help connect organizations and enable their employees to work smarter and more efficiently. As a program, Android for Work introduced a common set of APIs built directly into Android and Play, providing a consistent way of managing any Android device.

Android has extended enterprise support significantly since Lollipop, with security as a top priority. Android helps protect enterprise data and user privacy at a platform level by storing work and personal data separately on personal devices. Most recently, with Nougat, we added support for file-based encryption, always-on VPN, and a separate password for work apps. These and other management capabilities expand on the multiple layers of protection that come built-in with Android.

With the expansion of capabilities in Android, we've also seen partners unlock new use cases for customers. As an open platform that can fit any form factor, Android now powers a growing range of purpose-built devices from leading manufacturers such as Zebra and Honeywell that can help companies and their employees work in new ways.

Android: Powering the world's work devices

Android: Powering the world's work devices

Thanks to these investments and the work of our partners, Android has become the most popular operating system on enterprise smartphones shipped globally. Android devices account for 62 percent of worldwide enterprise smartphone shipments, according to IDC*.

Worldwide share of enterprise device shipments 2Q2016
Worldwide enterprise smartphone shipments by platform

To match the progress of enterprise support in Android, going forward we’ll refer to enterprise capabilities simply as part of Android and Google Play. With platform-level support shipping with every GMS compatible device, Android for Work and Play for Work have become a core part of Android and Google Play. We think this change better reflects the built-in nature of enterprise features of Android and our commitment to enterprise mobility.

We've only begun to see how mobile technology can benefit businesses, and as a platform, we rely on the innovation that comes from our ecosystem partners. To further that collaboration, our London office will be hosting an Android Enterprise Partner Summit in January for our Android partners -- to apply for a spot to attend and learn more, go here.

Customers interested in how Android can improve their business can learn more or get started and try it here.

Source: *IDC Worldwide Mobile Phone Tracker 2016 H1.

How augmented reality helps you buy furniture and capture Pokémon

Posted by Jamil Moledina, Games Strategic Lead, Google Play

Online furniture seller Wayfair and Niantic's Pokémon GO have more in common than you might think. Both of these companies use augmented reality to create innovative, immersive experiences for their users. I sat down with Mike Festa, Director of Wayfair Next, and Tatsuo Nomura, Product Manager for Pokémon GO, at our recent Playtime event to discuss how developers can make the most of AR as a platform.

From 3D furniture modelling in WayfairView using Tango, to logging countless miles catching Pokémon, hear how these developers are innovating with AR, and get their advice for others looking to use AR in their apps and games.

Check out more sessions from our global Playtime events to learn best practices for your app and game businesses. Also, stay up to date with more videos from events, product news, and tips to help grow your business on Google Play with the Playbook for Developers app.

How useful did you find this blogpost?



Start building Actions on Google

Posted by Jason Douglas, PM Director for Actions on Google

The Google Assistant brings together all of the technology and smarts we've been building for years, from the Knowledge Graph to Natural Language Processing. To be a truly successful Assistant, it should be able to connect users across the apps and services in their lives. This makes enabling an ecosystem where developers can bring diverse and unique services to users through the Google Assistant really important.

In October, we previewedActions on Google, the developer platform for the Google Assistant. Actions on Google further enhances the Assistant user experience by enabling you to bring your services to the Assistant. Starting today, you can build Conversation Actions for Google Home and request to become an early access partner for upcoming platform features.

Conversation Actions for Google Home

Conversation Actions let you engage your users to deliver information, services, and assistance. And the best part? It really is a conversation -- users won't need to enable a skill or install an app, they can just ask to talk to your action. For now, we've provided two developer samples of what's possible, just say "Ok Google, talk to Number Genie " or try "Ok Google, talk to Eliza' for the classic 1960s AI exercise.

You can get started today by visiting the Actions on Google website for developers. To help create a smooth, straightforward development experience, we worked with a number of development partners, including conversational interaction development tools API.AI and Gupshup, analytics tools DashBot and VoiceLabs and consulting companies such as Assist, Notify.IO, Witlingo and Spoken Layer. We also created a collection of samples and voice user interface (VUI) resources or you can check out the integrations from our early access partners as they roll out over the coming weeks.

Introduction to Conversation Actions by Wayne Piekarski

Coming soon: Actions for Pixel and Allo + Support for Purchases and Bookings

Today is just the start, and we're excited to see what you build for the Google Assistant. We'll continue to add more platform capabilities over time, including the ability to make your integrations available across the various Assistant surfaces like Pixel phones and Google Allo. We'll also enable support for purchases and bookings as well as deeper Assistant integrations across verticals. Developers who are interested in creating actions using these upcoming features should register for our early access partner program and help shape the future of the platform.

Build, explore and let us know what you think about Actions on Google! And to say in the loop, be sure to sign up for our newsletter, join our Google+ community, and use the “actions-on-google” tag on StackOverflow.

Android Wear: The Magic Minute Project

What’s possible in a minute? You can fall in love. Launch a rocket ship. Set a rap world record.

Today, Android Wear is teaming up with with makers, doers, and dreamers to launch The Magic Minute Project. It’s a collection of one-minute films celebrating what time means to all of us—told one #MagicMinute at a time.

A music and video producer, Andrew Huang has a penchant for working within absurd, self-imposed limitations. Using his Android Wear watch to time his performance, Andrew attempts to rap 300 words in one #MagicMinute.


Bruna Kajiya is a Brazilian kiteboarder and World Champion and the first woman to land a double handle pass in kiteboarding. The final minute of a competition is always the most intense: The riders perform their "all or nothing" tricks and everything is on the line.

Time trials have become popular in Parkour. Setting a route across an urban landscape, leaping between rooftops—it's seen as the highest test of practice. Kie Willis, one of the most well known freerunners in the world, attempts a one-minute Parkour while keeping his heart rate low.

Putting together the perfect look takes time, but a versatile accessory can help. Zanita Whittington—model, photographer, and creative director—completes her look by personalizing her Android Wear watch face.

Mike Relm is a world renowned turntablist and director, known for sampling music in surprisingly innovative ways to create new sounds. He has sampled and scratched many sounds in his life, but this is the first time using his wife’s voice!

Just as traditional watches help tell the time, Android Wear watches help make the most of our time. Whatever makes a minute magical to you, why not share it with the world too? It can be anything you imagine: paint, play, code, cook, rap or render.

Submit your own #MagicMinute for a chance to be featured in The Magic Minute Project film. Follow @AndroidWear on Twitter or visit g.co/magicminute to explore the best #MagicMinute videos.

5 ways Android tackles issues that matter to businesses

Keeping the more than 1.4 billion Android devices in use safe, secure, and stable isn’t something we take lightly. That’s why multiple layers of security including application sandboxing -- which keeps data and code from one app separate from other apps -- and data encryption are built into Android. In addition to our rigorous security features, we’re doing even more including performance and IT management, to improve the experience for businesses considering Android to mobilize their workforce.

Building upon the multiple security layers of Android

Android devices come with multiple layers of security features right out of the box that protect a device from the second you turn it on. With Android Nougat, the latest version of the operating system, we’re strengthening the core of security with new features such as Direct Boot (file-based encryption) and a strict Verify Boot process to protect against compromised devices. Verify Boot checks the integrity of the software for persistent rootkits and other nefarious security breaches.

And in Android 7.0 Nougat, we’ve strengthened this feature with Strictly Enforced Verified Boot. Any indication of software corruption means the device won’t boot up or will boot into a very limited usage mode to protect user data.

Android Verify Boot warning

A great mobile experience in the workplace would not be complete without apps. In Android, we allow businesses to keep the apps specific to work in a separate sandbox on the device so that they can’t affect other apps, system data or even hardware without permission. We’ve also improved the permissions processes so users have more control over and are better informed about what access they’re granting to an application.

To show our commitment to secure Android devices, we offer a range of rewards up to $200,000 through our Project Zero Prize contest and Android Security Rewards Program to those who can demonstrate security vulnerabilities in the Android system. These initiatives enlist the help of third-party security groups and individuals to help us find and address any security challenges as quickly as possible.

Keeping apps secure in Google Play

Reducing the amount of malware that is installed is a key focus of our commitment to Android so that business devices, and the data they have access to, are safe and secure. Helping to ensure users get their apps from Google Play is a key security strategy.

Android apps in Google Play are signed by their developer, so users know they’re getting software from the developer they know and trust, and it can’t be changed by an unknown third-party.

In 2012, we introduced Verify Apps, a tool that scans apps for malware before they even get into the Google Play store. As a second layer of defense, it also continues to scan apps already in Google Play and installed on your Android device, notifying you of a potential malware threat or even removing the app, with your permission.

How much does this help? In our Android Security Year in Review 2015, we found that fewer than 0.5 percent of all Android devices installed a potentially harmful app (PHA). And a large percentage of those came from apps installed from outside the safety of the Google Play store: Only 0.15 percent of Android devices installed a PHA from Google Play. Additionally, our Verify Apps services scanned 400 million devices daily last year, helping to bolster security on a daily basis for many Android users using Google Play.

IT administrators can take advantage of Google Play’s security benefits both for public and internal applications by disallowing app installation from "unknown sources" to ensure every installed app has been scanned by Google Play for malware. Our research from the Android Security Year in Review 2015 report shows devices that allow apps from outside of Google Play are around 10 times more likely to have PHAs than those that only install from Google Play.

Offering monthly security updates to devices and our hardware partners

A year ago, we began providing monthly security updates directly to our Nexus devices and the Android Open Source Project (AOSP). Several of our hardware partners agreed to provide them as well. Device makers such as Samsung, LG, Sony and others offer these security updates on a recurring basis, and we expect additional partners to follow suit.

Android security patch level

We’ve also made it easy for you to see what security patch level your device has at any time with a simple date indicator. Look for the Android security patch date in the About Phone section of Settings in Android. IT administrators can remotely see the patch level on managed devices.

Additionally, we aim to update Google Play Services roughly every six weeks across the majority of Android devices in use. This allows Google to regularly delivery new security features to these devices. Verify Apps and Safety Net are two of the Google Play Services features that are updated frequently with enhanced protections. The API addition of Smart Lock for Passwords is another recent example.

Along with Google Play Services and the monthly security updates we provide to the Android ecosystem, additional layers of security are offered through ongoing services and the Safe Browsing feature in Android.

If you’re considering Android for your business, we have a recommended list of both affordable and premium devices that might best fit your needs based on price, capability and security.

Providing centralized device management controls for IT admins

Along with our monthly security updates and services that help keep devices safe, Android provides out of the box security and management features that are simple to use in businesses of any size. And those features apply to both corporate owned as well as employee’s personal devices for BYOD (bring your own device) scenarios.

As an admin you can manage either type of Android device through a powerful web-based console and improved, fast deployment methods that now include QR code scanning.

In the case of corporate owned devices, IT administrators can use the device owner (DO) management mode to enforce policies that restrict or protect work data, require stronger passwords or PINs, enforce device encryption (expanded to file-level encryption in Android 7) and more.

Improving platform stability for apps

As the Android platform has matured and improved, it has continued to become more stable, particularly when it comes to apps.

Application stability on Android and iOS

Data from the most recent quarterly study by Blancco Technology Group illustrates this as apps crashed on 50 percent of the iOS devices it tested between April and June in 2016. In the same time period, Android apps crashed 23 percent, or less than half the rate of iOS. Blancco Technology Group notes that this is the first time Android had proven more stable for apps since the company began reporting on such data.

Blancco’s information comes from diagnostic data of the millions of handsets in North America, Europe and Asia via its SmartChk platform used for device repairs and business intelligence.

The choice is yours

Android provides the opportunity for businesses and employees to choose the right device for their needs from dozens of hardware partners. You can manage those devices and protect your company’s information by using a platform built with security in mind and our recommended best practices. To learn more about incorporating Android in your business, or see how Android has already transformed businesses, check our work site for more information.

More phones, new colors and the latest apps on Daydream

Designed with choice in mind, Daydream brings you high quality, mobile VR with any Daydream-ready phone. Last month, the Moto Z and Moto Z Force joined the Daydream-ready family, giving you more phones to choose from. And starting today, the limited edition Crimson and Snow Daydream View are available online in the U.S., U.K. and Australia so you can pick the color that matches your style:

CrimsonSnowHeadsets

In addition to more phones and new colors, you can now experience some of the most highly anticipated titles coming to Daydream:

Travel, play and immerse yourself in VR with Daydream

LEGO BrickHeadz Builder VR: Design your own LEGO BrickHeadz characters and bring them to life. Unlock new characters and items with special combinations, and enjoy free play with virtual LEGO bricks.

LEGO

HBO NOW and HBO GO: Enjoy every episode of every season of original series such as Game of Thrones® and Westworld, plus iconic favorites such as The Sopranos® and The Wire® on a virtual big screen with your HBO subscription.

HBO

Gunjack 2: End of Shift: Immerse yourself in an epic sci-fi space shooter set in a cinematic VR world. As a turret operator charged with destroying waves of attackers, you stand united with your crew mates in the defense of the rig.

Gunjack 2: End of Shift trailer

NextVR: Be courtside, behind the goal or center stage. From NBA and NFL games and the US Open, to the Daytona 500 and Live Nation concerts, experience your favorite events live or revisit them through highlights.

NextVR

Layers of Fear: Solitude: Delve deep into the mind of an insane painter by exploring his Victorian-era mansion where visions, fears, and horror awaits.

Layers of Fear Trailer

Wands: Take on the role as a mysterious Wielder in an alternate 1880's London. Equip your wand with a wide variety of spells and battle other Wielders for fame, power and glory.

Wands trailer

Underworld Overlord: Be the bad guy and defend your dungeon realm from an onslaught of so-called “heroes” who attempt to rob your treasures and slay your precious monsters. Direct your monsters into the fray, place deadly traps and defenses, and cast spells that help or hinder.

Underworld Overlord Trailer

And in time for the holidays, you’ll be able to experience two popular titles coming to Daydream later this month:

Netflix: Experience thousands of TV episodes and movies—including award-winning Netflix original series, movies, and documentaries—anytime, anywhere with your Netflix subscription.

Netflix

Need for Speed™ No Limits VR: The first Need for Speed title in virtual reality, feel the ultimate thrill as you strap into the driver’s seat and launch yourself into an unparalleled, visceral ride. Choose your car, choose your track, and enter a new realm of white-knuckle racing reality.

NeedforSpeed

Whether you’re looking to kick back in your personal VR cinema, or experience what it’s like to be a professional racecar driver, space shooter, master builder or magic wielder, now you can with Daydream.

Expanding Chromebooks for all learners

Editor’s Note: On December 3rd at our global online conference, Education on Air, we announced exciting new features that expand the use of our tools. In case you missed it, check out the recording of the Education On Air Product Keynote.

Over the past few years, we’ve seen students from all grades, backgrounds and continents achieve and create with G Suite for Education and Chromebooks. We now have Chromebooks with versatility for all learners including devices with flip and touch capabilities, super light 10” screens, and ruggedized protection for those accidental drops and spills.

As more students use Chromebooks, we’ve heard feedback from teachers that a challenge remained: even the mere act of logging in can waste too much precious learning time. So today we’re excited to announce that we’ve expanded Chromebook integrations to allow alternatives for logging in that are simple and fast.

The first integration we're announcing is with Clever Badges, which lets students log in to their Chromebooks – and all their learning software – by simply holding up a badge to a Chromebook camera. In the past two months, over 100 districts have already started using Clever Badges to log into their Chromebooks. Mrs. Kiefer, a Technology Integration Specialist with Ross Local Schools, reports, “I can't tell you enough how awesome it is to watch my learners logging in to Chromebooks with their little piece of ‘magic’...and the teacher’s face of absolute relief as to how easy it is.”

Badges are giving countless instructional minutes back to teachers, but they’re doing something more: they’re empowering students to take ownership of their own learning.

A second integration is by Netherlands-based Cloudwise with the COOL Picture Login. Students choose a series of pictures to make up their own personal password -- watch how it works. “The login enables all students to easily and safely log in to their Chromebooks. Teachers can focus on teaching,” says Rijk van Ommeren, Director of the Margrietschool in Woerden.

image02.png

COOL Picture login is just one way in which Cloudwise is making teachers’ lives easier, and it was developed in close collaboration with teachers and IT administrators. Once logged in to their Chromebook via COOL Picture Login, students see their own personalized portal page.This page includes links to the G Suite tools that their administrator has enabled for them and also to other educational platforms that are integrated via single sign on.


With new form factors, lightweight touch devices, and now easy logins, Chromebooks have expanded digital learning to all students so they can harness technology to tap into the world of information and develop critical skills to become our future scientists, novelists, leaders and explorers.

Red Hat’s OpenShift Dedicated now generally available on Google Cloud



Today Red Hat is releasing the general availability of their OpenShift Dedicated service running on Google Cloud Platform (GCP). This combination helps speed the adoption of Kubernetes, containers and cloud-native application patterns.

We often hear from customers that they need open source tools that enable their applications across both their own data centers and multiple cloud providers. Our collaboration with Red Hat around Kubernetes and OpenShift, is a great example of how we're committed to working with partners on open hybrid solutions.

OpenShift Dedicated on GCP offers a new option to enterprise IT organizations that want to use Red Hat container technology to deploy, manage and support their OpenShift instances. With OpenShift Dedicated, developers maintain control over the build and isolation process for their applications. Red Hat acts as the service provider, managing OpenShift Dedicated and offering support, helping customers focus more heavily on application development and business velocity. We'll also be working with Red Hat to make it easy for customers to augment their OpenShift applications with GCP’s broad and growing portfolio of services.

OpenShift and Kubernetes

As the second largest contributor to the project, Red Hat is a key collaborator helping to evolve and mature Kubernetes. Red Hat also uses Kubernetes as a foundation for Red Hat OpenShift Container Platform, which adds a service catalog, build automation, deployment automation and application lifecycle management to meet the needs of its enterprise customers.

OpenShift Dedicated is underpinned by Red Hat Enterprise Linux, and marries Red Hat’s enterprise-grade container application platform with Google’s 12+ years of operational expertise around containers (and the resulting optimization of our infrastructure for container-based workloads).

Enterprise developers who want to complement their on-premises infrastructure with cloud services and a global footprint, but who still want stable, more secure, open-source solutions, should try out OpenShift Dedicated on Google Cloud Platform, either as a complement to an on-premise OpenShift deployment or as a stand alone offering. You can sign up for the service here. We welcome your feedback on how to make the service even better.

Example application: analyzing a Tweet stream using OpenShift and Google BigQuery

We’re also working with Red Hat to make it easy for you to augment your OpenShift-based applications wherever they run. Below is an early example of using BigQuery, Google's managed data warehouse, and Google Cloud Pub/Sub, its real-time messaging service, with Red Hat OpenShift Dedicated. This can be the starting point to incorporate social insights into your own services.




Step 0: If you don’t have a GCP account already, please sign-up for Google Cloud Platform, setup billing and activate APIs.

Step 1: Next, set up a service account. A service account is a way to interact with your GCP resources by using a different identity than your primary login and is generally intended for server-to-server interaction. From the GCP Navigation Menu, click on "Permissions."
Once there, click on "Service accounts."
Click on "Create service account," which will prompt you to enter a service account name. Name your project and click on "Furnish a new private key." Select the default "JSON" Key type.
Step 2: Once you click "Create," a service account “.json” will be downloaded to your browser’s downloads location.

Important: Like any credential, this represents an access mechanism to authenticate and use resources in your GCP account — KEEP IT SAFE! Never place this file in a publicly accessible source repo (e.g., public GitHub).

Step 3: We’ll be using the JSON credential via a Kubernetes secret deployed to your OpenShift cluster. To do so, first perform a base64 encoding of your JSON credential file:

$ base64 -i ~/path/to/downloads/credentials.json

Keep the output (a very long string) ready for use in the next step, where you’ll replace‘BASE64_CREDENTIAL_STRING’ in the pod example (below) with the output of the base64 encoding.

Important: Note that base64 is encoded (not encrypted) and can be readily reversed, so this file (with the base64 string) should be treated with the same high degree of care as the credential file mentioned above.

Step 4: Create the Kubernetes secret inside your OpenShift cluster. A secret is the proper place to make sensitive information available to pods running in your cluster (like passwords or the credentials downloaded in the previous step). This is what your pod definition will look like (e.g., google-secret.yaml):

apiVersion: v1
kind: Secret
metadata:
  name: google-services-secret
type: Opaque
data:
  google-services.json: BASE64_CREDENTIAL_STRING


You’ll want to add this file to your source-control system (minus the credentials).

Replace ‘BASE64_CREDENTIAL_STRING’ with the base64 output from the prior step.

Step 5: Deploy the secret to the cluster:

$ oc create -f google-secret.yaml

Step 6: Now you can use Google APIs from your OpenShift cluster. To take your GCP-enabled cluster for a spin, try going through the steps detailed in Real-Time Data Analysis with Kubernetes, Cloud Pub/Sub and BigQuery, a solutions document. You’ll need to make two minor tweaks for the solution to work on your OpenShift cluster:

For any pod that needs to access Google APIs, modify it to create a reference to the secret, including exporting the environment variable “GOOGLE_APPLICATION_CREDENTIALS” to the pod (here’s more information on application default credentials).

In the PubSub-BiqQuery solution, that means you’ll modify two pod definitions:, pubsub/bigquery-controller.yaml and pubsub/twitter-stream.yaml

For example:

apiVersion: v1
kind: ReplicationController
metadata:
  name: bigquery-controller
  labels:
    name: bigquery-controller

    spec:
      containers:
      …
        env:
        … 
        - name: GOOGLE_APPLICATION_CREDENTIALS
          value: /etc/secretspath/google-services.json
        volumeMounts:
        - name: secrets
          mountPath: /etc/secretspath
          readOnly: true
      volumes:
      - name: secrets
        secret:
          secretName: google-services-secret


Step 7: Finally, anywhere the solution instructs you to use "kubectl," replace that with the equivalent OpenShift command "oc."

That’s it! If you follow along with the rest of the steps in the solution, you’ll soon be able to query (and see) tweets showing up in your BigQuery table — arriving via Cloud Pub/Sub. Going forward with your own deployments, all you need to do is follow the above steps of attaching the credential secret to any pod where you use Google Cloud SDKs and/or access Google APIs.