The past few days brought our Google Cloud community together during Google Next 2019 in San Francisco to learn about lots of new technologies and see how customers are pushing their ideas and businesses forward with the cloud.
It was a lot to digest, but we’ve boiled it down here into all the announcements from the week across infrastructure, application development, data management, smart analytics and AI, productivity, and more.
Agenda will include the review of the updates and announcements for the following products and services:
- BigQuery BI Engine
- Cloud Data Fusion
- Cloud Run
- AutoML Tables
- New Managed DBs
- Traffic Director
- Anthos
5. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Google Next 2019 - April 9-11, 2019
• DoiT International got the Google Partner of the Year award 🏆
• 122+ announcements
General
6. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Hybrid Cloud
• DevOps/SRE
• Networking & Security
• Data Management
• Smart Analytics
• AI and machine learning
Agenda
7. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Anthos
• Cloud Run
Hybrid Cloud Overview
8. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Formerly Cloud Services Platform
• Build and manage modern hybrid applications across environments
• Define and manage your configuration centrally, at a higher level
• Relies on Google Kubernetes Engine (GKE) and GKE On-Prem
Anthos Overview
10. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Deal with network concerns
• Telemetry
• Managed certificates for internal services
• Integration with Cloud Identity-Aware Proxy (Cloud IAP)
• Security insights
Anthos - Cloud Service Mesh (CSM)
11. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Centralized config management
• Configuration as code
• Leverages core Kubernetes concepts, such as Namespaces, labels, and annotations
• Benefits:
• Single source of truth, control, and management
• One-step deployment
• Rich inheritance model
Anthos - Centralized config management
12. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Run stateless HTTP containers on a fully managed environment or in your own GKE
cluster
• Serverless
• Abstracts away all infrastructure
• Charges for the resources you use (down to the nearest 100 milliseconds)
• Fast autoscaling
• Built from Knative
• Write code your way - Any language, any library, any binary
• Redundancy
Cloud Run Overview
15. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Cloud Code
DevOps/SRE Overview
16. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Help you write, deploy, and debug cloud-native applications
• Cloud Code for VS Code (beta) & IntelliJ (alpha)
• Uses popular tools such as Skaffold, Jib and Kubectl
• 1-click deployment to your Kubernetes clusters
• Continuous deployment to maintain a tight development inner loop
• 1-click launch of the deployed application
• View and stream logs from your deployments, pods and containers
Cloud Code Overview
17. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Traffic Director
• GKE Sandbox
Networking & Security Overview
18. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• GCP's traffic control plane for service mesh
• Easily deploy global load balancing
• Uses open xDSv2 APIs = you are not locked into a proprietary interface
• Fully managed with 99.99% SLA
• Build resilient services
• Scale seamlessly with your deployment
• Works with VMs and containers
Traffic Director Overview
19. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Traffic Control with request routing and rich traffic policies (alpha):
• Traffic splitting:
• Canarying
• url rewrites/redirects
• Traffic mirroring
• Advanced routing capabilities based on header values, including cookies
• Circuit breaking
• Backend outlier detections
Traffic Director Overview
20. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
Traffic Director Overview
21. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
Traffic Director Overview
22. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Container isolation solution
• Second layer of defense between containerized workloads on Google Kubernetes
Engine (GKE)
• Built with low I/O but highly scaled applications in mind
• Based on gVisor (open source container sandboxing project)
GKE Sandbox Overview
23. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• New Managed DBs
• Cloud SQL for Microsoft SQL Server (sneak preview)
• Cloud SQL for PostgreSQL, now with version 11 support
• Cloud Bigtable multi-region replication now available
• Cloud Storage Archive
• Cloud Filestore
Data Management Overview
24. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Supported version:
• During Alpha: SQL Server 2017 Standard Edition
• Ultimately: all editions of 2017
• Regions: same regions of CloudSQL (currently 18 regions, 58 zones)
• SQL Server features:
• SQL Server Database Engine functionality will all be available
• Bundled services such as SSRS and SSAS will not be available as part of this
release, alternative GCP integrated solutions may be announced closer to release
• HA/DR: For the first release, Cloud SQL for SQL Server will leverage the RePD
functionality also used by MySQL and PostgreSQL
• Authentication for SQL Server: only SQL Server authentication during Alpha
Cloud SQL for Microsoft SQL Server Overview
25. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Parallel B-tree Index build
• Lightweight and super fast ALTER TABLE for NOT NULL column with DEFAULT values
• Stored procedures with transaction control
• Hash Partition
• Advanced partitioning features that were always on demand
• Tables can have default partitions
• Parallel hash join
Cloud SQL PostgreSQL, version 11 support Overview
26. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Isolate serving applications from batch reads
• Serve global audiences with lower latency
• Aggregate data ingested from worldwide sources to a single location
• Increase the availability and durability
• Provide near-real-time backup
Cloud Bigtable multi-region replication Overview
27. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Consistency model
• Eventually consistent - By default
• read-your-writes consistency
• strong consistency
• Failovers:
• Manual
• Automatic
• Available ONLY in production mode! → minimum of 6 nodes…
• Single-row transactions is not allowed in an app profile that uses multi-cluster routing,
because there's no safe way to enable both of these features at once.
Cloud Bigtable multi-region replication Overview
28. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Ice cold archive class storage
• Designed for long-term data retention
• Available later this year
• Provides immediate, low-latency access to your content
• Full integration into object lifecycle management
• Price points starting from $0.00123 per GB per month ($1.23 per TB per month)
• 12 month minimum retention period
Cloud Storage Archive Overview
29. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
Cloud Storage Archive Overview
30. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Fully managed, NoOps Network Attached Storage (NAS)
• Pay a predictable price for predictable performance
• Supports any NFSv3-compatible client.
• Caution: Backups, snapshots, and instance failover aren't available for Cloud Filestore.
Cloud Filestore Overview
31. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
Cloud Filestore Overview
32. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Cloud Data Fusion
• BigQuery DTS supports 100+ SaaS apps
• Dataflow FlexRS
• BigQuery BI Engine
Smart Analytics Overview
33. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Fully managed, code-free, cloud-native data integration service
• built on the open-source project CDAP
• Integration with Cloud IAM and Cloud Identity-Aware Proxy (IAP)
• Comprehensive integration toolkit
• You can build your own plugin by using Cloud Data Fusion's plugin APIs
• Execution environment: supports Cloud Dataproc
• Provisions an ephemeral Cloud Dataproc cluster in your project
• You can run pipelines against existing Cloud Dataproc clusters
Cloud Data Fusion Overview
34. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• BigQuery Data Transfer Service (DTS) now supports 100+ popular SaaS applications
• Including:
• Salesforce
• Marketo
• Workday
• Stripe
• And many more
BigQuery DTS supports 100+ SaaS apps
35. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Reduces batch processing costs by using:
• Scheduling
• Cloud Dataflow Shuffle service
• Combination of preemptible virtual machine (VM) instances and regular VMs
• Selects preemptible VMs for 90% of workers in the worker pool by default
• FlexRS jobs use Cloud Dataflow Shuffle
• Do not use Persistent Disk resources for temporary results
• No need to redistribute data to the remaining workers in case of preemption
• Have a scheduling delay (execution within 6 hours of job creation)
• Most suitable for non time-critical workloads
Dataflow FlexRS Overview
--flexRSGoal=COST_OPTIMIZED
--region=europe-west1
--maxNumWorkers=10
--workerMachineType=n1-highmem-16
36. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Blazing-fast, in-memory analysis service for BigQuery
• Enable real-time dashboarding with sub-second query response and with high
concurrency
• Seamlessly integrates with familiar tools like Data Studio, Looker, and Sheets
• Simplified architecture - NO managing of complex data pipeline or servers
• Smart tuning: Very few configuration settings (Location & GB of Capacity)
BigQuery BI Engine Overview
37. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• AI Platform
• BigQuery ML
• AutoML Tables
• Recommendations AI
AI and machine learning Overview
38. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
AI Platform Overview
Share Explore
Train Serve Manage
Collect
39. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
• Linear regression for forecasting
• Binary logistic regression for classification
• Multiclass logistic regression for classification
• K-means clustering for data segmentation (beta)
BigQuery ML Overview
40. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
AutoML Tables Overview
41. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
Recommendations AI Overview
42. DoIT International confidential │ Do not distributeDoIT International confidential │ Do not distribute
Thank you!
Yoram Ben-Yaacov Gad Benram
Editor's Notes
Anthos (the new name for Cloud Services Platform) is now generally available on Google Kubernetes Engine (GKE) and GKE On-Prem, so you can deploy, run and manage your applications on-premises or in the cloud. Coming soon, Google will extend that flexibility to third-party clouds like AWS and Azure. And Anthos is launching with the support of more than 30 hardware, software and system integration partners so you can get up and running fast.
Build and manage modern hybrid applications across environments: Powered by Kubernetes and other industry-leading open-source technologies from Google, Anthos transforms your architectural approach, lets you focus on innovation, and allows you to move faster than ever without compromising security or increasing complexity.
Define and manage your configuration centrally, at a higher level: With a service-centric view of your infrastructure, you will spend less time managing your applications and get greater awareness, consistency, and control. Define and manage your configuration centrally, at a higher level of the stack, and let the system handle the rest.
Relies on Google Kubernetes Engine (GKE) and GKE On-Prem: The primary computing environment for Anthos relies on Google Kubernetes Engine (GKE) and GKE On-Prem to manage Kubernetes installations in the environments where you intend to deploy your applications.
Deal with network concerns: Cloud Service Mesh (CSM) manages Istio in both GKE and GKE On-Prem, providing all the benefits of open-source Istio, without the complexity of configuration, installation, upgrade, and certificate authority setup.
Telemetry
View the connections between services.
Monitor and manage service level objectives (SLOs) for error rates and latency.
Managed certificates for internal services
Provides service-to-service encryption.
Google manages the issuance and rotation of mTLS certificates and keys for Kubernetes Pods.
Integration with Cloud Identity-Aware Proxy (Cloud IAP)
Enables stronger security using context-aware access.
Uses Istio authentication and authorization policies to grant access based on both the service identity and the end-user context.
Security insights
Shows security information about applications running in the service mesh, and makes recommendations to help improve the security posture of applications.
Identifies services not secured by mTLS and alerts administrators.
Provides the necessary changes to the mesh policy and destination rule to remediate issues.
Centralized config management: provides a unified model for computing, networking, and even service management across clouds and datacenters.
Configuration as code: Configuration as code is one common approach to managing this complexity. Anthos provides configuration as code via Anthos Config Management, which deploys the Anthos Config Management Operator to your GKE or GKE On-Prem clusters, allowing you to monitor and apply any configuration changes detected in a Git repo.
Leverages core Kubernetes concepts: such as Namespaces, labels, and annotations to determine how and where to apply the config changes to all of your Kubernetes clusters, no matter where they reside.
Benefits: Anthos Config Management has the following benefits for your Kubernetes Engine clusters:
Single source of truth, control, and management
Enables the use of code reviews, validation, and rollback workflows.
Avoids shadows ops, where Kubernetes clusters drift out of sync due to manual changes.
Enables the use of CI/CD pipelines for automated testing and rollout.
One-step deployment across all clusters
Anthos Config Management turns a single Git commit into multiple kubectl commands across all clusters.
Rollback by simply reverting the change in Git. The reversion is then automatically deployed at scale.
Rich inheritance model for applying changes
Using Namespaces, you can create configuration for all clusters, some clusters, some Namespaces, or even custom resources.
Using Namespace inheritance, you can create a layered Namespace model that allows for configuration inheritance across the repo folder structure.
Cloud Run, our fully managed serverless execution environment, offers serverless agility for containerized apps.
Cloud Run is a managed compute platform that enables you to run stateless containers that are invocable via HTTP requests.
Serverless: it abstracts away all infrastructure management, so you can focus on what matters most — building great applications.
https://github.com/ahmetb/cloud-run-faq#what-is-cloud-run
Fast autoscaling: Automatically scales up or down from zero to N depending on traffic.
Built from Knative: Cloud Run is built on the Knative open-source project, enabling portability of your workloads across platforms. letting you choose to run your containers either fully managed with Cloud Run, or in your Google Kubernetes Engine cluster with Cloud Run on GKE
Write code your way: Many serverless platforms add constraints around support for languages, libraries, or even restrict the way you code. With Cloud Run, you can build applications in your favorite language, with your favorite dependencies and tools, and deploy them in seconds.
Redundancy: Cloud Run services are regional, automatically replicated across multiple zones.
Cloud Run, our fully managed serverless execution environment, offers serverless agility for containerized apps.
Cloud Run is a managed compute platform that enables you to run stateless containers that are invocable via HTTP requests.
Serverless: it abstracts away all infrastructure management, so you can focus on what matters most — building great applications.
https://github.com/ahmetb/cloud-run-faq#what-is-cloud-run
Fast autoscaling: Automatically scales up or down from zero to N depending on traffic.
Built from Knative: Cloud Run is built on the Knative open-source project, enabling portability of your workloads across platforms. letting you choose to run your containers either fully managed with Cloud Run, or in your Google Kubernetes Engine cluster with Cloud Run on GKE
Write code your way: Many serverless platforms add constraints around support for languages, libraries, or even restrict the way you code. With Cloud Run, you can build applications in your favorite language, with your favorite dependencies and tools, and deploy them in seconds.
Redundancy: Cloud Run services are regional, automatically replicated across multiple zones.
The new Cloud Code makes it easy to develop and deploy cloud-native applications on Kubernetes, by extending your favorite local Integrated Development Environments (IDE) IntelliJ and Visual Studio Code.
The new Cloud Code makes it easy to develop and deploy cloud-native applications on Kubernetes, by extending your favorite local Integrated Development Environments (IDE) IntelliJ and Visual Studio Code.
Traffic Director delivers configuration and traffic control intelligence to sidecar service proxies, providing global resiliency for your services by allowing you to deploy application instances in multiple Google Cloud regions.
Global load balancing: With Traffic Director, deploy your service instances in multiple regions for resiliency and reach while requiring only a single service IP. This means, for instance, that your GKE service can be in multiple clusters, with each cluster in a different region. If the instances closest to the user go down or are overloaded, traffic is seamlessly directed to another available instance.
Fully managed with SLA: As a Google-managed service, Traffic Director comes with a production-grade 99.99% SLA: if there is a problem, our operators get paged, not yours. You don't have to worry about deploying and managing the control plane, which means your people can focus on your business.
Build resilient services: Keep your service up and running by deploying it across multiple regions as VMs or containers and use Traffic Director to deliver global load balancing with automatic cross-region overflow and failover.
Scale seamlessly with your deployment: Traffic Director is built to seamlessly handle growth in your deployments. As the number of services grows, Traffic Director seamlessly scales to manage all of them, even for large installations.
Works with VMs and containers: Deploy your Traffic Director-managed VM service instances using the managed instance groups and your container instances using network endpoint groups.
Traffic Control with request routing and rich traffic policies (alpha): Traffic Director supports advanced request routing features like traffic splitting, enabling use cases like canarying, url rewrites/redirects, fault injection, traffic mirroring, and advanced routing capabilities based on various header values, including cookies. Traffic Director also supports many advanced traffic policies with the inclusion of many load-balancing schemes, circuit breaking, and backend outlier detections.
Traffic Control with request routing and rich traffic policies (alpha): Traffic Director supports advanced request routing features like traffic splitting, enabling use cases like canarying, url rewrites/redirects, fault injection, traffic mirroring, and advanced routing capabilities based on various header values, including cookies. Traffic Director also supports many advanced traffic policies with the inclusion of many load-balancing schemes, circuit breaking, and backend outlier detections.
Traffic Control with request routing and rich traffic policies (alpha): Traffic Director supports advanced request routing features like traffic splitting, enabling use cases like canarying, url rewrites/redirects, fault injection, traffic mirroring, and advanced routing capabilities based on various header values, including cookies. Traffic Director also supports many advanced traffic policies with the inclusion of many load-balancing schemes, circuit breaking, and backend outlier detections.
GKE Sandbox (beta), based on the open-source gVisor project, provides additional isolation for multi-tenant workloads, helping to prevent container escapes, and increasing workload security.
Coming soon to Google Cloud: bring your existing SQL Server workloads to GCP and run them in a fully managed database service.
CloudSQL for PostgreSQL now supports version 11, with useful new features like partitioning improvements, stored procedures, and more parallelism.
Parallel B-tree Index build:
This could be the most sought after feature by DBAs, especially those migrating large databases from other database systems to PostgreSQL. Gone are the days when a lot of time was spent on building indexes during data migration. Index maintenance (rebuild) for very large tables can now make an effective use of multiple cores in the server by parallelizing the operation, taking considerably less time to complete.
Lightweight and super fast ALTER TABLE for NOT NULL column with DEFAULT values:
In the process of continuous enhancement and adding new features, we see several application developments that involve schema changes to the database. Most such changes include adding new columns to a table. This can be a nightmare if a new column needs to be added to a large table with a default value and a NOT NULL constraint. This is because an ALTER statement can hold a write lock on the table for a long period. It can also involve excessive IO due to table rewrite. PostgreSQL 11 addresses this issue by ensuring that the column addition with a default value and a NOT NULL constraint avoids a table rewrite.
Stored procedures with transaction control:
PostgreSQL 11 includes stored procedures. What really existed in PostgreSQL so far was functions. The lack of native stored procedures in PostgreSQL made the database code for migrations from other databases complex. They often required extensive manual work from experts. Since stored procedures might include transaction blocks with BEGIN, COMMIT, and ROLLBACK, it was necessary to apply workarounds to meet this requirement in past PostgreSQL versions, but not anymore.
Hash Partition:
Until PostgreSQL 9.6 we used table inheritance for partitioning a table. PostgreSQL 10 came up with declarative partitioning, using two of the three most common partitioning methods: list and range. And now, PostgreSQL 11 has introduced the missing piece: hash partitioning.
Advanced partitioning features that were always on demand:
There were a lot of new features committed to the partitioning space in PostgreSQL 11. It now allows us to attach an index to a given partition even though it won’t behave as a global index.
Also, row updates now automatically move rows to new partitions (if necessary) based on the updated fields. During query processing, the optimizer may now simply skip “unwanted” partitions from the execution plan, which greatly simplifies the work to be done. Previously, it had to convey all the partitions, even if the target data was to be found in just a subset of them.
Tables can have default partitions:
Until PostgreSQL 10, if a table did not have a default partition, PostgreSQL had to reject a row when the row being inserted did not satisfy any of the existing partitions definitions. That changes with the introduction of default partitions in PostgreSQL 11.
Parallel hash join:
Most of the SQLs with equi-joins do hash joins in the background. There is a great opportunity to speed up performance if we can leverage the power of hardware by spinning off multiple parallel workers. PostgreSQL 11 now allows hash joins to be performed in parallel.
Cloud Bigtable multi-region replication is now generally available, giving you the flexibility to make your data available across a region or worldwide as demanded by your app.
Replication for Cloud Bigtable enables you to increase the availability and durability of your data by copying it across multiple regions or multiple zones within the same region. You can also isolate workloads by routing different types of requests to different clusters.
Isolate batch and serving workloads: When you use a single cluster to run a batch analytics job that performs numerous large reads alongside an application that performs a mix of reads and writes, the large batch job can slow things down for the application's users. With replication, you can use app profiles with single-cluster routing to route batch analytics jobs and application traffic to different clusters, so that batch jobs don't affect your applications' users.
Serve global audiences with lower latency by bringing data that’s generated in any region, such as personalized recommendations, closer to the users wherever they are
Aggregate data ingested from worldwide sources (such as IoT sensor data) to a single location for analytics and machine learning
Increase the availability and durability of your data beyond the scope of a single region: If an instance has only 1 cluster, your data's durability and availability are limited to the zone where that cluster is located. Replication can improve both durability and availability by storing separate copies of your data in multiple zones or regions and automatically failing over between clusters if needed.
Provide near-real-time backup: In some cases—for example, if you can't afford to read stale data—you'll always need to route requests to a single cluster. However, you can still use replication by handling requests with one cluster and keeping another cluster as a near-real-time backup. If the serving cluster becomes unavailable, you can minimize downtime by manually failing over to the backup cluster.
Consistency model:
Eventually consistent: By default. If your instance is healthy, the delay for replication is typically a few seconds or minutes, not hours
read-your-writes consistency: Application will never read data that is older than its most recent writes. Each application in the group must use an app profile that is configured for single-cluster routing, and all of the app profiles must route requests to the same cluster.
strong consistency: To gain strong consistency, you use the single-cluster routing app-profile configuration for read-your-writes consistency that is described above, but you must not use the instance's additional clusters unless you need to fail over to a different cluster.
Available ONLY in production mode! → minimum of 6 nodes…
Single-row transactions is not allowed in an app profile that uses multi-cluster routing, because there's no safe way to enable both of these features at once.
A new low-cost archive class for Cloud Storage will offer the same consistent API as other classes of Cloud Storage and millisecond latency to access your content.
Intended for data that would probably otherwise be stored in tape archives
A new low-cost archive class for Cloud Storage will offer the same consistent API as other classes of Cloud Storage and millisecond latency to access your content.
Intended for data that would probably otherwise be stored in tape archives
Cloud Filestore, our managed file storage system, is now generally available for high-performance storage needs.
Cloud Filestore, our managed file storage system, is now generally available for high-performance storage needs.
Data Fusion (beta) is a fully managed and cloud-native data integration service that helps you easily ingest and integrate data from various sources into BigQuery.
BigQuery DTS now supports 100+ SaaS apps, enabling you to lay the foundation for a data warehouse without writing a single line of code.
Dataflow Flexible Resource Scheduling (FlexRS), in beta, helps you flexibly schedule batch processing jobs for cost savings.
Using Flexible Resource Scheduling in Cloud Dataflow
BigQuery BI Engine, in beta, is an in-memory analysis service that lets interact with large or complex data almost immediately, for optional visual analysis with partner tools.
AI Platform (beta) helps teams prepare, build, run, and manage ML projects via the same shared interface.
BigQuery ML is now generally available with new model types you can call with SQL queries.
AutoML Tables (beta) helps you turn your structured data into predictive insights. You can ingest your data for modeling from BigQuery, Cloud Storage, and other sources.
Recommendations AI (beta) helps retailers provide personalized 1:1 recommendations to drive customer engagement and growth.