I'm playing around with the Google App Engine and the Datastore.
Really amazing stuff going on over there.
But I couldn't help and wonder what Google is allowed to do with the data my application is storing in there Datastore.
Can someone explain it in simple worlds?
Thanks
Google App Engine is governed by Google's general Privacy Policy. They promise not to share information outside of Google except in certain circumstances (court order, etc.), and they restrict access to only employees who need it. However, because they can use your data to "provide, maintain, protect and improve our services," Google may be using your data for their own purposes (probably not, but I see nothing that prevents them).
Disclaimer: I am not a lawyer. Also, this policy doesn't provide GAE-specific information.
Worth noting that Google Cloud has separate Terms of Service that includes this line:
5.2 Use of Customer Data. Google will not access or use Customer Data, except as necessary to provide the Services to Customer.
Related
I am trying to figure out how to access Google App Engine Memcache service from outside Google App Engine. Any help on how this can be done would be greatly appreciated.
Thanks in advance!
I don't think this is currently possible. I don't know if there is any technical argument for this or if this decision has been made simply for billing purposes. But it seems like memcache is intended to be an integral part of App Engine. The only relevant discussion I could find is this feature request. It calls for possibility of accesing memcached data of one App Engine project by another App Engine project. It seems to me that Google didn't consider such functionality to be beneficial. You could try filing your own feature request to make memcache a standalone service. In case you do not succeed (and I am afraid you won't), here is a simple workaround.
A simple workaround:
Create a simple App Engine project which would serve as a facade over memcache service. This dummy App Engine project would simply translate your HTTP requests to memcache API calls and return the obtained data in the body of a HTTP response. For example, to retrieve a memcache record you could send a GET request such as:
https://<your-poject-id>.appspot.com/get?key=<some-particular-key>
This call would get "translated" into:
memcache.get(<some-particular-key>);
And the obtained data appended to the HTTP response.
Since accessing memcache is free, you would only have to pay for instance time. I don't know what through-put are you expecting, but I can imagine scenarios where you could even fit into the free daily quota (currently 28 hours/day). All in all, the intermediate App Engine project should not come with significant cost in neither performance nor price.
Before using this workaround:
The above snippet of code is intended for illustration purposes only. There still remain some issues to be dealt with before using this approach in production. For example, as pointed out by Suken, anyone would be able to access your memcache if they knew what requests to send. Here are four additional things I would personally do:
Address the security issues by sending some authentication token with each request. An obvious necessity would be to make the calls over HTTPS to prevent man-in-the-middle attackers from obtaining this token. Note that App Engine's appspot.com subdomains are accessible via HTTPS by default.
Prefer batch API calls such as getAll() over their single record alternatives such as get(). Retrieving multiple records in one batch call is much faster than making multiple separate API calls.
Use POST requests (instead of GET) to access the facade application. You won't have to worry about your batch requests being to large. I only used GET request in the example above because it was easier to write.
Check if such usage of App Engine doesn't violate the Terms of Service. Personally, I don't believe it does. And I don't see why Google should mind. After all, you will be paying for instance hours.
EDIT: After giving this some more thought, I believe that the suggested workaround is actually what Google presumes you to do. Given that the Goolge's objective is to earn money, it would be unreasonable to provide a free service unless it was a part of a paid one. Of course, another billing schemes could be created. For example, allowing direct access only for developers who are willing to pay for dedicated memcache. The question is whether your use case is broad enough to convince Google to take some action.
No, AFAIK the Memcache service is not available outside GAE. To be even more specific it is only available inside the GAE standard environment, it is unavailable in the GAE flexible environment.
But some of the alternate solutions suggested for GAE flexible users might be useable for you as well. From Memcache:
The Memcache service is currently not available for the App Engine
flexible environment. An alpha version of the memcache service will be
available shortly. If you would like to be notified when the service
is available, fill out this early access form.
If you need access to a memcache service immediately, you can use the
third party memcache service from Redis Labs. To access this service,
see Caching Application Data Using Redis Labs Memcache.
You can also use Redis Labs Redis Cloud, a third party fully-managed
service. To access this service, see Caching Application Data Using
Redis Labs Redis.
As stated by other users the Memcache is not offered as a service outside GAE (Google App Engine). I would like to point out that implementing GAE facade over Memcache service has security ramifications. Please note that facade GAE Memcache app will be exposed on the public internet like any other GAE service. I am assuming that you want to use Memcache for internal use only. Another aspect to think about is writing into memcache. If you intend to write to memcache from outside GAE, then definitely avoid facade implementation. If comprised anyone will be able to use you facade implementation as their own cache without paying for it ;)
My suggestion is to spin up a stack using GCP Cloud Launcher. There are various stack templates available for both Redis and Memcache stacks. Further you can configure the template to use preemptible burstable instances to reduce the cost of your Memcache.
I have tried searching the info regarding applications on GAE within same domain talking to each other but so far I don't have any luck. There was a post here but I don't know if that answer is correct.
You could also run the two different "apps" as different versions of the same appid. Then they share the datastore. Also, urlfetch.fetch() calls to paths of the same app are treated specially, they are faster and don't require authentication (they count as if they are logged in as admin).
I believe you will be best served by exposing a REST API for both your applications, so that they can read/write information as needed.
For e.g. If one of your apps is an Invoicing App and the other app needs only read access to Invoices, you can expose an API in the Invoice App for:
searching invoices by some filter
providing the Invoice detail, given an Invoice ID
Exposing an API will keep the applications loosely coupled with each other and will allow you to enhance the API as more requirements emerge. In the future, you can even have other clients like a mobile app access the API.
What would happen if you used KRL to inject web analytics into various sites using a proxy end point? Is it possible to track multi-site usage with a Kynetx implementation?
This depends on the analytics package you are using. Google Analytics uses a tracking code, rather then domain only, for tracking. They even have a way do your tracking in a way that does not interfere with the site if they also use Google Analytics. Their docs on tracking events on multiple domains might be relevant.
It really comes down to how the tracking engine works. Give it a try, and remember to check and see if sites using the same engine are tracking as well (consult FireBug or Chrome Dev tools to look for the appropriate requests), to be a good neighbor.
Well, I've been building some free apps on top of appengine, but now I want to start charging money. My question is:
What is the best way to collect payments from users. Do certain services (paypal, google checkout, etc) work better/worse with AppEngine's library restrictions? Are there any good examples or tutorials to help me learn how to do this?
You can do this any way you want, really - and there's nothing App Engine specific about it. For example, you could use Google Checkout or Paypal, and charge users on any basis you want.
Also just something to point out about the implementation, a simple boolean property on your user object should allow you to easily turn functions in your app on and off, depending on which tier your user has paid for.
Checkout http://Spreedly.com or http://Recurly.com. Both are billing solution SaaS apps. http based api's and easy to use. I use Spreedly.com
If you plan to sell business apps you could integrate with the Google Apps Marketplace which uses Google Checkout for billing.
Is it possible to make invitations to share/view data similar to Google Docs?
Definitely: GAE is a platform, a canvas for what you want to build. Document access management is entirely up to you, but of course you'll have access to some APIs to facilitate your life (e.g. Google Accounts integration).
Of course it is. You can create virtually any kind of web application that you want with AppEngine. It doesn't come with anything built-in to do this other than an API for sending emails, but you can certainly code up this functionality.