Cloud Migration & DevOps Strategies

Questions and Answers

Flashcards

API Versioning with Load Balancers

Use separate backend pools for each API path behind the load balancer, allowing different API versions to coexist under the same SSL and DNS records.

Analyzing Petabyte Datasets

Load data into Google BigQuery to leverage its SQL interface and scalability for analyzing large datasets.

Migrating J2EE Applications

Automate infrastructure provisioning, use monitoring tools, and deploy continuous integration with automated testing.

App Engine Session Issue

The session variable is local to a single instance due to App Engine's stateless nature, causing users to see previously viewed news articles.

Selecting Logging Tool

Define requirements and assess viable logging tools to ensure the new logging solution meets the application development team's needs.

Reducing Production Rollbacks

Introduce a green-blue deployment model and fragment the platform into microservices to reduce the risk of production rollbacks.

Development Infrastructure Costs

Use BigQuery billing export and labels to associate costs with development groups, and stop VMs without deleting persistent disks.

Meeting Room Occupancy Data

Use a NoSQL database to handle the high volume and velocity of data from the motion sensors.

Autoscaling Instance Health Checks

Ensure that a firewall rule allows load balancer health checks to reach the instances in the instance group.

BigQuery Access from Compute Engine

Create a new service account with BigQuery access and execute the script with that user.

Corporate Authentication Strategy

Federate authentication via SAML 2.0 to the existing Identity Provider to minimize user disruption and meet security requirements.

Analyzing Data Streams

Use Google Cloud Dataflow as it supports both batch and stream processing for analyzing data streams.

Diagnosing App Engine Issues

Roll back to an earlier known good release and use Stackdriver Trace and Logging to diagnose the problem in a development/test/staging environment.

Resizing Persistent Disk

Increase the size of the persistent disk in the Cloud Platform Console and use the resize2fs command in Linux.

Processing Credit Card Transactions

Create a tokenizer service and store only tokenized data to minimize the scope of PCI compliance.

Storing Click Data

Choose Google Cloud Bigtable, designed for fast ingestion and storage of large volumes of clickstream data.

Deleting Old Backup Files

Write a lifecycle management rule in JSON and push it to the bucket with gsutil.

Scaling Apache Spark and Hadoop

Cloud Dataproc is designed for running Apache Spark and Hadoop jobs and helps scale upcoming demand with minimal operational work and code change.

Improving MySQL Performance

Dynamically resize the SSD persistent disk to 500 GB to improve database performance.

Storing Sensor Data

Store the data in Google Cloud Bigtable, which is optimized for time-series data from sensors.

Resiliency testing strategy

Create synthetic random user input, replay, and chaos.

Optimizing Dockerfile

Copy the source after he package dependencies (Python and pip) are installed and Use a slimmed-down base image like Alpine Linux.

Avoid performance bugs

Deploy changes to a small subset of users before rolling out to production

Trace long microservice requests

Instrument your application with Stackdriver Trace in order to break down the request latencies at each microservice

Avoid relational database crashes

Implement routinely scheduled failovers of your databases

Metric retention for 5 years

Configure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage

Replicating Databases to GCP

Google Cloud Dedicated Interconnect for large updates and frequent private communication

Cloud IAM policy history

Cloud Logging export to audit logs into a GCS bucket and delegate access to the bucket

Storing DB Credentials

In a secret management system, not source code!

Detect anomalies in data

Cloud Datalab to explore and clean your data

Study Notes

API Revision Strategy

• Deploy separate backend pools for each API path behind the load balancer to maintain the old API and allow testing of the new one using the existing SSL and DNS records.

Data Storage for Analysis

• Load the multi-petabyte dataset into Google BigQuery to optimize for ease of analysis with a SQL interface and ensure 24/7 availability.

J2EE Application Migration Best Practices

• Select an automation framework to reliably provision the cloud infrastructure.
• Deploy a continuous integration tool with automated testing in a staging environment.
• Instrument the application with a monitoring tool like Stackdriver Debugger.

App Engine Session Issue

• The most likely cause is that the session variable is local to a single instance.

Logging Tool Selection

• Help them define their requirements and assess viable logging tools to find a better tool to capture errors and analyze historical log data.

Reducing Production Deployment Rollbacks

• Introduce a green-blue deployment model.
• Fragment the monolithic platform into microservices.

Cost-Effective Development Infrastructure on GCP

• Use Google BigQuery billing export and labels to associate cost to groups.
• Apply VM CPU utilization label and include it in the BigQuery billing export.

Database for Motion Sensor Data

• Use NoSQL for motion sensor data from meeting rooms across multiple offices and continents, to be used with account owner and office location information.

Autoscaling Instance Group Configuration

• Ensure a firewall rule exists that allows load balancer health checks to reach the instances in the instance group to prevent VM termination and re-launch issues.

BigQuery Connection Issue from Compute Engine

• Create a new service account with BigQuery access and execute the script with that user.

Authentication Strategy for Corporate Application Migration

• Federate authentication via SAML 2.0 to the existing Identity Provider for minimal user disruption and secure password storage.

Data Stream Analysis Technology

• Google Cloud Dataflow should be used for a mix of batch and stream processing when analyzing data to optimize operations with no existing code.

Diagnosing App Engine Loading Issues

• Roll back to an earlier known good release initially, then use Stackdriver Trace and Logging to diagnose the problem in a development/test/staging environment.

Remediating Compute Engine Database Storage Space Issues

• Increase the size of the persistent disk and use the resize2fs command in Linux for minimal downtime.

Designing for PCI Compliance

• Create a tokenizer service and store only tokenized data, to have the smallest scope of PCI compliance while maintaining ability to analyze transactional data.

Storage System for Website Click-Data

• Google Cloud Bigtable should be chosen to store website click-data for future analysis by data science and user experience teams.

Optimizing Cloud Storage Spend

• Write a lifecycle management rule in JSON and push it to the bucket with gsutil to remove backup files older than 90 days.

Scaling Apache Spark and Hadoop Jobs

• Google Cloud Dataproc should be used to scale Apache Spark and Hadoop jobs with minimal operational work and code changes.

Improving Database Server Performance on Compute Engine

• Dynamically resize the SSD persistent disk to 500 GB to improve the MySQL database server's performance.

Storage for Real-Time Weather Application

• Google Cloud Bigtable should be used to store the sensor readings, since it is time-series data and will also be high volume.

Resiliency Testing Strategy

• Create synthetic random user input, replay synthetic load until autoscale logic is triggered on at least one layer, and introduce “chaos” to the system by terminating random resources on both zones.

Optimizing Dockerfile for Faster Deployment Times

• Use a slimmed-down base image like Alpine Linux.
• Copy the source after the package dependencies (Python and pip) are installed.

Avoiding Performance Bugs in Production

• Deploy changes to a small subset of users before rolling out to production.

Finding the Longest Service in Microservice API Requests

• Instrument the application with Stackdriver Trace, in turn breaking down the request latencies at each microservice.

Avoiding Database Failover Issues

• Implement routinely scheduled failovers of databases.

Metric Retention for Legal Proceedings

• Configure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage.

Networking Approach for On-Premises Database Backup Replica

• Google Cloud Dedicated Interconnect should be used.

Streamlining Audit Process

• Enable Google Cloud Storage (GCS) log export to audit logs into a GCS bucket and delegate access to the bucket.

Securing Credentials for Distributed Microservices

• The credentials should be stored in a secret management system.

Business Risks of Migrating to Cloud Deployment Manager

• Cloud Deployment Manager is unfamiliar to the company's engineers.
• Cloud Deployment Manager only supports the automation of Google Cloud resources.

Technology Combination for Application Requirements

• Google Kubernetes Engine, Jenkins, and Helm.

Shutting Down Virtual Machines Properly

• Create a shutdown script and use it as the value for a new metadata entry with the key shutdown-script in the Cloud Platform Console when you create the new virtual machine instance.

Configuring Network for 3-Tier Web Application

• Add tags to each tier and set up firewall rules to allow the desired traffic flow.

Collecting Failure Details on Batch Servers

• Use Stackdriver Logging to search for the module log entries.
• Use gcloud or Cloud Console to connect to the serial console and observe the logs.
• Adjust the Google Stackdriver timeline to match the failure time and observe the batch server metrics.

Low-Risk Cloud Trial Steps

• Upload log files into Google Cloud Storage.
• Load logs into Google BigQuery.

Addressing a Negative Impact from Code Changes

• Revert the source code change, and rerun the deployment pipeline.

IAM Policy Control for Different Departments

• Implement a single organization with folders for each department.

Resolving App Engine Deployment Failure

• Digitally sign all of your JAR files and redeploy your application.

Securing Mobile Chat Messages

• Use public key infrastructure (PKI) to encrypt the message client side using the originating users private key.

On-Premises MySQL Latency Issues

• Configure a Google Cloud Dedicated Interconnect.

Sanitizing data from Cloud Bigtable

• De-identify the data with the Cloud Data Loss Prevention API.

Storing Custom Utility in Cloud Shell

• The utility should be stored in ~/bin.

Creating a Private Connection

• Create a VPC and connect it to your on-premises data center using Dedicated Interconnect.

Minimizing GCP Service Costs

• Utilize free tier and sustained use discounts. Provide training to the team about service cost management.

Ensuring Code Changes Are Verified with GCP

• Use Jenkins to monitor tags in the repository. Deploy staging tags to a staging environment for testing. After testing, tag the repository for production and deploy that to the production environment.

Granting Colleague Access to VMs

• Disable the health check for the instance group. Add his SSH key to the project-wide SSH Keys.

Integrating Google Kubernetes Engine

• GKE and GCP provide the tools you need to build a PCI DSS-compliant environment.

Detecting Anomalies in Company Data

• Upload your files into Cloud Storage. Use Cloud Dataprep to explore and clean your data.

Effective Policy at a Particular Node of the Hierarchy

• The effective policy is the union of the policy set at the node and policies inherited from its ancestors.

Organizing Network in Google Cloud

• Use an IP range on Google Cloud that does not overlap with the range you use on-premises.

Deploying New Indexes to Cloud Datastore

• Point gcloud datastore create-indexes to your configuration file.

Compute Engine Disaster Recovery Plan

• Deploy the application on two Compute Engine instance groups, each in the same project but in a different region. Use the first instance group to serve traffic, and use the HTTP load balancing service to fail over to the standby instance group in case of a disaster.

Integrating App Engine with On-Premises Database

• Deploy your application on App Engine flexible environment and use Cloud VPN to limit access to the on-premises database.

Installing Software on a Compute Engine Instance

• Upload the required installation files to Cloud Storage. Configure the VM on a subnet with a Private Google Access subnet. Assign only an internal IP address to the VM. Download the installation files to the VM using gsutil.

Moving Data into Google Cloud

• Move your data onto a Transfer Appliance. Use a Transfer Appliance Rehydrator to decrypt the data into Cloud Storage.

Updating Application with Minimal Downtime

• Use kubectl set image deployment/echo-deployment

Configuring Users' Access Roles

• Add all users to a group. Grant the group the roles of BigQuery jobUser on the billing project and BigQuery dataViewer on the projects that contain the data.

Allowing People to Upload Images

• Have users upload the images to Cloud Storage using a signed URL that expires after 24 hours.

Complying with the GDPR

• Define a design for the security of data in your web application that meets GDPR requirements.

Setting up Microsoft SQL Server on GCP

• Configure a Cloud SQL instance with high availability enabled.

Deploying Application to Kubernetes

• Use gcloud to create a Kubernetes cluster. Use kubectl to create the deployment.

Evaluating Team Readiness for a New GCP project

• Allocate budget for team training. Create a roadmap for your team to achieve Google Cloud certification based on job role.

Compute Resource for Business Hours Only

• Cloud Functions

Retrieving Root Entities for Minimized Overhead

• Create the Key object for each Entity and run a batch get operation.

Uploading Files from On-Premises to Cloud Storage

• Supply the encryption key in a .boto configuration file. Use gsutil to upload the files.

Capturing KPIs with Low Latency

• Output custom metrics to Stackdriver from the game servers, and create a Dashboard in Stackdriver Monitoring Console to view them.

Steps For A Python Web Application

• Perform the following: 1. Create a Google Kubernetes Engine (GKE) cluster with n1-standard-1 type machines. 2. Build a Docker image from the production branch with all of the dependencies, and tag it with the version number. 3. Create a Kubernetes Deployment with the imagePullPolicy set to 'IfNotPresent' in the staging namespace, and then promote it to the production namespace after testing.

Using Google Cloud With Active Directory

• Use Google Cloud Directory Sync to synchronize Active Directory usernames with cloud identities and configure SAML SSO.

Troubleshooting Application Issues

• Review the Stackdriver logs for the specific GKE container that is serving the unresponsive part of the application.

Introducing High Availability

• Create a failover replica instance in the same region, but in a different zone.

Optimizing Application's Performance

• Create a custom image from the existing disk. Create an instance template from the custom image. Create an autoscaled managed instance group from the instance template.

Restricting Communications

• Use firewall rules based on network tags attached to the compute instances.

Scale Requirements

• 1. Enable automatic storage increase for the instance. 2. Create a Stackdriver alert when CPU usage exceeds 75%, and change the instance type to reduce CPU usage. 3. Create a Stackdriver alert for replication lag, and shard the database to reduce replication time.

Relational Database Recommendation

• BigQuery, because it is designed for large-scale processing of tabular data

Application Reporting

• In the GCP Console, navigate to Stackdriver Logging. Consult logs for (GKE) and Cloud SQL.

Applying Company Authentication

– Ensure that VM service accounts are granted the appropriate Cloud Pub/Sub IAM roles.

Deploying VPN

• Deploy Cloud VPN Gateway in each region. Ensure that each region has at least one VPN tunnel to the on-premises peer gateway.

Optimizing Storage

• Make the tables time-partitioned, and configure the partition expiration at 45 days

Adding and Removing Nodes

• Configure a HorizontalPodAutoscaler with a target CPU usage. Enable the Cluster Autoscaler from the GCP Console.

Verifying Resilliance

• Verify that Dedicated Interconnect can replicate files to GCP. Verify that Cloud VPN can establish a secure connection between your networks if Dedicated Interconnect fails.

Design for HIPAA - Certified Systems

• Provision preemptible VMs to reduce cost. Disable and then discontinue use of all GCP services and APIs that are not HIPAA-compliant.

Testing the Authentication Layer

• Schedule a disaster simulation exercise during which you can shut off all VMs in a zone to see how your application behaves.

Auditing For Queries

• Use 'bq show' to list all jobs. Per job, use 'bq ls' to list job information and get the required information.

Automating the Creation of a Managed Instance Group

• Create a custom VM image with all OS package dependencies. Use Deployment Manager to create the managed instance group with the VM image.

Configuring Access Rights

• Create a group per country. Add analysts to their respective country-groups. Create a single group 'all_analysts', and add all country-groups as members. Grant the 'all_analysts' group the IAM role of BigQuery jobUser. Share the appropriate dataset with view access with each respective analyst country-group.

Cost Effective Storage Allocation

• Memcache backed by Cloud Datastore for the customer session state data. Lifecycle-managed Cloud Storage for log archives, thumbnails, and VM boot/data volumes.

Best Ways to Make All Workloads Run Smoothly

• StatefulSets

Best Cache Content

• Customize the cache keys to omit the protocol from the key.

Central Collection of Logs

• Stackdriver automatically collects admin activity logs for most services. The Stackdriver Logging agent must be installed on each instance to collect system logs.

App Engine

• Deploy the update as a new version in the App Engine application, and split traffic between the new and current versions.

Ports For A Connect Engine Instance

• Create an egress rule with priority 1000 to deny all traffic for all instances. Create another egress rule with priority 100 to allow the Active Directory traffic for all instances.

Customers with Great Models For Results

• Save a history of recommendations and results of the recommendations in BigQuery, to be used as training data.

HTTP Web Application with Security

• Use the Horizontal Pod Autoscaler and enable cluster autoscaling on the Kubernetes cluster. Use a Service resource of type LoadBalancer to load-balance the HTTPS traffic.

Load Balancing Solution

• Create an HTTPS load balancer with URL Maps.

Types of Errors Need to be Handled

• Implement retry logic using a truncated exponential backoff strategy.

Mission- Critical Application

• Use Deployment Manager to automate service provisioning. Use Activity Logs...

Description

Strategies for API revision, data storage in BigQuery, and J2EE application migration. Includes debugging App Engine sessions, selecting logging tools, and reducing deployment rollbacks using infrastructure automation.