Which type of AWS load balancer is used in the following drawing?
-
+
Application Load Balancer (routing based on different endpoints + HTTP is used). @@ -1525,12 +1530,6 @@ False. This is only supported in Classic Load Balancer and Application Load Bala With cross zone load balancing, traffic distributed evenly across all (registered) instances in all the availability zones.
-
- -True -
-
True or False? For application load balancer, cross zone load balancing is always on and can't be disabled
- -True -
True or False? For network load balancer, cross zone load balancing is always on and can't be disabled
@@ -1540,7 +1539,7 @@ False. It's disabled by default
True or False? In regards to cross zone load balancing, AWS charges you for inter AZ data in network load balancer but no in application load balancer
-False. It charges fir inter AZ data in network load balancer, but not in application load balancer +False. It charges for inter AZ data in network load balancer, but not in application load balancer
@@ -1555,6 +1554,20 @@ True
The period of time or process of "draining" instances from requests/traffic (basically let it complete all active connections but don't start new ones) so it can be de-registered eventually and ELB won't send requests/traffic to it anymore.
+
+ +True. +
+
+True or False? With ALB (Application Load Balancer) it's possible to do routing based on query string and/or headers
+ +True. +
+
+ +True +
+
### Auto Scaling Group
True or False? For application load balancer, cross zone load balancing is always on and can't be disabled
+ +True +
@@ -3157,3 +3170,12 @@ Network Load Balancer
You can use an ElastiCache cluster or RDS Read Replicas.
+
+### Misc
+
+
+
+ +ARN (Amazon Resources Names) used for uniquely identifying different AWS resources. +It is used when you would like to identify resource uniqely across all AWS infra. +
\ No newline at end of file
diff --git a/topics/aws/exercises/new_vpc/exercise.md b/topics/aws/exercises/new_vpc/exercise.md
index 96fd373..3afde36 100644
--- a/topics/aws/exercises/new_vpc/exercise.md
+++ b/topics/aws/exercises/new_vpc/exercise.md
@@ -1,6 +1,11 @@
-## AWS VPC - My First VPC
+# My First VPC
-### Objectives
+## Objectives
1. Create a new VPC
- 1. It should have a CIDR that supports using at least 60,000 hosts
+ 1. It should have a CIDR that supports using at least 60,000 hosts
+ 2. It should be named "exercise-vpc"
+
+## Solution
+
+Click [here](solution.md) to view the solution
\ No newline at end of file
diff --git a/topics/aws/exercises/new_vpc/main.tf b/topics/aws/exercises/new_vpc/main.tf
new file mode 100644
index 0000000..e69de29
diff --git a/topics/aws/exercises/new_vpc/pulumi/__main__.py b/topics/aws/exercises/new_vpc/pulumi/__main__.py
new file mode 100644
index 0000000..ef35bd4
--- /dev/null
+++ b/topics/aws/exercises/new_vpc/pulumi/__main__.py
@@ -0,0 +1,10 @@
+import pulumi
+import pulumi_awsx as awsx
+
+vpc = awsx.ec2.Vpc("exercise-vpc", cidr_block="10.0.0.0/16")
+
+pulumi.export("vpc_id", vpc.vpc_id)
+pulumi.export("publicSubnetIds", vpc.public_subnet_ids)
+pulumi.export("privateSubnetIds", vpc.private_subnet_ids)
+
+# Run 'pulumi up' to create it
\ No newline at end of file
diff --git a/topics/aws/exercises/new_vpc/solution.md b/topics/aws/exercises/new_vpc/solution.md
index 4d91d81..220e0e1 100644
--- a/topics/aws/exercises/new_vpc/solution.md
+++ b/topics/aws/exercises/new_vpc/solution.md
@@ -1,17 +1,30 @@
-## AWS VPC - My First VPC
+# My First VPC
-### Objectives
+## Objectives
1. Create a new VPC
- 1. It should have a CIDR that supports using at least 60,000 hosts
+ 1. It should have a CIDR that supports using at least 60,000 hosts
+ 2. It should be named "exercise-vpc"
-### Solution
+## Solution
-#### Console
+### Console
1. Under "Virtual Private Cloud" click on "Your VPCs"
2. Click on "Create VPC"
-3. Insert a name (e.g. someVPC)
+3. Insert a name - "exercise-vpc"
4. Insert IPv4 CIDR block: 10.0.0.0/16
5. Keep "Tenancy" at Default
6. Click on "Create VPC"
+
+### Terraform
+
+Click [here](terraform/main.tf) to view the solution
+
+### Pulumi - Python
+
+Click [here](pulumi/__main__.py) to view the solution
+
+### Verify Solution
+
+To verify you've create the VPC, you can run: `aws ec2 describe-vpcs -filters Name=tag:Name,Values=exercise-vpc`
\ No newline at end of file
diff --git a/topics/aws/exercises/new_vpc/terraform/main.tf b/topics/aws/exercises/new_vpc/terraform/main.tf
new file mode 100644
index 0000000..d8f4341
--- /dev/null
+++ b/topics/aws/exercises/new_vpc/terraform/main.tf
@@ -0,0 +1,11 @@
+resource "aws_vpc" "exercise-vpc" {
+ cidr_block = "10.0.0.0/16"
+
+ tags = {
+ Name = "exercise-vpc"
+ }
+}
+
+output "vpc-id" {
+ value = aws_vpc.exercise-vpc.id
+}
\ No newline at end of file
diff --git a/topics/aws/exercises/subnets/exercise.md b/topics/aws/exercises/subnets/exercise.md
index 5a48aa3..95644c2 100644
--- a/topics/aws/exercises/subnets/exercise.md
+++ b/topics/aws/exercises/subnets/exercise.md
@@ -2,7 +2,8 @@
### Requirements
-Single newly created VPC
+1. Single newly created VPC
+2. Region with more than two availability zones
### Objectives
diff --git a/topics/aws/exercises/subnets/pulumi/__main__.py b/topics/aws/exercises/subnets/pulumi/__main__.py
new file mode 100644
index 0000000..058e8b0
--- /dev/null
+++ b/topics/aws/exercises/subnets/pulumi/__main__.py
@@ -0,0 +1,27 @@
+import pulumi
+import pulumi_aws as aws
+
+availableZones = pulumi_aws.get_availability_zones(state="available")
+
+aws.ec2.Subnet("NewSubnet1",
+ vpc_id=aws_vpc["main"]["id"],
+ cidr_block="10.0.0.0/24",
+ availability_zone=availableZones.names[0],
+ tags={"Name": "NewSubnet1"}
+ )
+
+aws.ec2.Subnet("NewSubnet2",
+ vpc_id=aws_vpc["main"]["id"],
+ cidr_block="10.0.1.0/24",
+ availability_zone=availableZones.names[1]
+ tags={"Name": "NewSubnet2"}
+ )
+
+aws.ec2.Subnet("NewSubnet3",
+ vpc_id=aws_vpc["main"]["id"],
+ cidr_block="10.0.2.0/24",
+ availability_zone=availableZones.names[2]
+ tags={"Name": "NewSubnet3"}
+ )
+
+# Run "pulumi up"
\ No newline at end of file
diff --git a/topics/aws/exercises/subnets/solution.md b/topics/aws/exercises/subnets/solution.md
index b0d09ef..80480ef 100644
--- a/topics/aws/exercises/subnets/solution.md
+++ b/topics/aws/exercises/subnets/solution.md
@@ -1,26 +1,27 @@
-## AWS VPC - Subnets
+# AWS VPC - Subnets
-### Requirements
+## Requirements
-Single newly created VPC
+1. Single newly created VPC
+2. Region with more than two availability zones
-### Objectives
+## Objectives
1. Create a subnet in your newly created VPC
- 1. CIDR: 10.0.0.0/24
- 2. Name: NewSubnet1
+ 1. CIDR: 10.0.0.0/24
+ 1. Name: NewSubnet1
2. Create additional subnet
- 1. CIDR: 10.0.1.0/24
- 2. Name: NewSubnet2
- 3. Different AZ compared to previous subnet
+ 1. CIDR: 10.0.1.0/24
+ 2. Name: NewSubnet2
+ 3. Different AZ compared to previous subnet
3. Create additional subnet
- 1. CIDR: 10.0.2.0/24
- 2. Name: NewSubnet3
- 3. Different AZ compared to previous subnets
+ 4. CIDR: 10.0.2.0/24
+ 5. Name: NewSubnet3
+ 6. Different AZ compared to previous subnets
-### Solution
+## Solution
-#### Console
+### Console
1. Click on "Subnets" under "Virtual Private Cloud"
2. Make sure you filter by your newly created VPC (to not see the subnets in all other VPCs). You can do this in the left side menu
@@ -37,3 +38,11 @@ Single newly created VPC
13. Set the subnet name to "NewSubnet3"
14. Choose a different AZ
15. Set CIDR to 10.0.2.0/24
+
+### Terraform
+
+Click [here](terraform/main.tf) to view the solution
+
+### Pulumi - Python
+
+Click [here](pulumi/__main__.py) to view the solution
\ No newline at end of file
diff --git a/topics/aws/exercises/subnets/terraform/main.tf b/topics/aws/exercises/subnets/terraform/main.tf
new file mode 100644
index 0000000..4dcca49
--- /dev/null
+++ b/topics/aws/exercises/subnets/terraform/main.tf
@@ -0,0 +1,49 @@
+# Variables
+
+variable "vpc_id" {
+ type = string
+}
+
+# AWS Subnets
+
+resource "aws_subnet" "NewSubnet1" {
+ cidr_block = "10.0.0.0/24"
+ vpc_id = var.vpc_id
+ availability_zone = data.aws_availability_zones.all.names[0]
+ tags = {
+ Purpose: exercise
+ Name: "NewSubnet1"
+ }
+}
+
+resource "aws_subnet" "NewSubnet2" {
+ cidr_block = "10.0.1.0/24"
+ vpc_id = var.vpc_id
+ availability_zone = data.aws_availability_zones.all.names[1]
+ tags = {
+ Purpose: exercise
+ Name: "NewSubnet2"
+ }
+}
+
+resource "aws_subnet" "NewSubnet3" {
+ cidr_block = "10.0.2.0/24"
+ vpc_id = var.vpc_id
+ availability_zone = data.aws_availability_zones.all.names[2]
+ tags = {
+ Purpose: exercise
+ Name: "NewSubnet3"
+ }
+}
+
+# Outputs
+
+output "NewSubnet1-id" {
+ value = aws_subnet.NewSubnet1.id
+}
+output "NewSubnet2-id" {
+ value = aws_subnet.NewSubnet2.id
+}
+output "NewSubnet3-id" {
+ value = aws_subnet.NewSubnet3.id
+}
\ No newline at end of file
diff --git a/topics/kubernetes/README.md b/topics/kubernetes/README.md
index 995940a..03e12d0 100644
--- a/topics/kubernetes/README.md
+++ b/topics/kubernetes/README.md
@@ -13,12 +13,21 @@
## Kubernetes Questions
-* [Kubernetes 101](#kubernetes-101)
-* [Kubernetes Hands-On Basics](#kubernetes-hands-on-basiscs)
-* [Kubernetes Cluster](#kubernetes-cluster)
-* [Kubernetes Pods](#kubernetes-pods)
-* [Kubernetes Deployments](#kubernetes-deployments)
-* [Kubernetes Services](#kubernetes-services)
+- [Kubernetes](#kubernetes)
+ - [Kubernetes Exercises](#kubernetes-exercises)
+ - [Kubernetes Questions](#kubernetes-questions)
+ - [Kubernetes 101](#kubernetes-101)
+ - [Kubernetes - Hands-On Basics](#kubernetes---hands-on-basics)
+ - [Kubernetes - Cluster](#kubernetes---cluster)
+ - [Pods](#pods)
+ - [Deployments](#deployments)
+ - [Services](#services)
+ - [Ingress](#ingress)
+ - [Kubernetes - Security](#kubernetes---security)
+ - [Kubernetes - Troubleshooting Scenarios](#kubernetes---troubleshooting-scenarios)
+ - [Kubernetes - Submariner](#kubernetes---submariner)
+ - [Kubernetes - Istio](#kubernetes---istio)
+ - [Kubernetes - Scenarios](#kubernetes---scenarios)
## Kubernetes 101
@@ -161,9 +170,9 @@ False. A Kubernetes cluster consists of at least 1 master and can have 0 workers
What's an ARN?
+ +ARN (Amazon Resources Names) used for uniquely identifying different AWS resources. +It is used when you would like to identify resource uniqely across all AWS infra. +
Place the components on the right side of the image in the right place in the drawing
-
+
-
+
diff --git a/topics/kubernetes/images/cluster_architecture_exercise.png b/topics/kubernetes/images/cluster_architecture_exercise.png
new file mode 100644
index 0000000..d50cba7
Binary files /dev/null and b/topics/kubernetes/images/cluster_architecture_exercise.png differ
diff --git a/topics/kubernetes/images/cluster_architecture_solution.png b/topics/kubernetes/images/cluster_architecture_solution.png
new file mode 100644
index 0000000..535528d
Binary files /dev/null and b/topics/kubernetes/images/cluster_architecture_solution.png differ
diff --git a/topics/kubernetes/images/kubernetes_components.png b/topics/kubernetes/images/kubernetes_components.png
deleted file mode 100644
index 9225800..0000000
Binary files a/topics/kubernetes/images/kubernetes_components.png and /dev/null differ
diff --git a/topics/kubernetes/images/kubernetes_components_solution.png b/topics/kubernetes/images/kubernetes_components_solution.png
deleted file mode 100644
index c4166fc..0000000
Binary files a/topics/kubernetes/images/kubernetes_components_solution.png and /dev/null differ
diff --git a/topics/security/README.md b/topics/security/README.md
index fd38330..5c63777 100644
--- a/topics/security/README.md
+++ b/topics/security/README.md
@@ -2,6 +2,14 @@
+ +A couple of quotations from chosen companies: + +[Snyk](https://snyk.io/series/devsecops): "DevSecOps refers to the integration of security practices into a DevOps software delivery model. Its foundation is a culture where development and operations are enabled through process and tooling to take part in a shared responsibility for delivering secure software." + +[Red Hat](https://www.redhat.com/en/topics/devops/what-is-devsecops): "DevSecOps stands for development, security, and operations. It's an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle." + +[Jfrog](https://jfrog.com/devops-tools/what-is-devsecops): "DevSecOps principles and practices parallel those of traditional DevOps with integrated and multidisciplinary teams, working together to enable secure continuous software delivery. The DevSecOps development lifecycle is a repetitive process that starts with a developer writing code, a build being triggered, the software package deployed to a production environment and monitored for issues identified in the runtime but includes security at each of these stages."
What is DevSecOps? What its core principals?
+ +A couple of quotations from chosen companies: + +[Snyk](https://snyk.io/series/devsecops): "DevSecOps refers to the integration of security practices into a DevOps software delivery model. Its foundation is a culture where development and operations are enabled through process and tooling to take part in a shared responsibility for delivering secure software." + +[Red Hat](https://www.redhat.com/en/topics/devops/what-is-devsecops): "DevSecOps stands for development, security, and operations. It's an approach to culture, automation, and platform design that integrates security as a shared responsibility throughout the entire IT lifecycle." + +[Jfrog](https://jfrog.com/devops-tools/what-is-devsecops): "DevSecOps principles and practices parallel those of traditional DevOps with integrated and multidisciplinary teams, working together to enable secure continuous software delivery. The DevSecOps development lifecycle is a repetitive process that starts with a developer writing code, a build being triggered, the software package deployed to a production environment and monitored for issues identified in the runtime but includes security at each of these stages."