Repos-que-me-gustan/devops-exercises
1
0
Fork 0
Code Pull Requests Activity

Add AWS exercises and questions

Browse Source
This commit is contained in:
abregman 2021-11-26 12:55:02 +02:00
parent 195174a5b9
commit 3bbdbafd0e
7 changed files with 368 additions and 270 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

269
README.md
View File

@ -64,7 +64,7 @@
<td align="center"><a href="#certificates"><img src="images/certificates.png" width="75px;" height="75px;" alt="Certificates"/><br /><b>Certificates</b></a></td> <td align="center"><a href="#certificates"><img src="images/certificates.png" width="75px;" height="75px;" alt="Certificates"/><br /><b>Certificates</b></a></td>
<td align="center"><a href="#containers"><img src="images/containers.png" width="70px;" height="75px;" alt="Containers"/><br /><b>Containers</b></a></td> <td align="center"><a href="#containers"><img src="images/containers.png" width="70px;" height="75px;" alt="Containers"/><br /><b>Containers</b></a></td>
<td align="center"><a href="#sql"><img src="images/sql.png" width="75px;" height="75px;" alt="sql"/><br /><b>SQL</b></a></td> <td align="center"><a href="#sql"><img src="images/sql.png" width="75px;" height="75px;" alt="sql"/><br /><b>SQL</b></a></td>
<td align="center"><a href="#openshift"><img src="images/openshift.png" width="75px;" height="75px;" alt="OpenShift"/><br /><b>OpenShift</b></a></td> <td align="center"><a href="exercises/openshift/README.md"><img src="images/openshift.png" width="75px;" height="75px;" alt="OpenShift"/><br /><b>OpenShift</b></a></td>
<td align="center"><a href="#storage"><img src="images/storage.png" width="75px;" height="75px;" alt="Storage"/><br /><b>Storage</b></a></td> <td align="center"><a href="#storage"><img src="images/storage.png" width="75px;" height="75px;" alt="Storage"/><br /><b>Storage</b></a></td>
<td align="center"><a href="#HR"><img src="images/HR.png" width="110px;" height="75px;" alt="HR"/><br /><b>HR</b></a></td> <td align="center"><a href="#HR"><img src="images/HR.png" width="110px;" height="75px;" alt="HR"/><br /><b>HR</b></a></td>
</tr> </tr>
@ -5100,273 +5100,6 @@ as key-value pair, document-oriented, etc.
* programming languages * programming languages
</b></details> </b></details>
## OpenShift
### OpenShift Exercises
|Name|Topic|Objective & Instructions|Solution|Comments|
|--------|--------|------|----|----|
| My First Project | Projects | [Exercise](exercises/openshift/projects_101.md) | [Solution](exercises/openshift/solutions/projects_101.md)
### OpenShift Self Assessment
<details>
<summary>What is OpenShift?</summary><br><b>
OpenShift is a container orchestration platform based on Kubernetes.<br>
It can be used for deploying applications while having minimal management overhead.
</b></details>
<details>
<summary>How OpenShift is related to Kubernetes?</summary><br><b>
It's built on top of Kubernetes while defining its own custom resources in addition to the built ones.
</b></details>
<details>
<summary>True or False? OpenShift is a IaaS (infrastructure as a service) solution</summary><br><b>
False. OpenShift is a PaaS (platform as a service) solution.
</b></details>
## OpenShift - Architecture
<details>
<summary>What types of nodes OpenShift has?</summary><br><b>
- Workers: Where the end-user applications are running
- Masters: Responsible for managing the cluster
</b></details>
<details>
<summary>Which component responsible for determining pod placement?</summary><br><b>
The Scheduler.
</b></details>
<details>
<summary>What else the scheduler responsible for except pod placement?</summary><br><b>
Application high availability by spreading pod replicas between worker nodes
</b></details>
## OpenShift - Projects
<details>
<summary>What is a project in OpenShift?</summary><br><b>
A project in OpenShift is a Kubernetes namespace with annotations.<br>
In simpler words, think about it as an isolated environment for users to manage and organize their resources (like Pods, Deployments, Service, etc.).
</b></details>
<details>
<summary>How to list all projects? What the "STATUS" column means in projects list output?</summary><br><b>
`oc get projects` will list all projects. The "STATUS" column can be used to see which projects are currently active.
</b></details>
<details>
<summary>You have a new team member and you would like to assign to him the "admin" role on your project in OpenShift. How to achieve that?</summary><br><b>
`oc adm policy add-role-to-user <role> <user> -n <project>`
</b></details>
## OpenShift - Images
<details>
<summary>What is an image stream?</summary><br><b>
</b></details>
<details>
<summary>What would be the best way to run and manage multiple OpenShift environments?</summary><br><b>
Federation
</b></details>
#### OpenShift - Federation
<details>
<summary>What is OpenShift Federation?</summary><br><b>
Management and deployment of services and workloads accross multiple independent clusters from a single API
</b></details>
<details>
<summary>Explain the following in regards to Federation:
* Multi Cluster
* Federated Cluster
* Host Cluster
* Member Cluster
</summary><br><b>
* Multi Cluster - Multiple clusters deployed independently, not being aware of each other
* Federated Cluster - Multiple clusters managed by the OpenShift Federation Control Plane
* Host Cluster - The cluster that runs the Federation Control Plane
* Member Cluster - Cluster that is part of the Federated Cluster and connected to Federation Control Plane
</b></details>
## OpenShift - Storage
<details>
<summary>What is a storage device? What storage devices are there?</summary><br><b>
* Hard Disks
* SSD
* USB
* Magnetic Tape
</b></details>
<details>
<summary>What is Random Seek Time?</summary><br><b>
The time it takes for a disk to reach the place where the data is located and read a single block/sector.
Bones question: What is the random seek time in SSD and Magnetic Disk?
Answer: Magnetic is about 10ms and SSD is somewhere between 0.08 and 0.16ms
</b></details>
#### OpenShift - Pods
<details>
<summary>What happens when a pod fails or exit due to container crash</summary><br><b>
Master node automatically restarts the pod unless it fails too often.
</b></details>
<details>
<summary>What happens when a pod fails too often?</summary><br><b>
It's marked as bad by the master node and temporarly not restarted anymore.
</b></details>
<details>
<summary>How to find out on which node a certain pod is running?</summary><br><b>
`oc get po -o wide`
</b></details>
#### OpenShift - Services
<details>
<summary>Explain Services and their benefits</summary><br><b>
- Services in OpenShift define access policy to one or more set of pods.<br>
- They are connecting applications together by enabling communication between them
- They provide permanent internal IP addresses and hostnames for applications
- They are able to provide basic internal load balancing
</b></details>
#### OpenShift - Labels
<details>
<summary>Explain labels. What are they? When do you use them?</summary><br><b>
- Labels are used to group or select API objects
- They are simple key-value pairs and can be included in metadata of some objects
- A common use case: group pods, services, deployments, ... all related to a certain application
</b></details>
#### OpenShift - Service Accounts
<details>
<summary>How to list Service Accounts?</summary><br><b>
`oc get serviceaccounts`
</b></details>
#### OpenShift - Networking
<details>
<summary>What is a Route?</summary><br><b>
A route is exposing a service by giving it hostname which is externally reachable
</b></details>
<details>
<summary>What Route is consists of?</summary><br><b>
- name
- service selector
- (optional) security configuration
</b></details>
<details>
<summary>True or False? Router container can run only on the Master node</summary><br><b>
False. It can run on any node.
</b></details>
<details>
<summary>Given an example of how a router is used</summary><br><b>
1. Client is using an address of application running on OpenShift
2. DNS resolves to host running the router
3. Router checks whether route exists
4. Router proxies the request to the internal pod
</b></details>
#### OpenShift - Security
<details>
<summary>What are "Security Context Constraints"?</summary><br><b>
From [OpenShift Docs](https://docs.openshift.com/container-platform/4.7/authentication/managing-security-context-constraints.html): "Similar to the way that RBAC resources control user access, administrators can use security context constraints (SCCs) to control permissions for pods".
</b></details>
<details>
<summary>How to add the ability for the user `user1` to view the project `wonderland` assuming you are authorized to do so</summary><br><b>
oc adm policy add-role-to-user view user1 -n wonderland
</b></details>
<details>
<summary>How to check what is the current context?</summary><br><b>
`oc whoami --show-context`
</b></details>
#### OpenShift - Serverless
<details>
<summary>What is OpenShift Serverless?</summary><br><b>
- In general 'serverless' is a cloud computing model where scaling and provisioning is taken care for application developers, so they can focus on the development aspect rather infrastructure related tasks
- OpenShift Serverless allows you to dynamically scale your applications and provides the ability to build event-driven applications, whether the sources are on Kubernetes, the cloud or on-premise solutions
- OpenShift Serverless is based on the Knative project.
</b></details>
<details>
<summary>What are some of the event sources you can use with OpenShift Serverless?</summary><br><b>
* Kafka
* Kubernetes APIs
* AWS Kinesis
* AWS SQS
* JIRA
* Slack
More are supported and provided with OpenShift.
</b></details>
<details>
<summary>Explain serverless functions</summary><br><b>
</b></details>
<details>
<summary>What is the difference between Serverless Containers and Serverless functions?</summary><br><b>
</b></details>
#### OpenShift - Misc
<details>
<summary>What is Replication Controller?</summary><br><b>
Replication Controller responsible for ensuring the specified number of pods is running at all times.<br>
If more pods are running than needed -> it deletes some of them<br>
If not enough pods are running -> it creates more
</b></details>
## SQL ## SQL
### SQL Exercises ### SQL Exercises

44
exercises/aws/README.md
View File

@ -44,6 +44,7 @@ Note: Provided solutions are using the AWS console. It's recommended you'll use
|Name|Topic|Objective & Instructions|Solution|Comments| |Name|Topic|Objective & Instructions|Solution|Comments|
|--------|--------|------|----|----| |--------|--------|------|----|----|
| Auto Scaling Groups Basics | ASG | [Exercise](auto_scaling_groups_basics.md) | [Solution](solutions/auto_scaling_groups_basics.md) | Easy | | Auto Scaling Groups Basics | ASG | [Exercise](auto_scaling_groups_basics.md) | [Solution](solutions/auto_scaling_groups_basics.md) | Easy |
| Dynamic Scaling Policy | ASG, Policies | [Exercise](asg_dynamic_scaling_policy.md) | [Solution](solutions/asg_dynamic_scaling_policy.md) | Easy |
#### AWS - Lambda #### AWS - Lambda
@ -1287,13 +1288,54 @@ One way is to use CloudWatch alarms where an alarm will monitor a metric and bas
</b></details> </b></details>
<details> <details>
<summary>Provide examples to metrics/rules used for auto scaling</summary><br><b> <summary>What are some metrics/rules used for auto scaling</summary><br><b>
* Network In/Out * Network In/Out
* Number of requests on ELB per instance * Number of requests on ELB per instance
* Average CPU, RAM usage * Average CPU, RAM usage
</b></details> </b></details>
<details>
<summary>What is dynamic Scaling policy in regards to Auto Scaling Groups?</summary><br><b>
A policy in which scaling will occur automatically based on different metrics.
There are 3 types:
1. Target Tracking Scaling: scale when the baseline changes (e.g. CPU is over 60%)
2. Step Scaling: more granular scaling where you can choose different actions for different metrics values (e.g. when CPU less than 20%, remove one instance. When CPU is over 40%, add 3 instances)
3. Scheduled Actions: set in advance scaling for specific period of time (e.g. add instances on Monday between 10:00 am to 11:00 am)
</b></details>
<details>
<summary>What is a predictive scaling policy in regards to Auto Scaling Groups?</summary><br><b>
Scale by analyzing historical load and schedule scaling based on forecast load.
</b></details>
<details>
<summary>Explain scaling cooldowns in regards to Auto Scaling Groups</summary><br><b>
During a scaling cooldown, ASG will not terminate or launch additional instances. The cooldown happens after scaling activity and the reason for this behaviour is that some metrics have to be collected and stabilize before another scaling operating can take place.
</b></details>
<details>
<summary>Explain the default ASG termination policy</summary><br><b>
1. It finds the AZ which the most number of EC2 instnaces
2. If number of instances > 1, choose the with oldest launch configuration, template and terminate it
</b></details>
<details>
<summary>True or False? by deafult, ASG tries to balance the number of instances across AZ</summary><br><b>
True, this is why when it terminates instances, it chooses the AZ with the most instances.
</b></details>
<details>
<summary>Explain Lifecycle Hooks in regards to Auto Scaling Groups</summary><br><b>
</b></details>
#### AWS - Security #### AWS - Security
<details> <details>

16
exercises/aws/asg_dynamic_scaling_policy.md Normal file
View File

@ -0,0 +1,16 @@
## AWS Auto Scaling Groups - Dynamic Scaling Policy
### Requirements
1. Existing Auto Scaling Group with maximum capacity set to at least 3
2. One running EC2 instance with max of 4 CPUs
### Objectives
1. Create a dynamic scaling policy with the following properties
1. Track average CPU utilization
2. Target value should be 70%
2. Increase the CPU utilization to at least 70%
1. Do you see change in number of instances?
1. Decrease CPU utilization to less than 70%
1. Do you see change in number of instances?

37
exercises/aws/solutions/asg_dynamic_scaling_policy.md Normal file
View File

@ -0,0 +1,37 @@
## AWS Auto Scaling Groups - Dynamic Scaling Policy
### Requirements
1. Existing Auto Scaling Group with maximum capacity set to at least 3
2. One running EC2 instance with max of 4 CPUs
### Objectives
1. Create a dynamic scaling policy with the following properties
1. Track average CPU utilization
2. Target value should be 70%
2. Increase the CPU utilization to at least 70%
1. Do you see change in number of instances?
1. Decrease CPU utilization to less than 70%
1. Do you see change in number of instances?
### Solution
#### Console
1. Go to EC2 service -> Auto Scaling Groups and click on the tab "Automating scaling"
2. Choose "Target tracking scaling" under "Policy Type"
3. Set metric type to Average CPU utilization
4. Set target value to 70% and click on "Create"
1. If you are using Amazon Linux 2, you can stress the instance with the following:
```
sudo amazon-linux-extras install epel -y
sudo yum install stress -y
stress -c 4 # assuming you have 4 CPUs
```
2. Yes, additional EC2 instance was added
1. Simply stop the stress command
2. Yes, one of the EC2 instances was terminated

266
exercises/openshift/README.md Normal file
View File

@ -0,0 +1,266 @@
## OpenShift
### OpenShift Exercises
|Name|Topic|Objective & Instructions|Solution|Comments|
|--------|--------|------|----|----|
| My First Project | Projects | [Exercise](projects_101.md) | [Solution](solutions/projects_101.md)
### OpenShift Self Assessment
<details>
<summary>What is OpenShift?</summary><br><b>
OpenShift is a container orchestration platform based on Kubernetes.<br>
It can be used for deploying applications while having minimal management overhead.
</b></details>
<details>
<summary>How OpenShift is related to Kubernetes?</summary><br><b>
It's built on top of Kubernetes while defining its own custom resources in addition to the built ones.
</b></details>
<details>
<summary>True or False? OpenShift is a IaaS (infrastructure as a service) solution</summary><br><b>
False. OpenShift is a PaaS (platform as a service) solution.
</b></details>
## OpenShift - Architecture
<details>
<summary>What types of nodes OpenShift has?</summary><br><b>
- Workers: Where the end-user applications are running
- Masters: Responsible for managing the cluster
</b></details>
<details>
<summary>Which component responsible for determining pod placement?</summary><br><b>
The Scheduler.
</b></details>
<details>
<summary>What else the scheduler responsible for except pod placement?</summary><br><b>
Application high availability by spreading pod replicas between worker nodes
</b></details>
## OpenShift - Projects
<details>
<summary>What is a project in OpenShift?</summary><br><b>
A project in OpenShift is a Kubernetes namespace with annotations.<br>
In simpler words, think about it as an isolated environment for users to manage and organize their resources (like Pods, Deployments, Service, etc.).
</b></details>
<details>
<summary>How to list all projects? What the "STATUS" column means in projects list output?</summary><br><b>
`oc get projects` will list all projects. The "STATUS" column can be used to see which projects are currently active.
</b></details>
<details>
<summary>You have a new team member and you would like to assign to him the "admin" role on your project in OpenShift. How to achieve that?</summary><br><b>
`oc adm policy add-role-to-user <role> <user> -n <project>`
</b></details>
## OpenShift - Images
<details>
<summary>What is an image stream?</summary><br><b>
</b></details>
<details>
<summary>What would be the best way to run and manage multiple OpenShift environments?</summary><br><b>
Federation
</b></details>
#### OpenShift - Federation
<details>
<summary>What is OpenShift Federation?</summary><br><b>
Management and deployment of services and workloads accross multiple independent clusters from a single API
</b></details>
<details>
<summary>Explain the following in regards to Federation:
* Multi Cluster
* Federated Cluster
* Host Cluster
* Member Cluster
</summary><br><b>
* Multi Cluster - Multiple clusters deployed independently, not being aware of each other
* Federated Cluster - Multiple clusters managed by the OpenShift Federation Control Plane
* Host Cluster - The cluster that runs the Federation Control Plane
* Member Cluster - Cluster that is part of the Federated Cluster and connected to Federation Control Plane
</b></details>
## OpenShift - Storage
<details>
<summary>What is a storage device? What storage devices are there?</summary><br><b>
* Hard Disks
* SSD
* USB
* Magnetic Tape
</b></details>
<details>
<summary>What is Random Seek Time?</summary><br><b>
The time it takes for a disk to reach the place where the data is located and read a single block/sector.
Bones question: What is the random seek time in SSD and Magnetic Disk?
Answer: Magnetic is about 10ms and SSD is somewhere between 0.08 and 0.16ms
</b></details>
#### OpenShift - Pods
<details>
<summary>What happens when a pod fails or exit due to container crash</summary><br><b>
Master node automatically restarts the pod unless it fails too often.
</b></details>
<details>
<summary>What happens when a pod fails too often?</summary><br><b>
It's marked as bad by the master node and temporarly not restarted anymore.
</b></details>
<details>
<summary>How to find out on which node a certain pod is running?</summary><br><b>
`oc get po -o wide`
</b></details>
#### OpenShift - Services
<details>
<summary>Explain Services and their benefits</summary><br><b>
- Services in OpenShift define access policy to one or more set of pods.<br>
- They are connecting applications together by enabling communication between them
- They provide permanent internal IP addresses and hostnames for applications
- They are able to provide basic internal load balancing
</b></details>
#### OpenShift - Labels
<details>
<summary>Explain labels. What are they? When do you use them?</summary><br><b>
- Labels are used to group or select API objects
- They are simple key-value pairs and can be included in metadata of some objects
- A common use case: group pods, services, deployments, ... all related to a certain application
</b></details>
#### OpenShift - Service Accounts
<details>
<summary>How to list Service Accounts?</summary><br><b>
`oc get serviceaccounts`
</b></details>
#### OpenShift - Networking
<details>
<summary>What is a Route?</summary><br><b>
A route is exposing a service by giving it hostname which is externally reachable
</b></details>
<details>
<summary>What Route is consists of?</summary><br><b>
- name
- service selector
- (optional) security configuration
</b></details>
<details>
<summary>True or False? Router container can run only on the Master node</summary><br><b>
False. It can run on any node.
</b></details>
<details>
<summary>Given an example of how a router is used</summary><br><b>
1. Client is using an address of application running on OpenShift
2. DNS resolves to host running the router
3. Router checks whether route exists
4. Router proxies the request to the internal pod
</b></details>
#### OpenShift - Security
<details>
<summary>What are "Security Context Constraints"?</summary><br><b>
From [OpenShift Docs](https://docs.openshift.com/container-platform/4.7/authentication/managing-security-context-constraints.html): "Similar to the way that RBAC resources control user access, administrators can use security context constraints (SCCs) to control permissions for pods".
</b></details>
<details>
<summary>How to add the ability for the user `user1` to view the project `wonderland` assuming you are authorized to do so</summary><br><b>
oc adm policy add-role-to-user view user1 -n wonderland
</b></details>
<details>
<summary>How to check what is the current context?</summary><br><b>
`oc whoami --show-context`
</b></details>
#### OpenShift - Serverless
<details>
<summary>What is OpenShift Serverless?</summary><br><b>
- In general 'serverless' is a cloud computing model where scaling and provisioning is taken care for application developers, so they can focus on the development aspect rather infrastructure related tasks
- OpenShift Serverless allows you to dynamically scale your applications and provides the ability to build event-driven applications, whether the sources are on Kubernetes, the cloud or on-premise solutions
- OpenShift Serverless is based on the Knative project.
</b></details>
<details>
<summary>What are some of the event sources you can use with OpenShift Serverless?</summary><br><b>
* Kafka
* Kubernetes APIs
* AWS Kinesis
* AWS SQS
* JIRA
* Slack
More are supported and provided with OpenShift.
</b></details>
<details>
<summary>Explain serverless functions</summary><br><b>
</b></details>
<details>
<summary>What is the difference between Serverless Containers and Serverless functions?</summary><br><b>
</b></details>
#### OpenShift - Misc
<details>
<summary>What is Replication Controller?</summary><br><b>
Replication Controller responsible for ensuring the specified number of pods is running at all times.<br>
If more pods are running than needed -> it deletes some of them<br>
If not enough pods are running -> it creates more
</b></details>

2
exercises/openshift/projects_101.md
View File

@ -1,5 +1,7 @@
## OpenShift - Projects 101 ## OpenShift - Projects 101
### Objectives
In a newly deployed cluster (preferably) perform and answer the following instructions and questions, using CLI only In a newly deployed cluster (preferably) perform and answer the following instructions and questions, using CLI only
1. Login to the OpenShift cluster 1. Login to the OpenShift cluster

4
exercises/openshift/solutions/projects_101.md
View File

@ -1,4 +1,6 @@
## Projects 101 - Solution ## OpenShift - Projects 101
### Objectives
1. Login to the OpenShift cluster -> `oc login -u YOUR_USER -p YOUR_PASSWORD_OR_TOKEN` 1. Login to the OpenShift cluster -> `oc login -u YOUR_USER -p YOUR_PASSWORD_OR_TOKEN`
2. List all the projects -> `oc get projects`(The output should be empty in a newly created cluster) 2. List all the projects -> `oc get projects`(The output should be empty in a newly created cluster)