Download the AI & Machine Learning For Dummies PRO App: iOS - Android Our AI and Machine Learning For Dummies PRO App can help you Ace the following AI and Machine Learning certifications:
Google Associate Cloud Engineer Exam Preparation: Questions and Answers Dumps
GCP, or the Google Cloud Platform, is a cloud-computing platform that provides users with access to a variety of GCP services. The GCP ACE exam is designed to test a candidate’s ability to design, implement, and manage GCP solutions. The GCP ACE questions cover a wide range of topics, from basic GCP concepts to advanced GCP features. To become a GCP Certified Associate Cloud Engineer, you must pass the GCP ACE exam. However, before you can take the exam, you must first complete the GCP ACE Quizzes below. The GCP ACE Quiz is designed to help you prepare for the GCP ACE exam by testing your knowledge of GCP concepts. After you complete the GCP ACE Quiz, you will be able to pass the GCP Practice Exam with ease.
GCP, Google Cloud Platform, has been a game changer in the tech industry. It allows organizations to build and run applications on Google’s infrastructure. The GCP platform is trusted by many companies because it is reliable, secure and scalable. In order to become a GCP.
The Google Cloud Associate Engineer Salary Average- $145,769/yr
An Associate Cloud Engineer deploys applications, monitors operations, and manages enterprise solutions.
The Associate Cloud Engineer exam assesses your ability to: Set up a cloud solution environment, Plan and configure a cloud solution, Deploy and implement a cloud solution, Ensure successful operation of a cloud solution, Configure access and security.
Question 1: You are a project owner and need your co-worker to deploy a new version of your application to App Engine. You want to follow Google’s recommended practices. Which IAM roles should you grant your co-worker?
Question 2: Your company has reserved a monthly budget for your project. You want to be informed automatically of your project spend so that you can take action when you approach the limit. What should you do?
A. Link a credit card with a monthly limit equal to your budget.
Question 3: You have a project using BigQuery. You want to list all BigQuery jobs for that project. You want to set this project as the default for the bq command-line tool. What should you do?
A. Use “gcloud config set project” to set the default project.
B. Use “bq config set project” to set the default project.
Question 4: Your project has all its Compute Engine resources in the europe-west1 region. You want to set europe-west1 as the default region for gcloud commands. What should you do?
A. Use Cloud Shell instead of the command line interface of your device. Launch Cloud Shell after you navigate to a resource in the europe-west1 region. The europe-west1 region will automatically become the default region.
B. Use “gcloud config set compute/region europe-west1” to set the default region for future gcloud commands.
C. Use “gcloud config set compute/zone europe-west1” to set the default region for future gcloud commands.
D. Create a VPN from on-premises to a subnet in europe-west1, and use that connection when executing gcloud commands.
Question 5: You developed a new application for App Engine and are ready to deploy it to production. You need to estimate the costs of running your application on Google Cloud Platform as accurately as possible. What should you do?
A. Create a YAML file with the expected usage. Pass this file to the “gcloud app estimate” command to get an accurate estimation.
B. Multiply the costs of your application when it was in development by the number of expected users to get an accurate estimation.
C. Use the pricing calculator for App Engine to get an accurate estimation of the expected charges.
D. Create a ticket with Google Cloud Billing Support to get an accurate estimation.
ANSWER 5:
C
Notes/Hint 5:
This is the proper way to estimate charges.
Question 6: Your company processes high volumes of IoT data that are time-stamped. The total data volume can be several petabytes. The data needs to be written and changed at a high speed. You want to use the most performant storage option for your data. Which product should you use?
A. Cloud Datastore
B. Cloud Storage
C. Cloud Bigtable
D. BigQuery
ANSWER 6:
C
Notes/Hint 6:
Cloud Bigtable is the most performant storage option to work with IoT and time series data.
Question 7: Your application has a large international audience and runs stateless virtual machines within a managed instance group across multiple locations. One feature of the application lets users upload files and share them with other users. Files must be available for 30 days; after that, they are removed from the system entirely. Which storage solution should you choose?
Buckets can be multi-regional and have lifecycle management.
Question 8: You have a definition for an instance template that contains a web application. You are asked to deploy the application so that it can scale based on the HTTP traffic it receives. What should you do?
A. Create a VM from the instance template. Create a custom image from the VM’s disk. Export the image to Cloud Storage. Create an HTTP load balancer and add the Cloud Storage bucket as its backend service.
B. Create a VM from the instance template. Create an App Engine application in Automatic Scaling mode that forwards all traffic to the VM.
C. Create a managed instance group based on the instance template. Configure autoscaling based on HTTP traffic and configure the instance group as the backend service of an HTTP load balancer.
D. Create the necessary amount of instances required for peak user traffic based on the instance template. Create an unmanaged instance group and add the instances to that instance group. Configure the instance group as the Backend Service of an HTTP load balancer.
Question 9: You are creating a Kubernetes Engine cluster to deploy multiple pods inside the cluster. All container logs must be stored in BigQuery for later analysis. You want to follow Google-recommended practices. Which two approaches can you take?
A. Turn on Stackdriver Logging during the Kubernetes Engine cluster creation.
B. Turn on Stackdriver Monitoring during the Kubernetes Engine cluster creation.
C. Develop a custom add-on that uses Cloud Logging API and BigQuery API. Deploy the add-on to your Kubernetes Engine cluster.
D. Use the Stackdriver Logging export feature to create a sink to Cloud Storage. Create a Cloud Dataflow job that imports log files from Cloud Storage to BigQuery.
E. Use the Stackdriver Logging export feature to create a sink to BigQuery. Specify a filter expression to export log records related to your Kubernetes Engine cluster only.
Answer 9:
A and E
Notes/Hint 9:
Creating a cluster with Stackdriver Logging option will enable all the container logs to be stored in Stackdriver Logging.
Question 10: You need to create a new Kubernetes Cluster on Google Cloud Platform that can autoscale the number of worker nodes. What should you do?
A. Create a cluster on Kubernetes Engine and enable autoscaling on Kubernetes Engine.
B. Create a cluster on Kubernetes Engine and enable autoscaling on the instance group of the cluster.
C. Configure a Compute Engine instance as a worker and add it to an unmanaged instance group. Add a load balancer to the instance group and rely on the load balancer to create additional Compute Engine instances when needed.
D. Create Compute Engine instances for the workers and the master, and install Kubernetes. Rely on Kubernetes to create additional Compute Engine instances when needed.
Question 11: You have an application server running on Compute Engine in the europe-west1-d zone. You need to ensure high availability and replicate the server to the europe-west2-c zone using the fewest steps possible. What should you do?
A. Create a snapshot from the disk. Create a disk from the snapshot in the europe-west2-c zone. Create a new VM with that disk.
B. Create a snapshot from the disk. Create a disk from the snapshot in the europe-west1-d zone and then move the disk to europe-west2-c. Create a new VM with that disk.
C. Use “gcloud” to copy the disk to the europe-west2-c zone. Create a new VM with that disk.
D. Use “gcloud compute instances move” with parameter “–destination-zone europe-west2-c” to move the instance to the new zone.
Answer 11:
A
Notes/Hint 11:
This makes sure the VM gets replicated in the new zone.
Question 12: Your company has a mission-critical application that serves users globally. You need to select a transactional, relational data storage system for this application. Which two products should you consider
A. BigQuery
B. Cloud SQL
C. Cloud Spanner
D. Cloud Bigtable
E. Cloud Datastore
Answer 12:
B
Notes/Hint 12:
Cloud SQL is a relational and transactional database in the list.
Spanner is a relational and transactional database in the list.
Question 13: You have a Kubernetes cluster with 1 node-pool. The cluster receives a lot of traffic and needs to grow. You decide to add a node. What should you do?
A. Use “gcloud container clusters resize” with the desired number of nodes.
B. Use “kubectl container clusters resize” with the desired number of nodes.
C. Edit the managed instance group of the cluster and increase the number of VMs by 1.
D. Edit the managed instance group of the cluster and enable autoscaling.
Answer 13:
A
Notes/Hint 13:
This resizes the cluster to the desired number of nodes.
Question 14: You created an update for your application on App Engine. You want to deploy the update without impacting your users. You want to be able to roll back as quickly as possible if it fails. What should you do?
A. Delete the current version of your application. Deploy the update using the same version identifier as the deleted version.
B. Notify your users of an upcoming maintenance window. Deploy the update in that maintenance window.
C. Deploy the update as the same version that is currently running.
D. Deploy the update as a new version. Migrate traffic from the current version to the new version.
Question 15: You have created a Kubernetes deployment, called Deployment-A, with 3 replicas on your cluster. Another deployment, called Deployment-B, needs access to Deployment-A. You cannot expose Deployment-A outside of the cluster. What should you do?
A. Create a Service of type NodePort for Deployment A and an Ingress Resource for that Service. Have Deployment B use the Ingress IP address.
B. Create a Service of type LoadBalancer for Deployment A. Have Deployment B use the Service IP address.
C. Create a Service of type LoadBalancer for Deployment A and an Ingress Resource for that Service. Have Deployment B use the Ingress IP address.
D. Create a Service of type ClusterIP for Deployment A. Have Deployment B use the Service IP address.
Question 16: You need to estimate the annual cost of running a Bigquery query that is scheduled to run nightly. What should you do?
A. Use “gcloud query –dry_run” to determine the number of bytes read by the query. Use this number in the Pricing Calculator.
B. Use “bq query –dry_run” to determine the number of bytes read by the query. Use this number in the Pricing Calculator.
C. Use “gcloud estimate” to determine the amount billed for a single query. Multiply this amount by 365.
D. Use “bq estimate” to determine the amount billed for a single query. Multiply this amount by 365.
Answer 16:
B
Notes/Hint 16:
This is the correct way to estimate the yearly BigQuery querying costs.
Question 17: You want to find out who in your organization has Owner access to a project called “my-project”.What should you do?
A. In the Google Cloud Platform Console, go to the IAM page for your organization and apply the filter “Role:Owner”.
B. In the Google Cloud Platform Console, go to the IAM page for your project and apply the filter “Role:Owner”.
C. Use “gcloud iam list-grantable-role –project my-project” from your Terminal.
D. Use “gcloud iam list-grantable-role” from Cloud Shell on the project page.
Answer 17:
B
Notes/Hint 17:
B is correct because this shows you the Owners of the project.
Question 18: You want to create a new role for your colleagues that will apply to all current and future projects created in your organization. The role should have the permissions of the BigQuery Job User and Cloud Bigtable User roles. You want to follow Google’s recommended practices. How should you create the new role?
A. Use “gcloud iam combine-roles –global” to combine the 2 roles into a new custom role.
B. For one of your projects, in the Google Cloud Platform Console under Roles, select both roles and combine them into a new custom role. Use “gcloud iam promote-role” to promote the role from a project role to an organization role.
C. For all projects, in the Google Cloud Platform Console under Roles, select both roles and combine them into a new custom role.
D. For your organization, in the Google Cloud Platform Console under Roles, select both roles and combine them into a new custom role.
Answer 18:
D
Notes/Hint 18:
D is correct because this creates a new role with the combined permissions on the organization level.
Question 19: You work in a small company where everyone should be able to view all resources of a specific project. You want to grant them access following Google’s recommended practices. What should you do?
A. Create a script that uses “gcloud projects add-iam-policy-binding” for all users’ email addresses and the Project Viewer role.
B. Create a script that uses “gcloud iam roles create” for all users’ email addresses and the Project Viewer role.
C. Create a new Google Group and add all users to the group. Use “gcloud projects add-iam-policy-binding” with the Project Viewer role and Group email address.
D. Create a new Google Group and add all members to the group. Use “gcloud iam roles create” with the Project Viewer role and Group email address.
Question 20: You need to verify the assigned permissions in a custom IAM role. What should you do?
A. Use the GCP Console, IAM section to view the information.
B. Use the “gcloud init” command to view the information.
C. Use the GCP Console, Security section to view the information.
D. Use the GCP Console, API section to view the information.
Answer 20:
A
Notes/Hint 20:
A is correct because this is the correct console area to view permission assigned to a custom role in a particular project.
Question 21: Your coworker created a deployment for your application container. You can see the deployment under Workloads in the console. They’re out for the rest of the week, and your boss needs you to complete the setup by exposing the workload. What’s the easiest way to do that?
A. Create a new Service that points to the existing deployment.
B. Create a new DaemonSet.
C. Create a Global Load Balancer that points to the pod in the deployment.
D. Create a Static IP Address Resource for the Deployment.
Question 22: Your team is working on designing an IoT solution. There are thousands of devices that need to send periodic time series data for processing. Which services should be used to ingest and store the data?
A. Pub/Sub, Datastore
B. Pub/Sub, Dataproc
C. Dataproc, Bigtable
D. Pub/Sub, Bigtable
Answer 22:
D
Notes/Hint 22:
Pub/Sub is able to handle the ingestion, and Bigtable is a great solution for time series data.
Question 23: You have an App Engine application running in us-east1. You’ve noticed 90% of your traffic comes from the West Coast. You’d like to change the region. What’s the best way to change the App Engine region?
A. Use the gcloud app region set command and supply the name of the new region.
B. Contact Google Cloud Support and request the change.
C. From the console, under the App Engine page, click edit, and change the region drop-down.
D. Create a new project and create an App Engine instance in us-west2.
Question 24: You’ve uploaded some static web assets to a public storage bucket for the developers. However, they’re not able to see them in the browser due to what they called “CORS errors”. What’s the easiest way to resolve the errors for the developers?
A. Advise the developers to adjust the CORS configuration inside their code.
B. Use the gsutil cors set command to set the CORS configuration on the bucket.
C. Use the gsutil set cors command to set the CORS configuration on the bucket.
D. Use the gsutil set cors command to set the CORS configuration on the object.
Answer 24:
B
Notes/Hint 24:
CORS settings are made to a bucket, not an object.. You can set the CORS configuration on the bucket allowing the objects to be viewable from the required domains.
Question 25: You’ve uploaded some PDFs to a public bucket. When users browse to the documents, they’re downloaded rather than viewed in the browser. How can we ensure that the PDFs are viewed in the browser?
A. This is a browser setting and not something that can be changed.
B. Use the gsutil set file-type pdfcommand.
C. Set the Content metadata for the object to “application/pdf”.
D. Set the Content-Type metadata for the object to “application/pdf”.
Question 26: You’ve been tasked with getting all of your team’s public SSH keys onto all of the instances of a particular project. You’ve collected them all. With the fewest steps possible, what is the simplest way to get the keys deployed?
A. Use the gcloud compute ssh command to upload all the keys
B. Format all of the keys as needed and then, using the user interface, upload each key one at a time.
C. Add all of the keys into a file that’s formatted according to the requirements. Use the gcloud compute project-info add-metadata command to upload the keys.
D. Add all of the keys into a file that’s formatted according to the requirements. Use the gcloud compute instances add-metadata command to upload the keys to each instance
Answer 26:
C
Notes/Hint 26:
This will upload the keys as project metadata which allows SSH access to the user’s with uploaded keys
Question 27: What must you do before you create an instance with a GPU? ( Pick at least 2)
A. You must only select the GPU driver type. The correct base image is selected automatically.
B. You must select which boot disk image you want to use for the instance.
C. Nothing. GPU drivers are automatically included with the boot disk images.
D. You must make sure the selected image has the appropriate GPU driver is installed
Question 30: Your security team has been reluctant to move to the cloud because they don’t have the level of network visibility they’re used to. Which feature might help them to gain insights into your Google Cloud network?
A. Routes
B. Subnets
C. Flow Logs
D. Firewall rules
Answer 30:
C
Notes/Hint 30:
Flow logs are great for gaining insights into what’s happening on a network. They provide a sample of the flows to and from instances.
Question 31: You’re in charge of setting up a Stackdriver account to monitor 3 separate projects. Which of the following is a Google best practice?
A. Use the existing project with the least resources as the host project for the Stackdriver account.
B. Use the existing project with the most resources as the host project for the Stackdriver account.
C. Create a new, empty project to use as the host project for the Stackdriver account.
D. Use one of the existing projects as the host project for the Stackdriver account.
Question 32: You’re attempting to set up a File based Billing Export. Which of the following components are required?
A. A Cloud Storage bucket.
B. A BigQuery dataset.
C. A report prefix.
D. A Budget and at least one alert.
Answer 32:
A and C
Notes/Hint 32:
A cloud storage bucket is required in order to have a location for the files to be exported to. A report prefix is the portion of the file name that’s appended to each file.
Question 33: You’ve installed the Google Cloud SDK natively on your Mac. You’d like to install the kubectl component via the Google Cloud SDK. Which command would accomplish this?
A. sudo apt-get install kubectl
B. gcloud components install kubectl
C. pip install kubectl
D. brew install kubectl
Answer 33:
B
Notes/Hint 33:
For Windows and Mac, you can use the built-in component manager.
Question 34: You’re attempting to set the default Compute Engine zone with the Cloud SDK. Which of the following commands would work?
A. gcloud config set compute/zone us-east1-c
B. gcloud set compute\zone us-east1
C. gcloud set compute/zone us-east1
D. gcloud config set compute\zone us-east1
Answer 34:
A
Notes/Hint 34:
gcloud config set compute/zone us-east1-c works perfectly
Question 35: You’ve been hired as a Cloud Engineer for a 2-year-old startup company. Recently they’ve had a bit of turn over, and several engineers have left the company to pursue different projects. Shortly after one of them leaves, it is found that a core project seems to have been deleted. What is the most likely cause for of the project’s deletion?
A. You’ve been the victim of the latest malware that deletes one project per hour until you pay them to stop.
B. One of the engineers intentionally deleted the project out of spite.
C. The project was created by one of the engineers and not attached to the organization.
D. A failed attempt to pay the bill resulted in Google deleting the project.
Question 36: You’re using Stackdriver to set up some alerts. You want to reuse your existing REST-based notification tools that your ops team has created. You want the setup to be as simple as possible to configure and maintain. Which notification option would be the best option?
A. Use a Slack bot to listen for messages posted by Google.
B. Send it to an email account that is being polled by a custom process that can handle the notification.
C. Send notifications via SMS and use a custom app to forward them to the REST API.
D. Webhooks
Answer 36:
D
Notes/Hint 36:
Webhooks would allow you to easily send the notification to an HTTP(S) endpoint. Given the above scenario, this is the best option for something custom.
Question 37: A member of the finance team informed you that one of the projects is using the old billing account. What steps should you take to resolve the problem?
A. Submit a support ticket requesting the change.
B. Go to the Billing page, locate the list of projects, find the project in question and select Change billing account. Then select the correct billing account and save.
C. Go to the Project page; expand the Billing tile; select the Billing Account option; select the correct billing account and save.
D. Delete the project and recreate it with the correct billing account.
Answer 37:
B
Notes/Hint 37:
Go to the Billing page, locate the list of projects, find the project in question and select Change billing account. Then select the correct billing account and save.
Question 38: You’re using a self-serve Billing Account to pay for your 2 projects. Your billing threshold is set to $1000.00 and between the two projects you’re spending roughly 50 dollars per day. It has been 18 days since you were last charged.Given the above data, when will you likely be charged next?
A. On the first day of the next month.
B. In 2 days when you’ll hit your billing threshold.
C. On the thirtieth day of the month.
D. In 12 days, making it 30 days since the previous payment.
Answer 38:
B
Notes/Hint 38:
With Self-serve, you pay when you hit the billing threshold or every 30 days; whichever happens first. Given the scenario assumes $50 per day, you’ll hit the spending threshold in 2 more days.
Question 39: You have 3 Cloud Storage buckets that all store sensitive data. Which grantees should you audit to ensure that these buckets are not public?
A. allUsers
B. allAuthenticatedUsers
C. publicUsers
D. allUsers and allAuthenticatedUsers
Answer 39:
D
Notes/Hint 39:
Either of these tokens represents public users. allAuthenticatedUsers represents a user with a Google account. They don’t need to be part of your organization. Neither token should be used to grant permissions unless the bucket is truly public.
[appbox appstore 1574395172-iphone screenshots]
Question 40: You’ve been asked to help onboard a new member of the big-data team. They need full access to BigQuery. Which type of role would be the most efficient to set up while following the principle of least privilege?
A. Primitive Role
B. Custom Role
C. Managed Role
D. Predefined Role
Answer 40:
D
Notes/Hint 40:
Predefined roles would work great for this use case because they’re specific to resources. BigQuery has several predefined roles including a “BigQuery Admin” role.
Question 41: Your organization is a financial company that needs to store audit log files for 3 years. Your organization has hundreds of Google Cloud projects. You need to implement a cost-effective approach for log file retention. What should you do?
A. Create an export to the sink that saves logs from Cloud Audit to BigQuery.
B. Create an export to the sink that saves logs from Cloud Audit to a Coldline Storage bucket.
C. Write a custom script that uses logging API to copy the logs from Stackdriver logs to BigQuery.
D. Export these logs to Cloud Pub/Sub and write a Cloud Dataflow pipeline to store logs to Cloud SQL.
Question 42: You want to run a single caching HTTP reverse proxy on GCP for a latency-sensitive website. This specific reverse proxy consumes almost no CPU. You want to have a 30-GB in-memory cache, and need an additional 2 GB of memory for the rest of the processes. You want to minimize cost. How should you run this reverse proxy?
A. Create a Cloud Memorystore for Redis instance with 32-GB capacity.
B. Run it on Compute Engine, and choose a custom instance type with 6 vCPUs and 32 GB of memory.
C. Package it in a container image, and run it on Kubernetes Engine, using n1-standard-32 instances as nodes.
D. Run it on Compute Engine, choose the instance type n1-standard-1, and add an SSD persistent disk of 32 GB.
Answer 42: B
Question 43: You are hosting an application on bare-metal servers in your own data center. The application needs access to Cloud Storage. However, security policies prevent the servers hosting the application from having public IP addresses or access to the internet. You want to follow Google-recommended practices to provide the application with access to Cloud Storage. What should you do?
A. 1. Use nslookup to get the IP address for storage.googleapis.com. 2. Negotiate with the security team to be able to give a public IP address to the servers. 3. Only allow egress traffic from those servers to the IP addresses for storage.googleapis.com.
B. 1. Using Cloud VPN, create a VPN tunnel to a Virtual Private Cloud (VPC) in Google Cloud. 2. In this VPC, create a Compute Engine instance and install the Squid proxy server on this instance. 3. Configure your servers to use that instance as a proxy to access Cloud Storage.
C. 1. Use Migrate for Compute Engine (formerly known as Velostrata) to migrate those servers to Compute Engine. 2. Create an internal load balancer (ILB) that uses storage.googleapis.com as backend. 3. Configure your new instances to use this ILB as proxy.
D. 1. Using Cloud VPN or Interconnect, create a tunnel to a VPC in Google Cloud. 2. Use Cloud Router to create a custom route advertisement for 199.36.153.4/30. Announce that network to your on-premises network through the VPN tunnel. 3. In your on-premises network, configure your DNS server to resolve *.googleapis.com as a CNAME to restricted.googleapis.com.
Answer 43: C
Question 44: You want to deploy an application on Cloud Run that processes messages from a Cloud Pub/Sub topic. You want to follow Google-recommended practices. What should you do?
A. 1. Create a Cloud Function that uses a Cloud Pub/Sub trigger on that topic. 2. Call your application on Cloud Run from the Cloud Function for every message.
B. 1. Grant the Pub/Sub Subscriber role to the service account used by Cloud Run. 2. Create a Cloud Pub/Sub subscription for that topic. 3. Make your application pull messages from that subscription.
C. 1. Create a service account. 2. Give the Cloud Run Invoker role to that service account for your Cloud Run application. 3. Create a Cloud Pub/Sub subscription that uses that service account and uses your Cloud Run application as the push endpoint.
D. 1. Deploy your application on Cloud Run on GKE with the connectivity set to Internal. 2. Create a Cloud Pub/Sub subscription for that topic. 3. In the same Google Kubernetes Engine cluster as your application, deploy a container that takes the messages and sends them to your application.
Answer 44: D
Question 45: You need to deploy an application, which is packaged in a container image, in a new project. The application exposes an HTTP endpoint and receives very few requests per day. You want to minimize costs. What should you do?
A. Deploy the container on Cloud Run.
B. Deploy the container on Cloud Run on GKE.
C. Deploy the container on App Engine Flexible.
D. Deploy the container on GKE with cluster autoscaling and horizontal pod autoscaling enabled.
Answer 45: B
Question 46: Your company has an existing GCP organization with hundreds of projects and a billing account. Your company recently acquired another company that also has hundreds of projects and its own billing account. You would like to consolidate all GCP costs of both GCP organizations onto a single invoice. You would like to consolidate all costs as of tomorrow. What should you do?
A. Link the acquired company’s projects to your company’s billing account.
B. Configure the acquired company’s billing account and your company’s billing account to export the billing data into the same BigQuery dataset.
C. Migrate the acquired company’s projects into your company’s GCP organization. Link the migrated projects to your company’s billing account.
D. Create a new GCP organization and a new billing account. Migrate the acquired company’s projects and your company’s projects into the new GCP organization and link the projects to the new billing account.
Question 47: You built an application on Google Cloud that uses Cloud Spanner. Your support team needs to monitor the environment but should not have access to table data. You need a streamlined solution to grant the correct permissions to your support team, and you want to follow Google-recommended practices. What should you do?
A. Add the support team group to the roles/monitoring.viewer role
B. Add the support team group to the roles/spanner.databaseUser role.
C. Add the support team group to the roles/spanner.databaseReader role.
D. Add the support team group to the roles/stackdriver.accounts.viewer role.
Answer 47: B
Question 48: For analysis purposes, you need to send all the logs from all of your Compute Engine instances to a BigQuery dataset called platform-logs. You have already installed the Cloud Logging agent on all the instances. You want to minimize cost. What should you do?
A. 1. Give the BigQuery Data Editor role on the platform-logs dataset to the service accounts used by your instances. 2. Update your instancesג€™ metadata to add the following value: logs-destination: bq://platform-logs.
B. 1. In Cloud Logging, create a logs export with a Cloud Pub/Sub topic called logs as a sink. 2. Create a Cloud Function that is triggered by messages in the logs topic. 3. Configure that Cloud Function to drop logs that are not from Compute Engine and to insert Compute Engine logs in the platform-logs dataset.
C. 1. In Cloud Logging, create a filter to view only Compute Engine logs. 2. Click Create Export. 3. Choose BigQuery as Sink Service, and the platform-logs dataset as Sink Destination.
D. 1. Create a Cloud Function that has the BigQuery User role on the platform-logs dataset. 2. Configure this Cloud Function to create a BigQuery Job that executes this query: INSERT INTO dataset.platform-logs (timestamp, log) SELECT timestamp, log FROM compute.logs WHERE timestamp > DATE_SUB(CURRENT_DATE(), INTERVAL 1 DAY) 3. Use Cloud Scheduler to trigger this Cloud Function once a day.
Answer 48: C
Question 49: You are using Deployment Manager to create a Google Kubernetes Engine cluster. Using the same Deployment Manager deployment, you also want to create a DaemonSet in the kube-system namespace of the cluster. You want a solution that uses the fewest possible services. What should you do?
A. Add the cluster’s API as a new Type Provider in Deployment Manager, and use the new type to create the DaemonSet.
B. Use the Deployment Manager Runtime Configurator to create a new Config resource that contains the DaemonSet definition.
C. With Deployment Manager, create a Compute Engine instance with a startup script that uses kubectl to create the DaemonSet.
D. In the cluster’s definition in Deployment Manager, add a metadata that has kube-system as key and the DaemonSet manifest as value.
Question 50: You are building an application that will run in your data center. The application will use Google Cloud Platform (GCP) services like AutoML. You created a service account that has appropriate access to AutoML. You need to enable authentication to the APIs from your on-premises environment. What should you do?
A. Use service account credentials in your on-premises application.
B. Use gcloud to create a key file for the service account that has appropriate permissions.
C. Set up direct interconnect between your data center and Google Cloud Platform to enable authentication for your on-premises applications.
D. Go to the IAM & admin console, grant a user account permissions similar to the service account permissions, and use this user account for authentication from your data center.
Yes, Google App Engine(GAE) , a fully managed PaaS is 100% worthy if :
you want ready and quick platform to build web applications and mobile backends on Cloud scale with very low cost start
want to get rid of the burden managing and provisioning Infrastructure, application security and scale
are fine with almost no control over web server and application software like Database, File storage, Messaging mechanism. You have to live with what GAE offers and choose from choices available. Forget about customization!
can live with fixed set of language runtimes like Node.js, Java, Ruby, C#, Go, Python, ….
Google App Engine is PaaS platform (Platform as a service) that is used to deploy large-scale web and mobile apps. So, the sites are:Disney
Snapchat, YouTube, Accenture, Practo, Samba Tech, Buddy, Kam Bam, Coco Cola, The New York Times, Stack
It is one of the most trusted cloud platform used by top companies. We will get to see many more sites deploying Google App Engine for their web & app hosting.
Well, I believe it because I met and discussed it with some of the Google engineers responsible for that area. And I am not special in that respect: it’s not a secret. Here’s the missing link: Google runs KVM in a container. To be crystal clear, a container is not an actual Linux construct. There is no Linux system call you can make to create a container. Instead, it is the term we give to the usage of Linux primitives like namespaces and cgroups to partition applications into their own Linux-level virtual compute space. Except we don’t call it that, we call it a container. So, at the lowest level, Google’s infrastructure schedules containers. To create a virtual machine, google runs KVM in one of those containers. So the document you link to is absolutely valid *and* KVM runs in a containe(more)
No, but to be honest, I think that’s what their gaming system is for. Reverse marketing. They don’t expect it to be a hit, but if they’re almost good enough for gaming, then they’re certainly good enough for me. They’re not aiming for gamers, but everyone else. There is definitely a market for public VDI. I was working on that concept ten years ago, but I didn’t have the resources to pull it off. Back then, watching Youtube videos on the client was not feasible. These days, you could probably kill the whole PC industry if you had the resources. If Google develops something like JackPC that is able to connect to their Stadia and provide a VM, I would recommend it to my father, but I wouldn’t use it, because I still have a long life to live and I’m not giving it to Google. But if they made i(more)
Google runs Linux on its hardware (AKA “Linux on bare metal”). As part of that Linux image, it has its own Linux container implementation based on cgroups and namespaces. In Google Cloud platform, it then runs KVM inside a Linux container, and the VMs run on top of KVM. So the hierarchy is VM->KVM->Linux->Bare metal(more)
i would suggest you to read this document thoroughly, so that you can understand logging into Compute instances is not that tedious… 🙂 Connecting to instances using advanced methods | Compute Engine Documentation | Google Cloud(more)
Lets have two variables (although they can be more): ease of administration, constraints of use. App Engine: from your side there is almost no administration, you write code (with somewhat limited possibilities), upload and basically don’t have other major concerns (well maybe how to lower your bills if your app gets popular)) all the rest (storage, scaling, installing programs etc.) handles app engine Compute Engine is virtual machine with preinstalled OS and you can do with it whatever you want. That means you have to install all programs by yourself but you are not limited with what can you do with it. Container Engine is another level above Compute Engine, i.e. it’s cluster of several Compute Engine instances which can be centrally managed. There is also one level between GAE and GCE:(more)
Both of them have almost the same price but they have different type of discounts. For instance AWS has “Reserved Instance” discount model for 1 or 3 year purchase. You have to pay almost 1/3 of the period as pre-paid and you’ll get %30–60 discounts depends on period you choose and EC2 instance type you have. Google Cloud has a monthly discount model and it applies automatically if you use a compute engine more than 10 days in a month. If you run the compute instance during the month you may have %30 discount without pre-pay anything. So both of them have discounts but in a different financial payment model. As an alternative, you can checkout DigitalOcean for the affordable prices.(more)
They’re three different approaches to running services on virtual machines. AppEngine is designed around automatic scaling of services. There’s actually two different flavors of AppEngine entirely : the “standard environment,” which is a sandbox, and the “flexible environment,” which is a more traditional (though still not traditional!) VM running in a Docker container. Both versions are designed to automatically spawn more instances of your service in response to increases in load, and isolate you from a lot of hard SRE problems. Compute Engine is just plain old virtual machines. If you want to run an instance of a VM with a certain amount of memory and hard drive space, running under a given version of Linux, and not have to worry about physical equipment, Compute Engine is for you. (Mor(more)
I do not understand why the question asks about both EC2/Compute Engine and Cloud-Storage/S3. Cloud-Storage/S3 is used to serve static websites. The EC2/computer engine is typically used to serve dynamic content (However, it can serve static websites too). I would try and figure out which one of these suits your use better. In both the cases, however, GCP is cheaper (You also get credits to use it free for one year) – they even have a page where you can calculate how much you save moving from AWS to GC → Google Cloud Platform Pricing Calculator | Google Cloud Platform | Google Cloud (The only case where I have seen GCP is more expensive is when it comes to hosting proprietary licensed DBs like MS SQL).(more)
We started offering our hadoop service on GCE. We ran hadoop workloads with a root persistent disk(storage over network) and an additional persistent disk of size 500 GB. Consistently, we observed that the performance is better than other leading cloud providers where we used local disks of the instance. Few months back, GCE was offering scratch disks. They decided to replace scratch disks with persistent disk when they went GA. This fact clearly shows that there was enough confidence, that persistent disks were performing well compared to scratch disks. (if thats not the case, Google would not have made this bold move and continued offering scratch disks also like AWS) This performance must partly be attributed to their networking stack. Its considered the best out there in the(more)
Google has been building and using its own private cloud since the start of the company. They have always been known for about setting the standards in many industries, and public cloud is what happening. For years, people would always wanted to use their cloud technology (Colossus, BigTable, GAE, etc..). Strategically, Google knows that if they focus more on providing and marketing their public cloud based on what they currently use, people who look up to them would see it as standard, and it’s all good for business. Another reason is, with recent acquisitions (for instance, Nest), Google realized that those successful startups they acquire use AWS more than GCP. Telling the existing development teams to migrate to GCP will disrupt the team (just like Microsoft’s acquisition of Minecraft(more)
I strongly suggest to move your installation to google app engine instead. It’s easy, it will leverage your maintenance costs, and it will auto scale when needed. As for cdn, you can host static files on google storage that is already managed with google cdn behind the scene. To go with WordPress on google app engine there are simple tutorials like this: GoogleCloudPlatform/php-docs-samples I did this setup many times with great success. I also wrote a small tutorial to speed up your wp installation with memcache (that comes as a free service in google app engine). giona69/wordpress-made-extremely-fast Good work!(more)
I just want to explain in a way that a person who don’t have any prior knowledge on containers and clusters should be able to understand what kubernetes is and what it does. First we understand why container. * Let’s say you want to gift a cycle to your kid on his birthday. Now if the cycle is delivered to you with parts separated and a manual that describes how to attach the parts. Well you may end up screwing things. * Instead what if the cycle itself is ready-made and packed in a container and delivered to your home address, with no manual intervention required? . Ain’t that awesome. * * The individual parts of cycle is the dependencies of the project which may work at one place and not the other. * * The cycle company is the developers hub, and the client here is the one using our product. * * To solve thi(more)
Indeed Kubernetes and Docker are two different things that are related to each other. Let’s have a look; After getting used to Docker, you realize that there should be ‘Docker run’ commands or something like that to run many containers across heterogeneous hosts. Here is when Kubernetes or k8s comes in. It solved many problems that Docker had. Kubernetes is based on Google’s container management system- Borg and language used is Go. It is a COE (Container Orchestration Environment) for Docker containers. The function of COE is to make it sure that application is launched and running properly. If in case a container fails, Kubernetes will spin up another container. It provides a complete system for running so many containers across multiple hosts. It has load balancer integrated and uses etc(more)
Kubernetes is a vendor-agnostic cluster and container management tool, open-sourced by Google in 2014. It provides a “platform for automating deployment, scaling, and operations of application containers across clusters of hosts”. Above all, this lowers the cost of cloud computing expenses and simplifies operations and architecture. Kubernetes and the Need for Containers Before we explain what Kubernetes does, we need to explain what containers are and why people are using those. A container is a mini-virtual machine. It is small, as it does not have device drivers and all the other components of a regular virtual machine. Docker is by far the most popular container and it is written in Linux. Microsoft also has added containers to Windows as well, because they have become so popular. The bes(more)
Despite the little time that Kubernetes has in the market, this tool has become a reference in terms of the management and allocation of service packages (containers) within a cluster. Initially developed by Google, Kubernetes emerged as an open-source alternative to the Borg and Omega systems, being officially launched in 2015. What is Kubernetes? Kubernetes is an open-source tool also designated as an orchestrator, which is used to carry out the distribution and organization of workloads in the form of containers. This, in order to maintain the availability and accessibility of existing resources to customers, as well as stability when carrying out the execution of multiple services simultaneously. Through this action scheme, Kubernetes makes it possible for numerous servers of different typ(more)
There are a countless number of debates, discussions and social clatter talking about Kubernetes and Docker. Nevertheless, Kubernetes and Docker Swarm are not rivals! Both have their own pros and cons and can be used depending on your application requirements. Benefits & drawbacks of Kubernetes Benefits of Kubernetes: * Kubernetes is backed by the Cloud Native Computing Foundation (CNCF). * Kubernetes have an impressively huge community among container orchestration tools. Over 50,000 commits and 1200 contributors. * Kubernetes is an open source and modular tool that works with any OS. * Kubernetes provides easy service organization with pods (Start your Kubernetes journey to resilient and highly available deployments – Free consultation on Kubernetes) Drawbacks of Kubernetes * When doing it yourself, K(more)
If you already ‘know’ Docker containers, then spin up a Kubernetes system (Not as hard as you think – check out installing Minikube) read through the docs for Kubernetes and start trying out some of the capabilities for yourself. The (free) Katacoda is a browser-based learning platform has a number of ‘scenarios’ that run on pre-deployed Kubernetes system. Follow this link to Katacoda and then search for “Kubernetes.” Note that you can copy-paste your way through most of the exercises in a minute or two, learning is on you to read and understand what it is you are pasting. Online resources such as the “Awesome Kubernetes” or “Awesome Docker” lists (you do need to have some understanding of Docker to work with Kubernetes) will give you a pile of options – free and paid – to get into greater(more)
When Linux containers appeared at the time of LXC, a lot of people in the IT world saw them as something marvelous, they offered a way of packaging software with all their dependencies and running then in any other Linux machine. Much like virtual machines, but without the performance losses. But the truth was that they weren’t widely used, they required some plumbing to make them work, and there were no standard way to distribute the images. Then docker appeared, adding to existing container technologies a workflow for building and sharing images and a common interface to start containers. This came to popularize these technologies, but they weren’t still widely used for production systems, mainly because it was not so advantageus to have just another packaging system for production. And t(more)
There is no one way to compare because they are mostly different things. That said, I’ll first try and define the need for each one of these and link them together. Let’s start with the bottom of the stack. You need infrastructure to run your servers. What could you go with? You can use a VPS provider like DigitalOcean, or use AWS. What if, for some non-technical reason, you can’t use AWS? For instance, there is a legal compliance that states that the data I store and servers I run are in the same geography as the customers I serve, and AWS does not have a region for the same? This is where OpenStack comes in. It is a platform to manage your infrastructure. Think of it as an open source implementation of AWS which you can run on bare metal data centers. Next, we move up the stack. We want an(more)
Kubernetes (also known as K8s) is a production-grade container orchestration system. It is an open source cluster management system initially developed by three Google employees during the summer of 2014 and grew exponentially and became the first project to get donated to the Cloud Native Computing Foundation(CNCF). It is basically an open source toolkit for building a fault-tolerant, scalable platform designed to automate and centrally manage containerized applications. With Kubernetes you can manage your containerized application more efficiently. Kubernetes is a HUGE project with a lot of code and functionalities. The primary responsibility of Kubernetes is container orchestration. That means making sure that all the containers that execute various workloads are sc(more)
The basic idea of Kubernetes is to further abstract machines, storage, and networks away from their physical implementation. So it is a single interface to deploy containers to all kinds of clouds, virtual machines, and physical machines. Container Orchestration & Kubernetes Containers are virtual machines. They are lightweight, scalable, and isolated. The containers are linked together for setting security policies, limiting resource utilization, etc. If your application infrastructure is similar to the image shared below, then container orchestration is necessary. It might be Nginx/Apache + PHP/Python/Ruby/Node.js app running on a few containers, communicating with the replicated database. Container orchestration wi(more)
As seen in the following diagram, Kubernetes follows client-server architecture. Wherein, we have master installed on one machine and the node on separate Linux machines. The key components of master and node are defined in the following section. Kubernetes – Master Machine Components Following are the components of Kubernetes Master Machine. etcd It stores the configuration information which can be used by each of the nodes in the cluster. It is a high availability key value store that can be distributed among multiple nodes. It is accessible only by Kubernetes API server as it may have some sensitive information. It is a distributed key value Store which is accessible to all. API Server Kubernetes is an API server which provides all the operation on cluster usi(more)
Kubernetes service discovery find services through two approaches: 1. Using the environment variables that use the same conventions as those created by Docker links. 2. Using DNS to resolve the service names to the service’s IP address. Environment Variables Kubernetes injects environment variables for each service and each port exposed by the service. This makes it easy to deploy containers that use Docker links to find their dependencies. For example, if we are exposing a RabbitMQ service, we can locate it using the RABBITMQ_SERVICE_SERVICE_HOST and RABBIT_MP_SERVICE_SERVICE_PORTvariables. Other environment variables are also exposed to support this. The easiest way to find out what environment variables are exposed are(more)
Docker is open source tool has been designed to create applications as small container on any machine. By using docker development , deployment is too easy is for developers . We can say this are very light-weight in size which includes minimal OS and your application . In a way, Docker is a bit like a virtual machine. But unlike a virtual machine, rather than creating a whole virtual operating system, Docker allows applications to use the same Linux kernel as the system that they’re running on and only requires applications be shipped with things not already running on the host computer. This gives a significant performance boost and reduces the size of the application. Kubernets : Kubernetes is a powerful system, developed by Google, for managing containerized applications in a clustered e(more)
Container cluster management system is called Kubernetes. After getting used to Docker, you realize that there should be ‘Docker run’ commands or something like that to run many containers across heterogeneous hosts. Here is when Kubernetes comes in. It provides a complete system for running different containers across multiple hosts. Kubernetes is based on Google container management system Borg and language used is Go.Basically, Google uses three languages; 1. C/C++ 2. Java 3. Python C and C++ might be little tough for new users. Java is less attractive as compared to Go for Kubernetes because of its heavy runtime download. Python is great but dynamic typing of Python is challenging for system software. Go is the best choice as it has great sets of system libraries. It has fast testing and building too(more)
Hi there, I believe container orchestration is one of the best features of Kubernetes. I will tell you why? I am sharing a section of my recently posted article on Level Up. For complete article, please visit : The Kubernetes Bible for Beginners & Developers – Level Up So here is my answer : How Kubernetes Solves the Problem? After discussing the deployment part of Kubernetes, it is necessary to understand the importance of Kubernetes. Container Orchestration & Kubernetes Containers are virtual machines. They are lightweight, scalable, and isolated. The containers are linked together for setting security policies, limiting resource utilization, etc. If your application infrastructure is similar to the image shared below, then container orchestration is necessary. It might be Nginx/Apache + PHP/(more)
Hi, I found this cheat sheet on Kubernetes. Kubernetes kubectl CLI Cheat Sheet This cheat sheet encloses first-aid commands to configure the CLI, manage a cluster, and gather information from it. On downloading the cheat sheet, you will find out how to:Create, group, update, and delete cluster resources Debug Kubernetes pods—a group of one or more containers with shared storage/network and a specification for running the containers Manage config maps, a primitive to store a pod’s configuration, and secrets, a primitive to store such sensitive data as passwords, keys, certificates, etc. You will learn how to use Helm—a package manager to define, install, and upgrade complex Kubernetes apps. Moreover, here you can find the Kubernetes training courses – Custom Hands-On IT Training Courses… Plus -(more)
Both Kubernetes and Docker are DevOps tools. Docker was started in 2013 and is developed by Docker, Inc. Kubernetes was introduced as a project at Google in 2014, and it was a successor of Google Borg. Kubernetes can run without docker, and docker can run without kubernetes. But kubernetes has great benefits in running along with docker. What is Kubernetes Kubernetes is a container management system developed by Google. It is an open-source, portable system for automatic container deployment and management. It eliminates many of the manual processes involved in deploying and scaling containerized applications. In practice, Kubernetes is most commonly used alongside Docker for better control and implementation of containerized applications. Features of Kubernetes * Automates various manual proces(more)
Yes and no. Especially for Kubernetes (which is not THAT hard, but has a steep learning curve in the beginning), I doubt that there is any certification that can tell you stuff you cannot learn for free. You can set up a Kubernetes cluster on DO for $20/month or even on you laptop to actually try out things. Create a few Helm charts for your pet applications and you have a good working knowledge of Kubernetes. BUT: How can an employer judge your level of knowledge? And this is where certifications get interesting. So basically, you are trading money for an increased chance of employment, all other things equal. Furthermore, at a certain size of projects, customers require their suppliers to have a certain number of people certified in the relevant technologies — so that they can rest assure(more)
This is a good question. I would like to say that Borg and Kubernetes both have the same kind of tasks. But Google is promoting Kubernetes for now. As such, it offering good features as well. The most important thing of all, Kubernetes has an active online community. The members of this community meet-up online as well as in person, in major cities of the world. An international conference “KubeCon” has proved to be a huge success. There is also an official Slack group for Kubernetes. Major cloud providers like Google Cloud Platform, AWS, Azure, DigitalOcean, etc also offer their support channels. For more details on Kubernetes, please visit my articles : https://www.level-up.one/kubernetes-bible-beginners/ How Does The Kubernetes Networking Work? : Part 1 – Level Up How Does The Kubernetes Ne(more)
Kubernetes is infrastructure abstraction for container manipulation. In Kubernetes there are many terms that conceptualize the execution environment. A pod is the smallest unit deployable in kubernetes. You can see it as an application that runs one container or multiple that work together. Pods have volumes, memory and networking requirements. Pods have a unique Id and can die at any minute so kubernetes provides a higher hierarchy abstraction called Service. A Service is a logical set of pods that are permanent in the cluster and offer functionality. Pods are accesible through the service names in the network of the cluster. When a pod dies, kubernetes automatically runs a new pod of the service (depending on replica configuration) to keep the service offering functionality. There are man(more)
Kubernetes’ increased adoption is showcased by a number of influential companies which have integrated the technology into their services. Let us take a look at how some of the most successful companies of our time are successfully using Kubernetes. Tinder’s move to Kubernetes Due to high traffic volume, Tinder’s engineering team faced challenges of scale and stability. What did they do? Kubernetes – Yes, the answer is Kubernetes. Tinder’s engineering team solved interesting challenges to migrate 200 services and run a Kubernetes cluster at scale totaling 1,000 nodes, 15,000 pods, and 48,000 running containers. Reddit’s Kubernetes story Reddit is one of the top busiest sites in the world. Kubernetes forms the core of Reddit’s internal Infrastructure. From many years, the Reddit infrastructure tea(more)
Here is a way you could convince him. Docker is dead. It’s not technically dead, but in reality, it’s a walking zombie. I’ll explain why. AWS is one of the best platforms for infrastructure and there is GCE and Azure, but AWS is the standard, the most capable platform from all the cloud architectures. AWS is integrating Kubernetes into it’s system and you might ask what are the benefits and why would it do that. Kubernetes is basically a competitor to AWS. It allows you to write infrastructure using YAML files and deploy them on a cluster. The only drawback right now is that you cannot provision servers using Kubernetes because it sits at a higher level in the abstraction stack. The servers are below it. However, with EKS (elastic kubernetes service). AWS has integrated all sorts of primativ(more)
If the developer put together a working solution then keep using it, thank them for the effort, and provide some private coaching on how to get buy-in so things go more smoothly in the future. Startups spawn serious problems that don’t end up on the roadmap as they should, and you’re better off with people taking initiative then fixing them. Otherwise the stake holders need to decide on a containerization solution, preferably coming to that conclusion by themselves or at least believing they did. That’s probably Kubernetes (from Google which knows how to build and run things) and docker where you already have one enthusiastic engineer willing to own the project, although they should be able to provide reasonable arguments on why that’s the best option for containerization and deployment. Peo(more)
Kubernetes is meant to simplify things and this article is meant to simplify Kubernetes for you! Kubernetes is a powerful open-source system that was developed by Google. It was developed for managing containerized applications in a clustered environment. Kubernetes has gained popularity and is becoming the new standard for deploying software in the cloud. Learning Kubernetes is not difficult (if the tutor is good) and it offers great power. The learning curve is a little steep. So let us learn Kubernetes in a simplified way. The article covers Kubernetes’ basic concepts, architecture, how it solves the problems, etc. What Is Kubernetes? Kubernetes offers or in fact, it itself is a system that is used for running and coordinating applications across numerous machines. The system manages the(more)
Kubernetes and Docker are two different tools used for DevOps. Let me explain each in brief. Kubernetes is an open-source platform used for maintaining and deploying a group of containers. In practice, Kubernetes is most commonly used alongside Docker for better control and implementation of containerized applications. Docker is a tool that is used to automate the deployment of applications in lightweight containers so that applications can work efficiently in different environments. Features of docker – Multiple containers run on the same hardware High productivity Maintains isolated applications Quick and easy configuration Differences between Kubernetes and Docker 1. In Kubernetes, applications are deployed as a combination of pods, deployments, and services. In Docker, applications are deployed i(more)
Kubernetes is built in three layers with each higher layer hiding the complexity found in a lower layer -Application Layer(Pool and Services), Kubernetes Layer and Infrastructure Layer. Pods are a part of Kubernetes layer. A pod is one or more containers controlled as a single application It encapsulates application containers, storage resources, a unique network ID and other configuration on how to run the containers A Pod represents a group of one or more application containers bundled up together and are highly scalable If a pod fails, Kubernetes automatically deploys new replicas of the pod to the cluster Pods provide two different types of shared resources -networking and storage You can also get a good understanding of content quality by watching Simplilearn’s youtube videos. Here are some(more)
Kubernetes, also sometimes called K8S (K – eight characters – S), is an open source orchestration framework for containerized applications that was born from the Google data centers.(more)
Docker, absolutely learn that first. Docker Docker is a tool designed to make it easier to create, deploy, and run applications by using containers. Containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and deploy it as one package. And here comes the race between choosing an orchestration tool : Overview of Kubernetes Kubernetes is based on years of Google’s experience of running workloads at a huge scale in production. As per Kubernetes website, “Kubernetes is an open-source system for automating deployment, scaling, and management of containerized applications.” Overview of Docker Swarm Docker swarm is Docker’s own container’s orchestration. It uses the standard Docker API and networking, making it easy to drop into(more)
A node is the smallest unit of hardware in Kubernetes, also known as a minion. It is a representation of a single machine in the cluster. It is a physical machine in a data center or virtual machine hosted on a cloud provider like Google Cloud Platform. Each node has the services required to run a pod and is managed by the master components in Kubernetes architecture. The services given by a Kubernetes Node include the container runtime(Docker), Kubelet, and Kube-proxy. To know more about Node in Kubernetes, watch this video on Kubernetes Architecture: Hope this helps!(more)
They’re both good technologies with huge opportunities and potential ahead) Docker is overhyped for its relative youth, and is really a moderate set of wrapper capabilities around the Linux kernel. Operational understanding is scarse and conflicting. Requires a lot of deep street knowledge to use effectively in production. Lots of subtle performance and reliability challenges with eg. Networking, storage. Often subtle breaking changes beteeen releases. Installing and operating Kubernetes is not for the faint of heart. Assumes you can “bring your own cluster”. Pace of change and improvement on core k8s is astounding (good and bad). Using Kubernetes is relatively white box, ie. you really need to know what’s going on under the covers to a degree especially if you’re not using GKE.(more)
Used on GCP and Physical ServersA Kubernetes cluster is a group of ‘machines’ that are either on the same network segment or set up to communicate with each other over the network with low latency, and run Kubernetes software. Kubernetes software runs as a ‘service’ or ‘daemon’ on each machine in the cluster and this causes the host machine to either act as a ‘master’ or a ‘slave’ node within the cluster. During the Kubernetes cluster set up process, the master is created first and toward the end of the install process a connection command is displayed or logged to the system. This should then be run on each additional node once the base Kubernetes software has been installed. Some ‘magic’ then takes place and the new node links up with the master node to form a logical cluster. Commands can then be run on the master node t(more)
I think containers are the model of potential delivery now. We make packaging an application with their required infrastructure much easier. Tools like Docker provide containers, but also software are needed to handle items such as replication, failures and APIs for automating deployment on multiple machines. At the beginning of 2015, the status of clustering platforms such as Kubernetes and Docker Swarm was highly unstable. We tried to use them and began with Docker Swarm. Amid the news in recent weeks, several businesses have purchased container or micro-service firms to boost their portfolio for what lies ahead. What is this a really important topic now ? Amid the news in recent weeks, several businesses have purchased container or micro-service firms to boost their portfolio for what lie(more)
Lets forget all about technical stuff, lets discuss this in a way that a non-technical guy understands. * You are owner of a building and you have 5 spots where people can enter your building and you want 5 security guards guarding the spots. All good till now. * * Now consider one of the guard was out of service for 2 hours due to some personal reasons. Now as a building owner its your responsibility to guard or employ another guard replacing the existing. Do you like to be manually interrupted from your task to look after who is out and whom to replace. * * No, no one likes to be. Now the solution could be, go to a third party vendor who provides 24*7 availability of the guards. Its the responsibility of the vendor to make 24*7 availability based on the configuration set(in this case guards guarding(more)
While researching for a project, I looked into all of the available books on Kubernetes. Here’s a quick roundup. (Feel free to suggest more!) * Golden Guide to Kubernetes Application Development This book’s for web app developers who just want a short, sharp guide to grok Kubernetes. It’s also really great for people trying to get their CKAD certification. (Disclaimer: I wrote this. Yeah, this is one of those Quora answers… but I hope it’s still useful.) * The Kubernetes Book Probably the most popular and established book on Kubernetes. It’s great for new developers trying to learn Kubernetes. The author is known for his video courses as well. * Kubernetes: Up and Running Definitely written by the most authoritative authors of any book here. Kelsey Hightower is a Google dev advocate for Kubernetes(more)
It is indeed possible to use Kubernetes with out Docker. The Kubernetes community has long recognized the problem with being tied to Docker’s quasi-proprietary (and somewhat arbitrarily developed) container runtime. Early on there was support for an alternative runtime called rkt (pronounced like rocket). However, going down the path of creating separate solutions for any and every new container runtime that might get developed would be a lot of work and a bit like reinventing the wheel for each runtime. To break free of the Docker runtime constraint, the CRI (Container Runtime Interface) that allows you to use other container runtimes (e.g. ContainerD, CRI-O, etc.). The CRI plugin is a shim sits between the Kubernetes kubelet and container runtime and acts as a universal translator. Read more…
I’m not sure how to explain Kubernetes to a 10-year-old. Yet when I’m allowed to expand to older people who are not technology savvy I can come up with an example which might resonate. It will inside my company: I will use the analogy of our call center. My company services some 2 million people, we manage their pensions and the necessary administration. Every year we send out the latest status of the pensions to the participants, and sure enough people will follow up. Many follow up online – the pension fund websites – yet there is a significant number who call or send an e-mail. We measure the amount of outstanding messages, as well as the amount of unanswered calls (I recall the service level is at 80% answered within 10 seconds). These are displayed on monitors so those who work in the(more)
Assuming a basic understanding of Docker and containers, I’ll describe the Kubernetes specifics. This is from a general user point of view. Kubelet: A process which runs on each node in the cluster. Kubelet talks to the master server and gets a list of containers to run and then runs, manages, and reports container status back to the master server. Pod: The primary unit of Kubernetes scheduling and management. A Pod is list of containers that are always run together on one node. The containers in a pod share an IP address and a network stack, but are otherwise isolated from each other. Container: A Docker container, it has an isolated process space, can expose ports, can define environment variables and a run command. Read more ….
Kubernetes has a strong feature set for microservice architectures. Things like service discovery, automatic failover, rescheduling, and support for overlay networks make it the best choice in dynamic environments with many small, frequently changing applications tied together. If your application needs to start hundreds of containers quickly and will terminate them just as quickly, then Kubernetes is a good option. The converse of this is that it is not as well designed for more static, highly efficient workloads. Containerization is great for flexibility, but doesn’t come for free. There is a performance penalty for using it, somewhere between a few to high single digit percentage penalty, depending on the type of operations. Read more ….
DATA AND ANALYTICS BigQuery: Data warehouse/analytics BigQuery BI Engine: In-memory analytics engine BigQuery ML: BigQuery model training/serving Cloud Composer: Managed workflow orchestration service Cloud Data Fusion: Graphically manage data pipelines Cloud Dataflow: Stream/batch data processing Cloud Dataprep: Visual data wrangling Cloud Dataproc: Managed Spark and Hadoop
NETWORKING Carrier Peering: Peer through a carrier Direct Peering: Peer with GCP Dedicated Interconnect: Dedicated private network connection Partner Interconnect: Connect on-prem network to VPC Cloud Armor: DDoS protection and WAF Cloud CDN: Content delivery network Cloud DNS: Programmable DNS serving Cloud Load Balancing: Multi-region load distribution/balancing Cloud NAT: Network address translation service Cloud Router: VPC/on-prem network route exchange (BGP) Cloud VPN (HA): VPN (Virtual private network connection) Network Service Tiers: Price vs performance tiering Network Telemetry: Network telemetry service Traffic Director: Service mesh traffic management Google Cloud Service Mesh: Service-aware network management Virtual Private Cloud: Software defined networking VPC Service Controls: Security perimeters for API-based services Network Intelligence Center: Network monitoring and topology
GOOGLE MAPS PLATFORM Directions API: Get directions between locations Distance Matrix API: Multi-origin/destination travel times Geocoding API: Convert address to/from coordinates Geolocation API: Derive location without GPS Maps Embed API: Display iframe embedded maps Maps JavaScript API: Dynamic web maps Maps SDK for Android: Maps for Android apps Maps SDK for iOS: Maps for iOS apps Maps Static API: Display static map images Maps SDK for Unity: Unity SDK for games Maps URLs: URL scheme for maps Places API: Rest-based Places features Places Library, Maps JS API: Places features for web Places SDK for Android: Places features for Android Places SDK for iOS: Places feature for iOS Roads API: Convert coordinates to roads Street View Static API: Static street view images Street View Service: Street view for JavaScript Time Zone API: Convert coordinates to timezone
G SUITE (WORKSPACE) PLATFORM Admin SDK: Manage G Suite resources AMP for Email: Dynamic interactive email Apps Script: Extend and automate everything Calendar API: Create and manage calendars Classroom API: Provision and manage classrooms Cloud Search: Unified search for enterprise Docs API: Create and edit documents Drive Activity API: Retrieve Google Drive activity Drive API: Read and write files Drive Picker: Drive file selection widget Email Markup: Interactive email using schema.org G Suite Add-ons: Extend G Suite apps G Suite Marketplace: Storefront for integrated applications Gmail API: Enhance Gmail Hangouts Chat Bots: Conversational bots in chat People API: Manage user’s Contacts Sheets API: Read and write spreadsheets Slides API: Create and edit presentations Task API: Search, read & update Tasks Vault API: Manage your organization’s eDiscovery
MIGRATION TO GCP BigQuery Data Transfer: Service Bulk import analytics data Cloud Data Transfer: Data migration tools/CLI Google Transfer Appliance: Rentable data transport box Migrate for Anthos: Migrate VMs to GKE containers Migrate for Compute Engine: Compute Engine migration tools Migrate from Amazon Redshift: Migrate from Redshift to BigQuery Migrate from Teradata: Migrate from Teradata to BigQuery Storage Transfer Service: Online/on-premises data transfer VM Migration: VM migration tools Cloud Foundation Toolkit: Infrastructure as Code templates
Answer these questions to validate your basic knowledge of GCP:
As a prerequisite, here are the top 20 questions will help you familiarize yourself with the Google Cloud Platform.
1) What is GCP? 2) What are the benefits of using GCP? 3) How can GCP help my business? 4) What are some of the features of GCP? 5) How is GCP different from other clouds? 6) Why should I use GCP? 7) What are some of GCP’s strengths? 8) How is GCP priced? 9) Is GCP easy to use? 10) Can I use GCP for my personal projects? 11) What services does GCP offer? 12) What can I do with GCP? 13) What languages does GCP support? 14) What platforms does GCP support? 15) Does GPC support hybrid deployments?
16) Does GPC support on-premises deployments?
17) Is there a free tier on GPC ? 18) How do I get started with using GCP
Download the AI & Machine Learning For Dummies PRO App: iOS - Android Our AI and Machine Learning For Dummies PRO App can help you Ace the following AI and Machine Learning certifications:
What are the corresponding Azure and Google Cloud services for each of the AWS services?
What are unique distinctions and similarities between AWS, Azure and Google Cloud services? For each AWS service, what is the equivalent Azure and Google Cloud service? For each Azure service, what is the corresponding Google Service? AWS Services vs Azure vs Google Services? Side by side comparison between AWS, Google Cloud and Azure Service?
Category: Marketplace Easy-to-deploy and automatically configured third-party applications, including single virtual machine or multiple virtual machine solutions. References: [AWS]:AWS Marketplace [Azure]:Azure Marketplace [Google]:Google Cloud Marketplace Tags: #AWSMarketplace, #AzureMarketPlace, #GoogleMarketplace Differences: They are both digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on their respective cloud platform.
Tags: #AlexaSkillsKit, #MicrosoftBotFramework, #GoogleAssistant Differences: One major advantage Google gets over Alexa is that Google Assistant is available to almost all Android devices.
Tags: #AmazonLex, #CogintiveServices, #AzureSpeech, #Api.ai, #DialogFlow, #Tensorflow Differences: api.ai provides us with such a platform which is easy to learn and comprehensive to develop conversation actions. It is a good example of the simplistic approach to solving complex man to machine communication problem using natural language processing in proximity to machine learning. Api.ai supports context based conversations now, which reduces the overhead of handling user context in session parameters. On the other hand in Lex this has to be handled in session. Also, api.ai can be used for both voice and text based conversations (assistant actions can be easily created using api.ai).
Category: Big data and analytics: Data warehouse Description: Apache Spark-based analytics platform. Managed Hadoop service. Data orchestration, ETL, Analytics and visualization References: [AWS]:EMR, Data Pipeline, Kinesis Stream, Kinesis Firehose, Glue, QuickSight, Athena, CloudSearch [Azure]:Azure Databricks, Data Catalog Cortana Intelligence, HDInsight, Power BI, Azure Datafactory, Azure Search, Azure Data Lake Anlytics, Stream Analytics, Azure Machine Learning [Google]:Cloud DataProc, Machine Learning, Cloud Datalab Tags:#EMR, #DataPipeline, #Kinesis, #Cortana, AzureDatafactory, #AzureDataAnlytics, #CloudDataProc, #MachineLearning, #CloudDatalab Differences: All three providers offer similar building blocks; data processing, data orchestration, streaming analytics, machine learning and visualisations. AWS certainly has all the bases covered with a solid set of products that will meet most needs. Azure offers a comprehensive and impressive suite of managed analytical products. They support open source big data solutions alongside new serverless analytical products such as Data Lake. Google provide their own twist to cloud analytics with their range of services. With Dataproc and Dataflow, Google have a strong core to their proposition. Tensorflow has been getting a lot of attention recently and there will be many who will be keen to see Machine Learning come out of preview.
Category: Serverless Description: Integrate systems and run backend processes in response to events or schedules without provisioning or managing servers. References: [AWS]:AWS Lambda [Azure]:Azure Functions [Google]:Google Cloud Functions Tags:#AWSLAmbda, #AzureFunctions, #GoogleCloudFunctions Differences: Both AWS Lambda and Microsoft Azure Functions and Google Cloud Functions offer dynamic, configurable triggers that you can use to invoke your functions on their platforms. AWS Lambda, Azure and Google Cloud Functions support Node.js, Python, and C#. The beauty of serverless development is that, with minor changes, the code you write for one service should be portable to another with little effort – simply modify some interfaces, handle any input/output transforms, and an AWS Lambda Node.JS function is indistinguishable from a Microsoft Azure Node.js Function. AWS Lambda provides further support for Python and Java, while Azure Functions provides support for F# and PHP. AWS Lambda is built from the AMI, which runs on Linux, while Microsoft Azure Functions run in a Windows environment. AWS Lambda uses the AWS Machine architecture to reduce the scope of containerization, letting you spin up and tear down individual pieces of functionality in your application at will.
Category:Caching Description:An in-memory–based, distributed caching service that provides a high-performance store typically used to offload non transactional work from a database. References: [AWS]:AWS ElastiCache (works as an in-memory data store and cache to support the most demanding applications requiring sub-millisecond response times.) [Azure]:Azure Cache for Redis (based on the popular software Redis. It is typically used as a cache to improve the performance and scalability of systems that rely heavily on backend data-stores.) [Google]:Memcache (In-memory key-value store, originally intended for caching) Tags:#Redis, #Memcached <Differences: They all support horizontal scaling via sharding.They all improve the performance of web applications by allowing you to retrive information from fast, in-memory caches, instead of relying on slower disk-based databases.”, “Differences”: “ElastiCache supports Memcached and Redis. Memcached Cloud provides various data persistence options as well as remote backups for disaster recovery purposes. Redis offers persistence to disk, Memcache does not. This can be very helpful if you cache lots of data, since you remove the slowness around having a fully cold cache. Redis also offers several extra data structures that Memcache doesn’t— Lists, Sets, Sorted Sets, etc. Memcache only has Key/Value pairs. Memcache is multi-threaded. Redis is single-threaded and event driven. Redis is very fast, but it’ll never be multi-threaded. At hight scale, you can squeeze more connections and transactions out of Memcache. Memcache tends to be more memory efficient. This can make a big difference around the magnitude of 10s of millions or 100s of millions of keys. ElastiCache supports Memcached and Redis. Memcached Cloud provides various data persistence options as well as remote backups for disaster recovery purposes. Redis offers persistence to disk, Memcache does not. This can be very helpful if you cache lots of data, since you remove the slowness around having a fully cold cache. Redis also offers several extra data structures that Memcache doesn’t— Lists, Sets, Sorted Sets, etc. Memcache only has Key/Value pairs. Memcache is multi-threaded. Redis is single-threaded and event driven. Redis is very fast, but it’ll never be multi-threaded. At hight scale, you can squeeze more connections and transactions out of Memcache. Memcache tends to be more memory efficient. This can make a big difference around the magnitude of 10s of millions or 100s of millions of keys.
Category: Enterprise application services Description:Fully integrated Cloud service providing communications, email, document management in the cloud and available on a wide variety of devices. References: [AWS]:Amazon WorkMail, Amazon WorkDocs, Amazon Kendra (Sync and Index) [Azure]:Office 365 [Google]:G Suite Tags: #AmazonWorkDocs, #Office365, #GoogleGSuite Differences: G suite document processing applications like Google Docs are far behind Office 365 popular Word and Excel software, but G Suite User interface is intuite, simple and easy to navigate. Office 365 is too clunky. Get 20% off G-Suite Business Plan with Promo Code: PCQ49CJYK7EATNC
Category: Management Description: A unified management console that simplifies building, deploying, and operating your cloud resources. References: [AWS]:AWS Management Console, Trusted Advisor, AWS Usage and Billing Report, AWS Application Discovery Service, Amazon EC2 Systems Manager, AWS Personal Health Dashboard, AWS Compute Optimizer (Identify optimal AWS Compute resources) [Azure]:Azure portal, Azure Advisor, Azure Billing API, Azure Migrate, Azure Monitor, Azure Resource Health [Google]:Google CLoud Platform, Cost Management, Security Command Center, StackDriver Tags: #AWSConsole, #AzurePortal, #GoogleCloudConsole, #TrustedAdvisor, #AzureMonitor, #SecurityCommandCenter Differences: AWS Console categorizes its Infrastructure as a Service offerings into Compute, Storage and Content Delivery Network (CDN), Database, and Networking to help businesses and individuals grow. Azure excels in the Hybrid Cloud space allowing companies to integrate onsite servers with cloud offerings. Google has a strong offering in containers, since Google developed the Kubernetes standard that AWS and Azure now offer. GCP specializes in high compute offerings like Big Data, analytics and machine learning. It also offers considerable scale and load balancing – Google knows data centers and fast response time.
Build and connect intelligent bots that interact with your users using text/SMS, Skype, Teams, Slack, Office 365 mail, Twitter, and other popular services.
Enables both Speech to Text, and Text into Speech capabilities. The Speech Services are the unification of speech-to-text, text-to-speech, and speech-translation into a single Azure subscription. It’s easy to speech enable your applications, tools, and devices with the Speech SDK, Speech Devices SDK, or REST APIs. Amazon Polly is a Text-to-Speech (TTS) service that uses advanced deep learning technologies to synthesize speech that sounds like a human voice. With dozens of lifelike voices across a variety of languages, you can select the ideal voice and build speech-enabled applications that work in many different countries. Amazon Transcribe is an automatic speech recognition (ASR) service that makes it easy for developers to add speech-to-text capability to their applications. Using the Amazon Transcribe API, you can analyze audio files stored in Amazon S3 and have the service return a text file of the transcribed speech.
Computer Vision: Extract information from images to categorize and process visual data. Amazon Rekognition is a simple and easy to use API that can quickly analyze any image or video file stored in Amazon S3. Amazon Rekognition is always learning from new data, and we are continually adding new labels and facial recognition features to the service.
Face: Detect, identy, and analyze faces in photos.
The Virtual Assistant Template brings together a number of best practices we’ve identified through the building of conversational experiences and automates integration of components that we’ve found to be highly beneficial to Bot Framework developers.
Processes and moves data between different compute and storage services, as well as on-premises data sources at specified intervals. Create, schedule, orchestrate, and manage data pipelines.
Virtual servers allow users to deploy, manage, and maintain OS and server software. Instance types provide combinations of CPU/RAM. Users pay for what they use with the flexibility to change sizes.
Allows you to automatically change the number of VM instances. You set defined metric and thresholds that determine if the platform adds or removes instances.
Redeploy and extend your VMware-based enterprise workloads to Azure with Azure VMware Solution by CloudSimple. Keep using the VMware tools you already know to manage workloads on Azure without disrupting network, security, or data protection policies.
Azure Container Instances is the fastest and simplest way to run a container in Azure, without having to provision any virtual machines or adopt a higher-level orchestration service.
Deploy orchestrated containerized applications with Kubernetes. Simplify monitoring and cluster management through auto upgrades and a built-in operations console.
Fully managed service that enables developers to deploy microservices applications without managing virtual machines, storage, or networking. AWS App Mesh is a service mesh that provides application-level networking to make it easy for your services to communicate with each other across multiple types of compute infrastructure. App Mesh standardizes how your services communicate, giving you end-to-end visibility and ensuring high-availability for your applications.
Integrate systems and run backend processes in response to events or schedules without provisioning or managing servers. AWS Lambda is an event-driven, serverless computing platform provided by Amazon as a part of the Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code
Managed relational database service where resiliency, scale, and maintenance are primarily handled by the platform. Amazon Relational Database Service is a distributed relational database service by Amazon Web Services. It is a web service running “in the cloud” designed to simplify the setup, operation, and scaling of a relational database for use in applications. Administration processes like patching the database software, backing up databases and enabling point-in-time recovery are managed automatically. Scaling storage and compute resources can be performed by a single API call as AWS does not offer an ssh connection to RDS instances.
An in-memory–based, distributed caching service that provides a high-performance store typically used to offload non transactional work from a database. Amazon ElastiCache is a fully managed in-memory data store and cache service by Amazon Web Services. The service improves the performance of web applications by retrieving information from managed in-memory caches, instead of relying entirely on slower disk-based databases. ElastiCache supports two open-source in-memory caching engines: Memcached and Redis.
Migration of database schema and data from one database format to a specific database technology in the cloud. AWS Database Migration Service helps you migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. The AWS Database Migration Service can migrate your data to and from most widely used commercial and open-source databases.
Comprehensive solution for collecting, analyzing, and acting on telemetry from your cloud and on-premises environments. Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. CloudWatch collects monitoring and operational data in the form of logs, metrics, and events, providing you with a unified view of AWS resources, applications, and services that run on AWS and on-premises servers. AWS X-Ray is an application performance management service that enables a developer to analyze and debug applications in the Amazon Web Services (AWS) public cloud. A developer can use AWS X-Ray to visualize how a distributed application is performing during development or production, and across multiple AWS regions and accounts.
A cloud service for collaborating on code development. AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Fargate, AWS Lambda, and your on-premises servers. AWS CodeDeploy makes it easier for you to rapidly release new features, helps you avoid downtime during application deployment, and handles the complexity of updating your applications. AWS CodePipeline is a fully managed continuous delivery service that helps you automate your release pipelines for fast and reliable application and infrastructure updates. CodePipeline automates the build, test, and deploy phases of your release process every time there is a code change, based on the release model you define. AWS CodeCommit is a source code storage and version-control service for Amazon Web Services’ public cloud customers. CodeCommit was designed to help IT teams collaborate on software development, including continuous integration and application delivery.
Collection of tools for building, debugging, deploying, diagnosing, and managing multiplatform scalable apps and services. The AWS Developer Tools are designed to help you build software like Amazon. They facilitate practices such as continuous delivery and infrastructure as code for serverless, containers, and Amazon EC2.
Built on top of the native REST API across all cloud services, various programming language-specific wrappers provide easier ways to create solutions. The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.
Configures and operates applications of all shapes and sizes, and provides templates to create and manage a collection of resources. AWS OpsWorks is a configuration management service that provides managed instances of Chef and Puppet. Chef and Puppet are automation platforms that allow you to use code to automate the configurations of your servers.
Provides a way for users to automate the manual, long-running, error-prone, and frequently repeated IT tasks. AWS CloudFormation provides a common language for you to describe and provision all the infrastructure resources in your cloud environment. CloudFormation allows you to use a simple text file to model and provision, in an automated and secure manner, all the resources needed for your applications across all regions and accounts.
Provides an isolated, private environment in the cloud. Users have control over their virtual networking environment, including selection of their own IP address range, creation of subnets, and configuration of route tables and network gateways.
Connects Azure virtual networks to other Azure virtual networks, or customer on-premises networks (Site To Site). Allows end users to connect to Azure services through VPN tunneling (Point To Site).
A service that hosts domain names, plus routes users to Internet applications, connects user requests to datacenters, manages traffic to apps, and improves app availability with automatic failover.
Application Gateway is a layer 7 load balancer. It supports SSL termination, cookie-based session affinity, and round robin for load-balancing traffic.
Azure Digital Twins is an IoT service that helps you create comprehensive models of physical environments. Create spatial intelligence graphs to model the relationships and interactions between people, places, and devices. Query data from a physical space rather than disparate sensors.
Provides analysis of cloud resource configuration and security so subscribers can ensure they’re making use of best practices and optimum configurations.
Allows users to securely control access to services and resources while offering data security and protection. Create and manage users and groups, and use permissions to allow and deny access to resources.
Role-based access control (RBAC) helps you manage who has access to Azure resources, what they can do with those resources, and what areas they have access to.
Provides managed domain services such as domain join, group policy, LDAP, and Kerberos/NTLM authentication that are fully compatible with Windows Server Active Directory.
Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements.
Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called “management groups” and apply your governance conditions to the management groups. All subscriptions within a management group automatically inherit the conditions applied to the management group. Management groups give you enterprise-grade management at a large scale, no matter what type of subscriptions you have.
Helps you protect and safeguard your data and meet your organizational security and compliance commitments.
Key Management Service AWS KMS, CloudHSM | Key Vault
Provides security solution and works with other services by providing a way to manage, create, and control encryption keys stored in hardware security modules (HSM).
Provides inbound protection for non-HTTP/S protocols, outbound network-level protection for all ports and protocols, and application-level protection for outbound HTTP/S.
An automated security assessment service that improves the security and compliance of applications. Automatically assess applications for vulnerabilities or deviations from best practices.
Object storage service, for use cases including cloud applications, content distribution, backup, archiving, disaster recovery, and big data analytics.
Provides a simple interface to create and configure file systems quickly, and share common files. Can be used with traditional protocols that access files over a network.
Easily join your distributed microservice architectures into a single global application using HTTP load balancing and path-based routing rules. Automate turning up new regions and scale-out with API-driven global actions, and independent fault-tolerance to your back end microservices in Azure—or anywhere.
Cloud technology to build distributed applications using out-of-the-box connectors to reduce integration challenges. Connect apps, data and devices on-premises or in the cloud.
Serverless technology for connecting apps, data and devices anywhere, whether on-premises or in the cloud for large ecosystems of SaaS and cloud-based connectors.
Azure Stack is a hybrid cloud platform that enables you to run Azure services in your company’s or service provider’s datacenter. As a developer, you can build apps on Azure Stack. You can then deploy them to either Azure Stack or Azure, or you can build truly hybrid apps that take advantage of connectivity between an Azure Stack cloud and Azure.
Basically, it all comes down to what your organizational needs are and if there’s a particular area that’s especially important to your business (ex. serverless, or integration with Microsoft applications).
Some of the main things it comes down to is compute options, pricing, and purchasing options.
Here’s a brief comparison of the compute option features across cloud providers:
Here’s an example of a few instances’ costs (all are Linux OS):
Each provider offers a variety of options to lower costs from the listed On-Demand prices. These can fall under reservations, spot and preemptible instances and contracts.
Both AWS and Azure offer a way for customers to purchase compute capacity in advance in exchange for a discount: AWS Reserved Instances and Azure Reserved Virtual Machine Instances. There are a few interesting variations between the instances across the cloud providers which could affect which is more appealing to a business.
Another discounting mechanism is the idea of spot instances in AWS and low-priority VMs in Azure. These options allow users to purchase unused capacity for a steep discount.
With AWS and Azure, enterprise contracts are available. These are typically aimed at enterprise customers, and encourage large companies to commit to specific levels of usage and spend in exchange for an across-the-board discount – for example, AWS EDPs and Azure Enterprise Agreements.
You can read more about the differences between AWS and Azure to help decide which your business should use in this blog post
Today I Learned (TIL) You learn something new every day; what did you learn today? Submit interesting and specific facts about something that you just found out here.
Reddit Science This community is a place to share and discuss new scientific research. Read about the latest advances in astronomy, biology, medicine, physics, social science, and more. Find and submit new publications and popular science coverage of current research.
What do you think of the list? What would you add? LeBron James scores 40,000 career points Mondo Duplantis smashes Olympic pole vault records Spain’s historic Euro 2024 victory, featuring - - Lamine Yamal’s stunning debut Rafael Nadal bids farewell to tennis with an emotional retirement Novak Djokovic finally captures Olympic gold in Paris Caitlin Clark and Angel Reese redefine women’s basketball and its impact Record-breaking Super Bowl LVIII captivates millions The AFC Asian Cup and AFCON showcase football’s global influence Simone Biles makes a triumphant Olympic comeback with record-breaking performances Steph Curry delivers an unforgettable Olympic final performance submitted by /u/bakenzo [link] [comments]