Google Cloud Platform Exam Preparation

1. Which of the following are global resources? (choose 2 of the available options)

❏ Snapshots

❏ Persistent disks

❏ Instances

❏ External IP addresses

❏ Firewall rules

Answer :

✓ Snapshots

✓ Firewall Rules

2. You check the status of an instance and find it is TERMINATED. Which of the following are likely causes?(select 2 of the available options)

❏ The instance is being migrating due to host maintenance

❏ You did not override the default availability policy for on host maintenance

❏ The instance is preemptible

❏ The instance is performing a periodic system update

❏ A project Owner has issued a shutdown command from within the operating system

Answer :

✓ The instance is preemptible

✓ A project Owner has issued a shutdown command from within the operating system

3. True or False. In order to connect to an instance using SSH, a user must be assigned Owner permissions to a project or the IAM role compute.instanceAdmin.

False. In order to connect to an instance using SSH, a user must be assigned Owner permissions to a project or the IAM role compute.instanceAdmin. You can also manually provide a user access to an instance using an SSH key-pair for a linux account without requiring project access. Owner and Editor permissions allow SSH connections.

4. True or False. Instances in separate networks in the same project must use their external IP addresses to communicate.

You have created a firewall rule to allow HTTP traffic to particular instances in your default network running HTTP servers, but the web pages are unreachable. Suggest possible troubleshooting steps.

Answer:

True. Instances attached to separate networks in the same project must use their external IP addresses to communicate.

Possible troubleshooting steps include:

● Verify the instances are tagged correctly and that the firewall rule applies to the correct tag(s)

● Check for operating system-level components that may be blocking traffic on the virtual machine

● Verify the network routes are configured to allow traffic

● Check that the instances have been assigned an external IP address

5. Instance tags can be used to define which of the following networking components? (select 2 of the available options)

❏ Which network an instance belongs to

❏ Network address translation of external to internal IP addresses

❏ Which firewall rules apply to an instance

❏ Which routes apply to an instance

❏ Mark an instance able to send traffic to the internet

Answer :

✓ Which firewall rules apply to an instance

✓ Which routes apply to an instance

6. Can you prevent the destruction of an attached persistent disk when the instance is deleted?

❏ Yes, use the –keep-disks option with the gcloud compute instances delete command

❏ Yes, deselect the option “Delete boot disk when instance is deleted” when creating an instance

❏ No, attached persistent disks are always associated with the lifetime of the instance

Answer:

✓ Yes, use the –keep-disks option with the gcloud compute instances delete command

✓ Yes, deselect the option “Delete boot disk when instance is deleted” when creating an instance

7. Why would you create an image from an existing disk? (select 2 of the available options)

❏ To preserve the installation of specific software

❏ Because instances with attached disks have readonly storage

❏ Because persistent disks only retain information when they are attached to an instance

❏ To serve as the basis for other instances

Answer :

✓ To preserve the installation of specific software

✓ To serve as the basis for other instances

8. True or False. Once scopes are customized during instance creation, they cannot be modified even if the instance is stopped.

Answer:

True. Currently, the only way to modify instance scopes is to recreate the instance.

9. True or False. User-defined service accounts can only be used with IAM roles.

Answer :

True. Default and user-defined service accounts can be used with IAM roles and project roles.

10. You need to migrate data from a persistent disk to another region. Reorder the following tasks:

1. Attach disk
2. Create disk
3. Create snapshot
4. Create instance
5. Unmount file system(s)

Answer :

1. Unmount file system(s)
2. Create snapshot
3. Create disk
4. Create instance
5. Attach disk

11. Which of the following are use cases for snapshots? (select 2 of the available options)

❏ Use snapshots to migrate instance configuration including tags

❏ Use snapshots to migrate data to an instance in the same region

❏ Use snapshots to migrate data to a local solid state disk

❏ Use snapshots to migrate data from SSD to a standard persistent disk

Answer :

✓ Use snapshots to migrate data to an instance in the same region

✓ Use snapshots to migrate data from SSD to a standard persistent disk

12. You are tasked with setting up storage for log files generated by a web site. They may be read by only one group of people and the retention policy mandates deletion after one month. Which of the following will you use to achieve these objectives? (select 2 of the available options)

❏ Locate storage in a specific region (EU, US, or Asia)

❏ The web option of gsutil

❏ Customized ACL settings

❏ The cron option of gsutil

❏ The lifecycle option of gsutil

Answer:

✓ Customized ACL settings

✓ The lifecycle option of gsutil

13. Is it possible for two different Google Cloud Platform projects to each create a Cloud Storage bucketwith the identifier gs://local-logs?

❏ Yes, identifiers must be unique within a project

❏ No, identifiers must be globally unique

❏ Yes, as long as the buckets are in different geographical regions

Answer:

✓ No, identifiers must be globally unique

14.Complete the answers for comparing managed and unmanaged instance groups.

Unmanaged instance groups

Zone-based - Yes/No

Mix of instance types - Yes/No

Resize method - Yes/No

Use existing instances - Yes/No

Managed instance groups

Zone-based - Yes/No

Mix of instance types - Yes/No

Resize method - Describe

Use existing instances - Yes/No

Answer:

Unmanaged instance groups

Zone-based - Yes

Mix of instance types - Yes

Resize method - By manually adding instances

Use existing instances - Yes

Managed instance groups

Zone-based - Yes

Mix of instance types - No

Resize method - Instruct instance group manager to resize from template

Use existing instances - No

15. Cloud SQL Questions

CPO200 - Cloud SQL Questions

16. Which of the following are valid methods of querying instance metadata from your laptop. (select 2 of the available options)

❏ gcloud compute instances metadata

❏ gcloud compute instances describe

❏ Issue a curl command to the metadata service

❏ gcloud compute metadata list

❏ Inspect instance metadata in the Cloud Platform Console

Answers:

✓ gcloud compute instances describe

✓ Inspect instance metadata in the Cloud Platform Console

17. You login to an instance and find the startup script does not appear to have run. List possible troubleshooting steps to isolate the cause.

Possible troubleshooting steps include:

● Check the startup script log at /var/log/startupscript.log

● Verify that the URL for the script is correctly configured in metadata

● Manually try to read the startup script from Cloud Storage using

gsutil:

● gsutil cat gs://</path/to/script.sh>

● Check that the instance has the correct authorization scopes to read the script from the source Cloud Storage bucket, as well as the related ACLs

● Check if there are any syntax errors while running the script manually after you login to the instance

18. Shutdown scripts run in which of the following circumstances? (select 3 of the available options)

❏ Running sudo shutdown from the guest operating system

❏ An instance is undergoing live migration

❏ Running the instances().stop method

❏ Running the instances().delete method

❏ Running the instances().reset method

Answer :

✓ Running sudo shutdown from the guest operating system

✓ Running the instances().stop method

✓ Running the instances().delete method

19. True or False. The use of instance templates is optional with an autoscaler.

False. The use of instance templates is optional with an autoscaler. An autoscaler uses an instance group manager to add and remove instances in an instance group. An instance group manager creates instances based on an instance template.

20. What is a potential role of shutdown scripts when using an autoscaler?

A shutdown script can be used to gracefully shut down any applications or upload logs prior to terminating an instance as a result of an autoscailer.

21. Which of the following features are associated with Network Load Balancing? (select 2 of the available options)

❏ Target proxies

❏ Target pools

❏ Forwarding rules

❏ Global forwarding rules

❏ URL maps

Answer :

✓ Target pools

✓ Forwarding rules

21. Network load balancing is a good fit for which of the following scenarios? (select 1 of the available options)

❏ Content-based load balancing

❏ Cross-region load balancing

❏ Load balancing confined to a single region

❏ Load balancing confined to a single zone

❏ None of the above

Answer :

✓ Load balancing confined to a single region

22. Review the following comparison table for Network and HTTP(S) load balancing.

Network load balancing

Health checks Optional - Optional

Cross-region - No

Protocols - Multiple protocols

Packet inspection Supported

HTTP(s) load balancing

Health checks - Required

Cross-region - Yes

Protocols - HTTP(S) only

Packet inspection - Not supported

23. Investigate and identify the Cloud SDK command to list all images but excluding standard images that are supplied by Google and their partners.

gcloud compute images list –no-standardimages

24. Investigate and identify the Cloud SDK command to deprecate an image in a project.

gcloud compute images deprecate NAME –state STATE

25. True or false: Setting the state of an image to DELETED will also delete the image.

It is false, setting the deprecation state to DELETED will not automatically delete an image

26. What is the command to create an instance with no scopes?

gcloud compute instances create –noscopes

27. List some of the constraints and limitations of snapshots.

○ Snapshots are subject to quotas, for example 1000 snapshots per project by default. For example, you could not take 1 snapshot per day of 3 instances over a 1 year period.

○ Snapshots can’t be shared across projects.

○ Disks must be quiesced prior to snapshot.

28. Can you identify any backup related use cases where snapshots are not the preferred choice?

○ Snapshots cannot be used to perform disaster recovery tests in a separate project.

○ Snapshots are not a good fit for relational database backups due to the downtime they incur.

○ Snapshots are not a good fit for scenarios where disks cannot be quiesced.

How to install Zabbix server 3.0 with RDS MySQL on Amazon linux

1) Create Mysql RDS

2) yum install mysql

3) check the connection : mysql -h <name of endpoint  in RDS> -u root -p PASSWORD 

create database and give permissions: 

create database zabbix character set utf8 collate utf8_bin;

grant all privileges on zabbix.* to zabbix@'%' identified by 'zabbix';

    FLUSH PRIVILEGES; 

4) download zabbix: curl -O http://repo.zabbix.com/zabbix/3.0/rhel/6/x86_64/zabbix-release-3.0-1.el6.noarch.rpm (NOT EL7 or centos 7! only 6!)

5) rpm -ivh zabbix-release-3.0-1.el6.noarch.rpm

6) yum install zabbix-server-mysql zabbix-web-mysql zabbix-agent zabbix-java-gateway

7) chkconfig zabbix-server on

set connection to RDS: 

vi /etc/zabbix/zabbix_server.conf

DBHost=<name of endpoint  in RDS>

DBName=zabbix

DBUser=zabbix

DBPassword=PASSWORD

8) create zabbix schema from  the template:

zcat /usr/share/doc/zabbix-server-mysql-3.0.9/create.sql.gz | mysql zabbix -u zabbix -pPASSWORD -h <name of endpoint  in RDS> 

9) yum install httpd24 php54 (PHP 5.4.0 is required for Zabbix 3.0 web frontend) 

yum install php54-mysqlnd.x86_64 php54-gd php54-bcmath php54-pdo php54-xml php54-mbstring 

if httpd and php 5.3 was installed (max versions in amazon linux) - do this 

    sudo yum list installed | grep "php"

       sudo yum remove httpd*

   sudo yum list installed | grep "php"

  yum remove php-cli.x86_64 php-common.x86_64

   sudo yum install httpd24 php54 php54-mysqlnd.x86_64 php54-gd php54-bcmath php54-pdo php54-xml php54-mbstring

chkconfig httpd on

10) sudo chown -R apache:apache /usr/share/zabbix/

11) sudo chown -R apache:apache /etc/zabbix/web/

12) vi  /etc/httpd/conf.d/zabbix.conf 

Alias /zabbix /usr/share/zabbix/

<Directory /usr/share/zabbix>

RemoveHandler .php

AddType application/x-httpd-php .php

php_admin_value open_basedir /usr/share/zabbix:/usr/share/zabbix-agent:/usr/share/zabbix-server:/etc/zabbix:/tmp:.:..:./:../

AllowOverride All

Require all granted

Order allow,deny

Allow from all

</Directory>

13) Go to PUBLIC (PRIVATE) IP with /zabbix (http://34.226.45.64/zabbix in my case) and look at
 Check of pre-requisites and change what's needed

14) change php.ini settings 

vim /etc/php.ini

post_max_size = 16M

max_input_time = 600

max_execution_time = 300

date.timezone = Asia/Jerusalem

15) Configure DB connection settings via web interface - endpoint url instead of localhost

16) Finish the installation and start zabbix agent:

vi /etc/zabbix/zabbix_agentd.conf

        change ServerActive and Hostname

/etc/init.d/zabbix-agent start

chkconfig zabbix-agent on

Elasticsearch indices deletion (+ closing)

There are 2 options to optimize elasticsearch storage. We use it in ELK stack. 

The easiest way to do this is to use curator. 

Location: /usr/local/bin/curator

Main config: --config /home/ubuntu/.curator/curator.yml

 main curator config

client:
hosts:
- 127.0.0.1
port: 9200
url_prefix:
use_ssl: False
certificate:
client_cert:
client_key:
ssl_no_validate: False
http_auth:
timeout: 30
master_only: False

logging:
loglevel: INFO
logfile: /var/log/curator.log
logformat: default
blacklist: ['elasticsearch', 'urllib3']

Actions: 

/home/ubuntu/.curator/actions/close.yml 

 close.yml config

actions:
  1:
    action: close
    description: >-
      Close indices older than 45 days (based on index name), for logstash-
      prefixed indices.
    options:
      delete_aliases: False
      timeout_override:
      continue_if_exception: False
      disable_action: False
    filters:
    - filtertype: pattern
      kind: prefix
      value: logstash-
      exclude:
    - filtertype: age
      source: name
      direction: older
      timestring: '%Y.%m.%d'
      unit: days
      unit_count: 45
      exclude:

/home/ubuntu/.curator/actions/delete_indices.yml 

 delete_indices.yml config

actions:

  1:

    action: delete_indices

    description: >-

      Delete indices older than 60 days (based
on index name), for logstash-

      prefixed indices. Ignore the error if the
filter does not result in an

      actionable list of indices
(ignore_empty_list) and exit cleanly.

    options:

      ignore_empty_list: True

      timeout_override:

      continue_if_exception: False

      disable_action: False

    filters:

    - filtertype: pattern

      kind: prefix

      value: logstash-

      exclude:

    - filtertype: age

      source: name

      direction: older

      timestring: '%Y.%m.%d'

      unit: days

      unit_count: 60

      exclude:

1) Closing indices. 

It will "forget" (mark them as not important and won't use) all indices, older than X days. They are not deleted, so it won't free up space, but it will work faster. After that,  Indices could be "warmed" again, if needed. 

2) Deletion. 

It will delete all indices, older than X days. Deletes indices to clean space. 

Crontab for ROOT :

20 0 * * * /usr/local/bin/curator --config /home/ubuntu/.curator/curator.yml /home/ubuntu/.curator/actions/close.yml >> /var/log/curator.log 2>&1   50 2 * * * /usr/local/bin/curator --config /home/ubuntu/.curator/curator.yml /home/ubuntu/.curator/actions/delete_indices.yml >> /var/log/curator.log 2>&1