Official Google Cloud Certified Associate Cloud Engineer Study Guide E-Book

Official Google Cloud CertifiedAssociate CloudEngineerStudy Guide

Development Editor: Stephanie Barton

Technical Editors: Stacy Véronneau and Manjeet Dadyala

Google Technical Reviewers: Jake Bednard, Brian Rice, Teresa Hardy, Grace Mollison, Tanay Buddhdev, Richard Rose, Jasen Baker, Jim Rambo, Varsha Datta, Mylene Biddle, Evan Jones, Samar Bhat, Josh Koh, Jeff Sherman, Kuntal Mitra, Michael Arciola and Lisa Guinn

Senior Production Editor: Christine O'Connor

Copy Editor: Kim Wimpsett

Content Enablement and Operations Manager: Pete Gaughan

Production Manager: Kathleen Wisor

Associate Publisher: Jim Minatel

Book Designers: Judy Fung and Bill Gibson

Proofreader: Louise Watson, Word One New York

Indexer: Johnna VanHoose Dinse

Project Coordinator, Cover: Brent Savage

Cover Designer: Wiley

Cover Image: Getty Images Inc. / Jeremy Woodhouse

Copyright © 2019 by John Wiley & Sons, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 978-1-119-56441-6

ISBN: 978-1-119-56418-8 (ebk.)

ISBN: 978-1-119-56439-3 (ebk.)

Manufactured in the United States of America

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley ­products, visit www.wiley.com.

Library of Congress Control Number: 2019936130

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. Google Cloud and the Google Cloud logo are trademarks of Google LLC and/or its affiliates, in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

to Katherine

Acknowledgments

A book is a team effort—more so for this book than any I’ve written before.

I am fortunate to have had the opportunity to work with Jim Minatel, associate publisher at John Wiley & Sons, and Carole Jelen, VP of Waterside Productions. Carole and Jim shared their vision for this book and invited me into their endeavor. They have been through the entire, sometimes time-challenged, writing of this book. Their knowledge and experience led to an improved book over the one you might otherwise be reading.

I am especially grateful for Stephanie Barton’s help shaping the manuscript into its finished form. Stephanie edited the text, deciphered awkward grammatical contortions, and helped me think through the pedagogy of question design.

Thank you to Christine O’Connor for shepherding this book through the production process, which had more moving parts than I could track. Thanks to Kim Wimpsett for getting the text into final shape and suitable for the public.

I appreciate the careful attention and close reading by the technical editors, whose efforts made the text more precise and accurate.

I am fortunate to work in a stimulating professional environment where the culture supports who we are as individuals and enables a level of collaboration I’ve never experienced before joining New Relic. Thank you to my director, Cathy Rotering, who has a talent for seeing what makes people tick and helping them get where they want to go.

Like any accomplishment that might look like my doing, this book is possible because of those closest to me: Meg; all five of my children, particularly James and Nicholas, who were my first readers; and most importantly my wife, Katherine. For the 35 years we’ve been together, Katherine has engaged life with joy. Her own demanding work in literary publishing and poetry is changing lives, but Katherine is always present for those she loves, especially me.

About the Author

Dan Sullivan is a principal engineer and software architect at New Relic. He specializes in streaming analytics, machine learning, and cloud computing. Dan is the author of NoSQL for Mere Mortals and several LinkedIn Learning courses on databases, data science, and machine learning. Dan has certifications from Google and AWS along with a Ph.D. in genetics and computational biology.

CONTENTS

Cover

Acknowledgments

About the Author

Introduction

Assessment Test

Answers to Assessment Test

Chapter 1 Overview of Google Cloud Platform

Types of Cloud Services

Cloud Computing vs. Data Center Computing

Exam Essentials

Review Questions

Chapter 2 Google Cloud Computing Services

Computing Components of Google Cloud Platform

Storage Components of Google Cloud Platform

Networking Components of Google Cloud Platform

Additional Components of Google Cloud Platform

Exam Essentials

Review Questions

Chapter 3 Projects, Service Accounts, and Billing

How GCP Organizes Projects and Accounts

Roles and Identities

Service Accounts

Billing

Enabling APIs

Provisioning Stackdriver Workspaces

Exam Essentials

Review Questions

Chapter 4 Introduction to Computing in Google Cloud

Compute Engine

App Engine

Kubernetes Engine

Cloud Functions

Summary

Exam Essentials

Review Questions

Chapter 5 Computing with Compute Engine Virtual Machines

Creating and Configuring Virtual Machines with the Console

Creating and Configuring Virtual Machines with Cloud SDK

Basic Virtual Machine Management

Guidelines for Planning, Deploying, and Managing Virtual Machines

Summary

Exam Essentials

Review Questions

Chapter 6 Managing Virtual Machines

Managing Single Virtual Machine Instances

Introduction to Instance Groups

Guidelines for Managing Virtual Machines

Summary

Exam Essentials

Review Questions

Chapter 7 Computing with Kubernetes

Introduction to Kubernetes Engine

Deploying Kubernetes Clusters

Deploying Application Pods

Monitoring Kubernetes

Summary

Exam Essentials

Review Questions

Chapter 8 Managing Kubernetes Clusters

Viewing the Status of a Kubernetes Cluster

Adding, Modifying, and Removing Nodes

Adding, Modifying, and Removing Pods

Adding, Modifying, and Removing Services

Viewing the Image Repository and Image Details

Summary

Exam Essentials

Review Questions

Chapter 9 Computing with App Engine

App Engine Components

Deploying an App Engine Application

Scaling App Engine Applications

Splitting Traffic between App Engine Versions

Summary

Exam Essentials

Review Questions

Chapter 10 Computing with Cloud Functions

Introduction to Cloud Functions

Cloud Functions Receiving Events from Cloud Storage

Cloud Functions Receiving Events from Pub/Sub

Summary

Exam Essentials

Review Questions

Chapter 11 Planning Storage in the Cloud

Types of Storage Systems

Storage Data Models

Choosing a Storage Solution: Guidelines to Consider

Summary

Exam Essentials

Review Questions

Chapter 12 Deploying Storage in Google Cloud Platform

Deploying and Managing Cloud SQL

Deploying and Managing Datastore

Deploying and Managing BigQuery

Deploying and Managing Cloud Spanner

Deploying and Managing Cloud Pub/Sub

Deploying and Managing Cloud Bigtable

Deploying and Managing Cloud Dataproc

Managing Cloud Storage

Summary

Exam Essentials

Review Questions

Chapter 13 Loading Data into Storage

Loading and Moving Data to Cloud Storage

Importing and Exporting Data

Streaming Data to Cloud Pub/Sub

Summary

Exam Essentials

Review Questions

Chapter 14 Networking in the Cloud: Virtual Private Clouds and Virtual Private Networks

Creating a Virtual Private Cloud with Subnets

Deploying Compute Engine with a Custom Network

Creating Firewall Rules for a Virtual Private Cloud

Creating a Virtual Private Network

Summary

Exam Essentials

Review Questions

Chapter 15 Networking in the Cloud: DNS, Load Balancing, and IP Addressing

Configuring Cloud DNS

Configuring Load Balancers

Managing IP Addresses

Summary

Exam Essentials

Review Questions

Chapter 16 Deploying Applications with Cloud Launcher and Deployment Manager

Deploying a Solution Using Cloud Launcher

Deploying an Application Using Deployment Manager

Summary

Exam Essentials

Review Questions

Chapter 17 Configuring Access and Security

Managing Identity and Access Management

Managing Service Accounts

Viewing Audit Logs

Summary

Exam Essentials

Review Questions

Chapter 18 Monitoring, Logging, and Cost Estimating

Monitoring with Stackdriver

Logging with Stackdriver

Using Cloud Diagnostics

Using the Pricing Calculator

Summary

Exam Essentials

Review Questions

Appendix Answers to Review Questions

Chapter 1: Overview of Google Cloud Platform

Chapter 2: Google Cloud Computing Services

Chapter 3: Projects, Service Accounts, and Billing

Chapter 4: Introduction to Computing in Google Cloud

Chapter 5: Computing with Compute Engine Virtual Machines

Chapter 6: Managing Virtual Machines

Chapter 7: Computing with Kubernetes

Chapter 8: Managing Kubernetes Clusters

Chapter 9: Computing with App Engine

Chapter 10: Computing with Cloud Functions

Chapter 11: Planning Storage in the Cloud

Chapter 12: Deploying Storage in Google Cloud Platform

Chapter 13: Loading Data into Storage

Chapter 14: Networking in the Cloud: Virtual Private Clouds and Virtual Private Networks

Chapter 15: Networking in the Cloud: DNS, Load Balancing, and IP Addressing

Chapter 16: Deploying Applications with Cloud Launcher and Deployment Manager

Chapter 17: Configuring Access and Security

Chapter 18: Monitoring, Logging, and Cost Estimating

Index

Advert

End User License Agreement

List of Tables

Chapter 11

Table 11.1

Chapter 12

Table 12.1

Table 12.2

Chapter 18

Table 18.1

List of Illustrations

Chapter 2

Figure 2.1 VM instances running within a hypervisor

Figure 2.2 Containers running on a physical server

Chapter 3

Figure 3.1 You can create Cloud Identity accounts and manage G Suite users from the Identi...

Figure 3.2 Generic organization folder project

Figure 3.3 Example organization folder project

Figure 3.4 Organizational policies are managed in the IAM & admin console.

Figure 3.5 Home page console

Figure 3.6 Navigation menu

Figure 3.7 Select Manage Resources.

Figure 3.8 Click Create Project.

Figure 3.9 Create Project dialog

Figure 3.10 A sample list of roles in GCP

Figure 3.11 IAM permissions

Figure 3.12 Adding a user

Figure 3.13 Service accounts listing in the IAM & admin console

Figure 3.14 The main Billing form listing existing billing accounts

Figure 3.15 The form to create a new billing account

Figure 3.16 The budget form enables you to have notices sent to you when certain percentage...

Figure 3.17 Billing export form

Figure 3.18 Exporting to BigQuery

Figure 3.19 Exporting billing data to a file

Figure 3.20 An example API services dashboard

Figure 3.21 Services that can have their APIs enabled

Figure 3.22 Details about API usage

Figure 3.23 The main Stackdriver dashboard

Figure 3.24 Administrative functions for managing Stackdriver workspaces

Figure 3.25 Create Workspace dialog

Chapter 4

Figure 4.1 A subset of operating system images available in Compute Engine

Figure 4.2 Creating a VM in Compute Engine

Figure 4.3 The first step in creating a snapshot

Figure 4.4 Creating a snapshot in Compute Engine

Figure 4.5 The current project name or the option to select one is displayed in Google Clo...

Figure 4.6 Choosing a project from existing projects in an account

Figure 4.7 Selecting a region and zone in the Create VM form

Figure 4.8 An example listing of users and roles

Figure 4.9 Customizing a VM by adjusting the number of CPUs and the amount of memory

Figure 4.10 The structure of an App Engine application

Figure 4.11 Figure 4.11 Interface to create a Kubernetes cluster in Kubernetes Engine

Chapter 5

Figure 5.1 The main starting form of Google Cloud Console

Figure 5.2 The Project form lets you choose the project to work with when creating VMs. Yo...

Figure 5.3 When a billing account does not exist for a project, you will be given the opti...

Figure 5.4 The starting panel for creating a VM

Figure 5.5 Part of the main configuration form for creating VMs in Compute Engine

Figure 5.6 A partial list of regions providing Compute Engine services

Figure 5.7 A list of zones within the us-east-1 region

Figure 5.8 A list of machine types available in the us-east1-b zone

Figure 5.9 Dialog for configuring the boot disk of the VM

Figure 5.10 Identity and API Access and Firewall configurations

Figure 5.11 The first part of the Management tab of the VM creation form

Figure 5.12 The second part of the Management tab of the VM creation form

Figure 5.13 Additional security controls can be placed on VMs.

Figure 5.14 Boot disk advanced configuration

Figure 5.15 Dialog for adding an existing disk to a VM

Figure 5.16 Dialog for adding a new disk to a VM

Figure 5.17 Dialog for network configuration of a VM

Figure 5.18 Sole Tenancy configuration form

Figure 5.19 Cloud Shell is activated through Cloud Console.

Figure 5.20 Cloud Shell opens a command-line window in the browser.

Figure 5.21 Basic operations on VMs can be performed using a pop-up menu in the console.

Figure 5.22 From the console, you can start an SSH session to log into a Linux server.

Figure 5.23 A terminal window opens in a new browser window when using Cloud Shell.

Figure 5.24 The Monitoring tab of the VM Instance Details page shows CPU utilization.

Figure 5.25 The Monitoring tab of the VM Instance Details page also shows network utilizati...

Figure 5.26 Disk utilization is included in the Monitoring tab of the VM Instance Details p...

Chapter 6

Figure 6.1 The VM Instance panel in the Compute Engine section of Cloud Console

Figure 6.2 The list of commands available from the console for changing the state of a VM ...

Figure 6.3 A warning message that may appear about stopping a VM

Figure 6.4 When VMs are stopped the icon on the left changes, and SSH is no longer availab...

Figure 6.5 When VMs are stopped, Stop and Reset are no longer available, but Start is avai...

Figure 6.6 Deleting an instance from the console will display a warning message such as th...

Figure 6.7 List of instances filtered by search criteria

Figure 6.8 When attaching GPUs, it is best to use an image that has the necessary librarie...

Figure 6.9 The Cloud Console form for configuring machine type

Figure 6.10 This form is used when creating a customized machine type.

Figure 6.11 Selecting the number of GPUs to attach to the VM

Figure 6.12 Selecting the type of GPUs to attach to the VM

Figure 6.13 Recommended availability policies for VMs with attached GPUs

Figure 6.14 To work with snapshots, a user needs to have the Cloud Storage Admin role.

Figure 6.15 Creating a snapshot using Cloud Console

Figure 6.16 Form for creating a snapshot

Figure 6.17 Images available. From here, you can create additional images.

Figure 6.18 Cloud Console form for creating an image

Figure 6.19 Options for the source of an image

Figure 6.20 Options when using a disk as the source of an image

Figure 6.21 When using an image as a source, you can choose a source image from another pro...

Figure 6.22 When using a Cloud Storage file as a source, you browse your storage buckets fo...

Figure 6.23 The Delete and Deprecate commands are available when one of your custom images ...

Figure 6.24 Instance group templates can be created in the console using a form similar to ...

Figure 6.25 Instance group templates can be deleted in the console.

Figure 6.26 The instance group can be deleted in the console.

Chapter 7

Figure 7.1 The Overview page of the Kubernetes Engine section of Cloud Console

Figure 7.2 The form for creating credentials needed to use Kubernetes Engine

Figure 7.3 The first form for creating a Kubernetes cluster in Cloud Console

Figure 7.4 Templates for creating a Kubernetes cluster

Figure 7.5 The cluster listing shows the number of instances, total cores, and total memor...

Figure 7.6 You can connect to the cluster either by using a

gcloud

command from the comman...

Figure 7.7 The Workloads page lists currently running workloads.

Figure 7.8 The Create Deployment option provides a form to specify a container to run and ...

Figure 7.9 YAML specification for a Kubernetes deployment

Figure 7.10 Expanding the Advanced Options in the Create Cluster dialog will show two check...

Figure 7.11 An initial dialog box to create a workspace in Stackdriver

Figure 7.12 The Stackdriver Monitoring Overview page

Figure 7.13 List of instances in a Kubernetes cluster

Figure 7.14 A typical detailed monitoring page of an instance running in a Kubernetes clust...

Figure 7.15 When creating an alerting policy, this form allows you to specify components of...

Figure 7.16 Stackdriver supports a number of condition types.

Figure 7.17 Stackdriver metric threshold conditions are based on a set of monitored resourc...

Figure 7.18 Stackdriver supports a number of condition types.

Figure 7.19 Creating a policy to monitor CPU utilization

Figure 7.20 Adding a condition to a policy

Figure 7.21 Choosing a notification channel

Figure 7.22 A completed policy creation form

Figure 7.23 Monitoring results of policy on CPU usage

Chapter 8

Figure 8.1 Navigation menu in Google Cloud Console

Figure 8.2 Selecting Kubernetes Engine from the navigation menu

Figure 8.3 Pinning a service to the top of the navigation menu

Figure 8.4 Example list of clusters in Kubernetes Engine

Figure 8.5 Click the name of a cluster to display its details.

Figure 8.6 The first part of the cluster Details page describes the configuration of the c...

Figure 8.7 Add-on and permission details for a cluster

Figure 8.8 Details about node pools in the cluster

Figure 8.9 Storage information about a cluster

Figure 8.10 Listing of nodes in the cluster

Figure 8.11 Example details of a node running in a Kubernetes cluster

Figure 8.12 Pod status display, with status as Running

Figure 8.13 Details of a container running in a pod

Figure 8.14 Example output from the

gcloud container clusters

list command

Figure 8.15 Part 1 of the information displayed by the

gcloud container clusters describe

c...

Figure 8.16 Part 2 of the information displayed by the

gcloud container clusters describe

c...

Figure 8.17 Example output of the

get-credentials

command

Figure 8.18 Example output of the

kubectl get nodes

command

Figure 8.19 Example output of the

kubectl get pods

command

Figure 8.20 Partial listing of the details shown by the

kubectl describe nodes

command

Figure 8.21 Partial listing of the details shown by the

kubectl describe pods

command

Figure 8.22 Details of a cluster in Cloud Console

Figure 8.23 Details of a node pool in Cloud Console

Figure 8.24 List of deployments in a cluster

Figure 8.25 Multiple forms contain details of a deployment and include a menu of actions yo...

Figure 8.26 List of actions available for deployments

Figure 8.27 Set the number of replicas for a deployment.

Figure 8.28 Enable autoscaling to automatically add and remove replicas as needed depending...

Figure 8.29 Form to expose services running on pods

Figure 8.30 Form to specify parameters for rolling updates of code running in pods

Figure 8.31 A list of deployments on the command line

Figure 8.32 List of deployments along with a Deploy command to create new services

Figure 8.33 Form to specify a new deployment for a service

Figure 8.34 Details of a service running in a deployment

Figure 8.35 Navigate to the Service Details page to delete a service using the Delete optio...

Figure 8.36 A list of services displayed by a

kubectl get services

command

Figure 8.37 A listing of images in a Container Registry

Figure 8.38 A list of versions for an image

Figure 8.39 Details of a version of an image

Figure 8.40 List of images in a container repository

Figure 8.41 A listing of image details produced by the

describe image

command

Chapter 9

Figure 9.1 The component hierarchy of App Engine applications

Figure 9.2 The contents of an

app.yaml

file for a Python application

Figure 9.3 The output of the

gcloud app deploy

command

Figure 9.4 The output of the Hello World app when running in App Engine Standard

Figure 9.5 A listing of services in the App Engine console

Figure 9.6 A listing of versions in the App Engine console

Figure 9.7 A listing of services in the App Engine console

Figure 9.8 An example

app.yaml

for the Hello World app with autoscaling parameters

Figure 9.9 Example

app.yaml

using basic scaling

Figure 9.10 Example

app.yaml

using manual scaling

Chapter 10

Figure 10.1 Opening the Cloud Functions console

Figure 10.2 The prompt to create a new function in Cloud Console

Figure 10.3 Creating a function in the console

Figure 10.4 List of functions in the console

Figure 10.5 Example log message generated by the

cloud_storage_function_test

function

Figure 10.6 Selecting a trigger from options in Cloud Console

Chapter 11

Figure 11.1 Configuration parameters for a Memorystore cache

Figure 11.2 Form to create a persistent disk

Figure 11.3 Form to create a storage bucket from the console. Advanced options are displaye...

Figure 11.4 The list of buckets includes a link to define or modify lifecycle policies.

Figure 11.5 When creating a lifecycle policy, click the Add Rule option to define a rule.

Figure 11.6 Listing of buckets in Cloud Storage Browser

Figure 11.7 Form to add a lifecycle rule to a bucket

Figure 11.8 Add an object lifecycle rule to a bucket.

Figure 11.9 Cloud SQL provides both MySQL and PostgreSQL instances.

Figure 11.10 MySQL instances are available in First and Second Generation instances.

Figure 11.11 Configuration form for a MySQL Second Generation instance

Figure 11.12 Configuration form for a PostgreSQL instance

Figure 11.13 The Cloud Spanner configuration form in Cloud Console

Figure 11.14 BigQuery user interface for creating and querying data

Figure 11.15 Form to create a dataset in BigQuery

Figure 11.16 The Datastore user interface allows you to create and query data.

Figure 11.17 Adding entities to Datastore

Figure 11.18 Firestore can be configured to use Datastore’s backend storage system or its ne...

Figure 11.19 Selecting a location for a Firebase database

Figure 11.20 Firestore database ready for use

Figure 11.21 Configuration form for Bigtable

Chapter 12

Figure 12.1 Creating a MySQL instance

Figure 12.2 A listing of MySQL instances

Figure 12.3 Command-line prompt to work with MySQL after connecting using gcloud sql connec...

Figure 12.4 Listing the contents of a table in MySQL

Figure 12.5 A MySQL Instance Details page

Figure 12.6 Form used to click Create Backup

Figure 12.7 Assign a description to a backup and create it.

Figure 12.8 Listing of backups available for this instance

Figure 12.9 Enabling automatic backups in Cloud Console

Figure 12.10 Adding data to a Datastore entity

Figure 12.11 Query data store using GGL, a SQL-like query language

Figure 12.12 The BigQuery user interface. Note that this is a beta version of the new interf...

Figure 12.13 Example query with estimated amount of data scanned

Figure 12.14 Using the Pricing Calculator to estimate the cost of a query

Figure 12.15 A listing of job statuses in BigQuery

Figure 12.16 Create a Cloud Spanner instance.

Figure 12.17 Create a database within a Cloud Spanner instance.

Figure 12.18 Create a table within the database.

Figure 12.19 List of table columns in the table

Figure 12.20 Select the Data tab to insert data into the table.

Figure 12.21 Data entered into the table

Figure 12.22 Query a table from the Query form.

Figure 12.23 Create a Pub/Sub topic.

Figure 12.24 Name a topic.

Figure 12.25 List of topics

Figure 12.26 Creating a subscription to a topic

Figure 12.27 The form for creating a subscription

Figure 12.28 A list of subscriptions

Figure 12.29 Creating a Bigtable instance

Figure 12.30 Displaying table contents using the

cbt read

command

Figure 12.31 Dataproc console page

Figure 12.32 Create a Dataproc cluster.

Figure 12.33 Listing of Dataproc clusters

Figure 12.34 Submit a job from the Cluster Details page.

Figure 12.35 Listing of jobs

Figure 12.36 Logging detail of a running job

Figure 12.37 Renaming and moving an object from the console

Chapter 13

Figure 13.1 The first step in loading data into Cloud Storage is to create a bucket.

Figure 13.2 Defining a regional bucket in us-west1

Figure 13.3 From Bucket Details page, you can upload files and folders.

Figure 13.4 Choosing the File Upload option prompts for a file using the client device file...

Figure 13.5 Choosing the Folder Upload option works similarly to File Upload; you are promp...

Figure 13.6 Objects can be moved by using the

move

command in the Operations menu.

Figure 13.7 When moving an object in the console, you will be prompted for a destination bu...

Figure 13.8 Listing of database instances on the Cloud SQL page of the console

Figure 13.9 The Instance Detail page has Import and Export tabs.

Figure 13.10 Exporting a database requires a bucket to store the export file and a file form...

Figure 13.11 Importing a database requires a path to the bucket and object storing the expor...

Figure 13.12 Details about a database instance generated by the gcloud sql instances describ...

Figure 13.13 Detailed list of a BigQuery table

Figure 13.14 Choosing a target location for a BigQuery export

Figure 13.15 Specifying the output parameters for a BigQuery export operation

Figure 13.16 When viewing a data set, you have the option to create a table.

Figure 13.17 Creating a table in BigQuery

Figure 13.18 Data can be imported from multiple kinds of locations.

Figure 13.19 File format options for importing

Figure 13.20 Listing of Spanner instances

Figure 13.21 Details of Spanner instance, with Import and Export tabs

Figure 13.22 Export form for Cloud Spanner

Figure 13.23 Import form for Cloud Spanner

Chapter 14

Figure 14.1 The VPC section of the Cloud Console

Figure 14.2 Form to create a VPC in Cloud Console, part 1

Figure 14.3 Creating a custom subnet

Figure 14.4 Form to create a VPC in Cloud Console, part 2

Figure 14.5 Listing of VPCs and subnets

Figure 14.6 Preliminary form to create an instance in Cloud Console

Figure 14.7 Networking configuration form

Figure 14.8 Form to add a custom network interface

Figure 14.9 List of firewall rules in the VPC section of Cloud Console

Figure 14.10 Create firewall rule form

Figure 14.11 List of target types

Figure 14.12 List of source filter types

Figure 14.13 Listing of firewall rule created using earlier configuration

Figure 14.14 Hybrid Connectivity section of Cloud Console

Figure 14.15 Create a VPN connection form

Figure 14.16 Creating a static IP address

Figure 14.17 Creating a cloud router

Chapter 15

Figure 15.1 Network Services Cloud DNS page

Figure 15.2 Create a public DNS zone.

Figure 15.3 Create a private DNS zone.

Figure 15.4 List of DNS zones

Figure 15.5 List of records in a DNS zone

Figure 15.6 Create an A record set.

Figure 15.7 Create a CNAME record.

Figure 15.8 Network services, load balancing section

Figure 15.9 Create A Load Balancer options

Figure 15.10 Creating a TCP balancer

Figure 15.11 Three-step process to configure a load balancer

Figure 15.12 Configuring the backend

Figure 15.13 Creating a health check

Figure 15.14 Configuring the frontend

Figure 15.15 Reviewing the load balancer configuration

Figure 15.16 Listing of load balancers

Figure 15.17 List of reserved static IP addresses

Figure 15.18 Reserving a static IP address

Chapter 16

Figure 16.1 Cloud Launcher main page

Figure 16.2 Filtering by category

Figure 16.3 Data sets available in Cloud Launcher

Figure 16.4 Operating systems available in Cloud Launcher

Figure 16.5 Developer tools available in Cloud Launcher

Figure 16.6 Overview page of a WordPress solution

Figure 16.7 Details of the contents of the solution package

Figure 16.8 Pricing estimates for the WordPress solution

Figure 16.9 Launch a Cloud Launcher solution from the overview page of the product.

Figure 16.10 The launch form for a WordPress solution in Cloud Launcher

Figure 16.11 Additional parameters for IP configuration

Figure 16.12 Solution overview shown in the Launch form

Figure 16.13 Cloud Deployment Manager launching WordPress

Figure 16.14 Information about the deployed WordPress instance

Figure 16.15 Logging into WordPress

Chapter 17

Figure 17.1 Permissions listing filtered by member

Figure 17.2 List of identities assigned to App Engine Admin and Editor

Figure 17.3 The Add option in IAM is where you can assign users or groups one or more roles...

Figure 17.4 The drop-down list in the Roles parameters shows available roles grouped by ser...

Figure 17.5 An example listing permissions using the

gcloud iam roles describe

command

Figure 17.6 An example listing of permissions available for App Engine Deployer using Cloud...

Figure 17.7 Creating a role in Cloud Console

Figure 17.8 List of available permissions filtered by role

Figure 17.9 The permissions section of the Create Role form with permissions added

Figure 17.10 Access Scopes section in VM instance details edit page

Figure 17.11 A partial list of services and scopes that can be individually configured

Figure 17.12 Creating a service account in the console

Figure 17.13 Section of Edit Instance page showing the Service Account parameter

Figure 17.14 List of service accounts that can be assigned to the instance

Figure 17.15 Default listing of the Stackdriver Logging page

Chapter 18

Figure 18.1 Initial form used to create a Workspace in Stackdriver

Figure 18.2 Selecting a project for the Workspace

Figure 18.3 Optionally adding other projects to monitor

Figure 18.4 Optionally monitoring AWS resources

Figure 18.5 Listing of instructions to install agents on servers to be monitored

Figure 18.6 Listing of email reporting options

Figure 18.7 The Stackdriver Workspace initialization is complete.

Figure 18.8 Monitoring Overview page in Stackdriver

Figure 18.9 Creating a new policy for monitoring a metric

Figure 18.10 Selecting a CPU utilization metric

Figure 18.11 Additional parameters to configure CPU utilization monitoring

Figure 18.12 Optional aggregates for Aligner

Figure 18.13 Aggregate functions for reducing multiple values to a single value

Figure 18.14 Specifying a threshold above which an alert is triggered

Figure 18.15 Specifying notification channels

Figure 18.16 Adding documentation and a policy name along with a condition and notification ...

Figure 18.17 The status of the policy and a display of CPU load in the recent past

Figure 18.18 Logging Export form in Cloud Console

Figure 18.19 Creating a BigQuery log sink

Figure 18.20 Creating a Cloud Storage log sink

Figure 18.21 Creating a Pub/Sub log sink

Figure 18.22 Specifying the name of a new BigQuery data set

Figure 18.23 Confirmation that a new sink has been created

Figure 18.24 Listing of log entries in Cloud Console

Figure 18.25 Log entries that contain the text string Monitoring

Figure 18.26 Partial list of resource types for filtering logs

Figure 18.27 Example listing of logs generating entries in Stackdriver Logging

Figure 18.28 A list of log levels that can be used to filter log entries displayed

Figure 18.29 Predefined time span options for filtering log entries

Figure 18.30 Form for specifying a custom time range for filtering log entries

Figure 18.31 A log entry expanded one level

Figure 18.32 A log entry with the protoPayload structure expanded

Figure 18.33 A partial listing of a fully expanded log entry

Figure 18.34 Overview of Cloud Trace

Figure 18.35 Creating a report using Cloud Trace data

Figure 18.36 Filtering trace data by HTTP method

Figure 18.37 Filtering trace data by response code

Figure 18.38 Overview page of Cloud Debug

Figure 18.39 Code listing of sample Python program provided by Google

Figure 18.40 Setting a snapshot to be taken when line 20 executes

Figure 18.41 Code with a logpoint injected

Figure 18.42 The Cloud Console home page has a card linking to the Cloud Status Dashboard.

Figure 18.43 Partial listing of the Google Cloud Status Dashboard

Figure 18.44 Example description of service interruption

Figure 18.45 Pricing Calculator banner with a partial display of services available

Figure 18.46 Partial listing of pricing form for VMs

Figure 18.47 Example price estimate for 2 n1-standard-1 VMs

Figure 18.48 Form for estimating the price of a Kubernetes cluster

Figure 18.49 The parameters required to estimate the cost of storing and querying BigQuery d...

Guide

Cover

Table of Contents

Introduction

Pages

iii

iv

v

vii

ix

xxi

xxii

xxiii

xxiv

xxv

xxvi

xxvii

xxviii

xxix

xxx

xxxi

xxxii

xxxiii

xxxiv

xxxv

xxxvi

xxxvii

xxxviii

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

5

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

521

522

523

Introduction

Google Cloud Platform (GCP) is a leading public cloud that provides its users with some of the same software, hardware, and networking infrastructure used to power Google services. Businesses, organizations, and individuals can launch servers in minutes, store petabytes of data, and implement global virtual clouds with GCP. It includes an easy-to-use console interface, command-line tools, and application programming interfaces (APIs) for managing resources in the cloud. Users can work with general resources, such as virtual machines (VMs) and persistent disks, or opt for highly focused services for Internet of Things (IoT), machine learning, media, and other specialized domains.

Deploying and managing applications and services in GCP requires a clear understanding of the way Google structures user accounts and manages identities and access controls; you also need to understand the advantages and disadvantages of using various services. Certified Associate Cloud Engineers have demonstrated the knowledge and skills needed to deploy and operate infrastructure, services, and networks in Google Cloud.

This study guide is designed to help you understand GCP in depth so that you can meet the needs of those operating resources in Google Cloud. Yes, this book will, of course, help you pass the Associate Cloud Engineer certification exam, but this is not an exam cram guide. You will learn more than is required to pass the exam; you will understand how to meet the day-to-day challenges faced by cloud engineers, including choosing services, managing users, deploying and monitoring infrastructure, and helping map business requirements into cloud-based solutions.

Each chapter in this book covers a single topic and includes an “Exam Essentials” section that outlines key information you should know to pass the certification exam. There are also exercises to help you review and reinforce your understanding of the chapter’s topic. Sample questions are included at the end of each chapter so you can get a sense of the types of questions you will see on the exam. The book also includes flashcards and practice exams that cover all topics you’ll learn about with this guide.

What Does This Book Cover?

This book describes products and services in GCP. It does not include G Suite administration topics.

Chapter 1: Overview of Google Cloud Platform In the opening chapter, we look into the types of services provided by GCP, which include compute, storage, and networking services as well as specialized services, such as machine learning products. This chapter also describes some of the key differences between cloud computing and data center or on-premise computing.

Chapter 2: Google Cloud Computing Services This chapter provides an overview of infrastructure services such as computing, storage, and networking. It introduces the concept of identity management and related services. It also introduces DevOps topics and tools for deploying and monitoring applications and resources. GCP includes a growing list of specialized services, such as machine learning and natural language processing services. Those are briefly discussed in this chapter. The chapter introduces Google Cloud’s organizational structure with a look at regions and zones. The chapter concludes with a discussion of Cloud Launcher for deploying packaged applications.

Chapter 3: Projects, Service Accounts, and Billing One of the first things you will do when starting to work with GCP is to set up your accounts. In this chapter, you will learn how resources in accounts are organized into organizations, folders, and projects. You will learn how to create and edit these structures. You will also see how to enable APIs for particular projects as well as manage user identities and their access controls. This chapter describes how to create billing accounts and link them to projects. You will also learn how to create budgets and define billing alerts to help you manage costs. Finally, the chapter describes how to create Stackdriver accounts, which are used as part of the monitoring system in GCP.

Chapter 4: Introduction to Computing in Google Cloud In this chapter, you will see the variety of options available for running applications and services in GCP. Options include Compute Engine, which provides VMs running Linux or Windows operating systems. App Engine is a platform as a service (PaaS) option that allows developers to run their applications without having to concern themselves with managing VMs. If you will be running multiple applications and services, you may want to take advantage of containers, which are a lightweight alternative to VMs. You will learn about containers and how to manage them with Kubernetes Engine. This chapter also introduces Cloud Functions, which is for event-driven, short-running tasks such as triggering the processing of an image loaded into Cloud Storage. You will also learn about Firebase, a set of services well suited for providing backend infrastructure to mobile applications.

Chapter 5: Computing with Compute Engine Virtual Machines In this chapter, you will learn how to configure VMs, including selecting CPU, memory, storage options, and operating system images. You will learn how to use GCP Console and Cloud Shell to work with VMs. In addition, you will see how to install the command-line interface and SDK, which you will use to start and stop VMs. The chapter will also describe how to enable network access to VMs.

Chapter 6: Managing Virtual Machines In the previous chapter, you learned how to create VMs, and in this chapter you will learn how to manage individual and groups of VMs. You will start by managing a single instance of a VM using the GCP console and then perform the same operations using Cloud Shell and the command line. You will also learn how to view currently running VMs. Next, you’ll learn about instance groups, which allow you to create sets of VMs that you can manage as a single unit. In the section on instance groups, you will learn the difference between managed and unmanaged instance groups. You will also learn about preemptible instances, which are low-cost VMs that may be shut down by Google. You will learn about the cost-benefit trade-offs of preemptible instances. Finally, the chapter closes with guidelines for managing VMs.

Chapter 7: Computing with Kubernetes This chapter introduces Kubernetes Engine, Google’s managed Kubernetes service. Kubernetes is a container orchestration platform created and released as open source by Google. In this chapter, you will learn the basics of containers, container orchestration, and the Kubernetes architecture. The discussion will include an overview of Kubernetes objects such as pods, services, volumes, and namespaces, as well as Kubernetes controllers such as ReplicaSets, deployments, and jobs.

Next, the chapter turns to deploying a Kubernetes cluster using GCP console, Cloud Shell, and SDK. You will also see how to deploy pods, which includes downloading an existing Docker image, building a Docker image, creating a pod, and then deploying an application to the Kubernetes cluster. Of course, you will need to know how to monitor a cluster of servers. This chapter provides a description of how to set up monitoring and logging with Stackdriver, which is Google’s application, service, container, and infrastructure monitoring service.

Chapter 8: Managing Kubernetes Clusters In this chapter you will learn the basics of managing a Kubernetes cluster, including viewing the status of the cluster, viewing the contents of the image repository, viewing details about images in the repository, and adding, modifying, and removing nodes, pods, and services. As in the chapter on managing VMs, in this chapter you will learn how to perform management operations with the three management tools: GCP console, Cloud Shell, and SDK. The chapter concludes with a discussion of guidelines and good practices for managing a Kubernetes cluster.

Chapter 9: Computing with App Engine Google App Engine is Google’s PaaS offering. You will learn about App Engine components such as applications, services, versions, and instances. The chapter also covers how to define configuration files and specify dependencies of an application. In this chapter, you will learn how to view App Engine resources using GCP console, Cloud Shell, and SDK. The chapter also describes how to distribute workload by adjusting traffic with splitting parameters. You will also learn about autoscaling in App Engine.

Chapter 10: Computing with Cloud Functions Cloud Functions is for event-driven, serverless computations. This chapter introduces Cloud Functions, including using it to receive events, evoke services, and return results. Next, you’ll see use cases for Cloud Functions, such as integrating with third-party APIs and event-driven processing. You will learn about Google’s Pub/Sub service for publication- and subscription-based processing and how to use Cloud Functions with Pub/Sub. Cloud Functions are well suited to respond to events in Cloud Storage. The chapter describes Cloud Storage events and how to use Cloud Functions to receive and respond to those events. You will learn how to use Stackdriver to monitor and log details of Cloud Function executions. Finally, the chapter concludes with a discussion of guidelines for using and managing Cloud Functions.

Chapter 11: Planning Storage in the Cloud Having described various compute options in GCP, it is time to turn your attention to storage. This chapter describes characteristics of storage systems, such as their time to access, persistence, and data model. In this chapter, you will learn about differences between caches, persistent storage, and archival storage. You will learn about the cost-benefit trade-offs of using regional and multiregional persistent storage and using nearline versus coldline archival storage. The chapter includes details on the various GCP storage options, including Cloud Storage for blob storage; Cloud SQL and Spanner for relational data; Datastore, Bigtable, and BigQuery for NoSQL storage; and Cloud Firebase for mobile application data. The chapter includes detailed guidance on choosing a data store based on requirements for consistency, availability, transaction support, cost, latency, and support for different read/write patterns.

Chapter 12: Deploying Storage in Google Cloud Platform In this chapter, you will learn how to create databases, add data, list records, and delete data from each of GCP’s storage systems. The chapter starts by introducing Cloud SQL, a managed database service that offers MySQL and PostgreSQL managed instances. You will also learn how to create databases in Cloud Datastore, BigQuery, Bigtable, and Spanner. Next, you will turn your attention to Cloud Pub/Sub for storing data in message queues, followed by a discussion of Cloud Dataproc, a managed Hadoop and Spark cluster service, for processing big data sets. In the next section, you will learn about Cloud Storage for objects. The chapter concludes with guidance on how to choose a data store for a particular set of requirements.

Chapter 13: Loading Data into Storage There are a variety of ways of getting data into GCP. This chapter describes how to use the command-line SDK to load data into Cloud SQL, Cloud Storage, Datastore, BigQuery, BigTable, and Dataproc. It will also describe bulk importing and exporting from those same services. Next, you will learn about two common data loading patterns: moving data from Cloud Storage and streaming data to Cloud Pub/Sub.

Chapter 14: Networking in the Cloud: Virtual Private Clouds and Virtual Private Networks In this chapter, you’ll turn your attention to networking with an introduction to basic networking concepts, including the following:

IP addresses

CIDR blocks

Networks and subnetworks

Virtual private clouds (VPCs)

Routing and rules

Virtual private networks (VPNs)

Cloud DNS

Cloud routers

Cloud interconnect

External peering

After being introduced to key networking concepts, you will learn how to create a VPC. Specifically, this will include defining a VPC, specifying firewall rules, creating a VPN, and working with load balancers. You will learn about different types of load balancers and when to use them.

Chapter 15: Networking in the Cloud: DNS, Load Balancing, and IP Addressing In this chapter, you will learn about common network management tasks such as defining subnetworks, adding subnets to a VPC, managing CIDR blocks, and reserving IP addresses. You will learn how to preform each of these tasks using Cloud Console, Cloud Shell, and Cloud SDK.

Chapter 16: Deploying Applications with Cloud Launcher and Deployment Manager Google Cloud Launcher is GCP’s marketplace of preconfigured stacks and services. This chapter introduces Cloud Launcher and describes some applications and services currently available. You will learn how to browse Cloud Launcher, deploy applications from Cloud Launcher, and shut down Cloud Launcher applications. The chapter will also discuss Deployment Manager templates to automate the deployment of an application and launch a Deployment Manager template to provision GCP resources and configure an application automatically.

Chapter 17: Configuring Access and Security This chapter introduces identity management. In particular, you will learn about identities, roles, and assigning and removing identity roles. This chapter also introduces service accounts and how to create them, assign them to VMs, and work with them across projects. You will also learn how to view audit logs for projects and services. The chapter concludes with guidelines for configuring access control security.

Chapter 18: Monitoring, Logging, and Cost Estimating In the final chapter, we will discuss Stackdriver alerts, logging, distributed tracing, and application debugging. Each of the corresponding GCP services is designed to enable more efficient, functional, and reliable services. The chapter concludes with a review of the Pricing Calculator, which is helpful for estimating the cost of resources in GCP.

Interactive Online Learning Environment and TestBank

Studying the material in the Official Google Certified Associate Cloud Engineer Study Guide is an important part of preparing for the Associate Cloud Engineer certification exam, but we provide additional tools to help you prepare. The online TestBank will help you understand the types of questions that will appear on the certification exam.

The sample tests in the TestBank include all the questions in each chapter as well as the questions from the assessment test. In addition, there are two practice exams with 50 questions each. You can use these tests to evaluate your understanding and identify areas that may require additional study.

The flashcards in the TestBank will push the limits of what you should know for the certification exam. There are 100 questions provided in digital format. Each flashcard has one question and one correct answer.

The online glossary is a searchable list of key terms introduced in this exam guide that you should know for the Associate Cloud Engineer certification exam.

To start using these to study for the Google Certified Associate Cloud Engineer exam, go to www.wiley.com/go/sybextestprep and register your book to receive your unique PIN. Once you have the PIN, return to www.wiley.com/go/sybextestprep, find your book and click Register or Login, and follow the link to register a new account or add this book to an existing account.

Exam Objectives

The Associate Cloud Engineer certification is designed for people who create, deploy, and manage enterprise applications and infrastructure in GCP. An Associate Cloud Engineer is comfortable working with Cloud Console, Cloud Shell, and Cloud SDK. Such individuals also understand products offered as part of GCP and their appropriate use cases.

The exam will test your knowledge of the following:

Planning a cloud solution using one or more GCP services

Creating a cloud environment for an organization

Deploying applications and infrastructure

Using monitoring and logging to ensure availability of cloud solutions

Setting up identity management, access controls, and other security measures

Objective Map

The following are specific objectives defined by Google at https://cloud.google.com/certification/guides/cloud-engineer/.

Section 1: Setting up a cloud solution environment

1.1 Setting up cloud projects and accounts. Activities include:

Creating projects

Assigning users to predefined IAM (Identity and Access Management) roles within a project

Linking users to G Suite identities

Enabling APIs within projects

Provisioning one or more Stackdriver accounts

1.2 Managing billing configuration. Activities include:

Creating one or more billing accounts

Linking projects to a billing account

Establishing billing budgets and alerts

Setting up billing exports to estimate daily/monthly charges

1.3 Installing and configuring the command-line interface (CLI), specifically Cloud SDK (e.g., setting the default project)

Section 2: Planning and configuring a cloud solution

2.1 Planning and estimating GCP product use using the Pricing Calculator

2.2 Planning and configuring compute resources. Considerations include:

Selecting appropriate compute choices for a given workload (e.g., Compute Engine, Kubernetes Engine, App Engine)

Using preemptible VMs and custom machine types as appropriate

2.3 Planning and configuring data storage options. Considerations include:

Product choice (e.g., Cloud SQL, BigQuery, Cloud Spanner, Cloud Bigtable)

Choosing storage options (e.g., Regional, Multiregional, Nearline, Coldline)

2.4 Planning and configuring network resources. Tasks include:

Differentiating load balancing options

Identifying resource locations in a network for availability

Configuring Cloud DNS

Section 3: Deploying and implementing a cloud solution

3.1 Deploying and implementing Compute Engine resources. Tasks include:

Launching a compute instance using Cloud Console and Cloud SDK (gcloud) (e.g., assign disks, availability policy, SSH keys)

Creating an autoscaled managed instance group using an instance template

Generating/uploading a custom SSH key for instances

Configuring a VM for Stackdriver monitoring and logging

Assessing compute quotas and requesting increases

Installing the Stackdriver Agent for monitoring and logging

3.2 Deploying and implementing Kubernetes Engine resources. Tasks include:

Deploying a Kubernetes Engine cluster

Deploying a container application to Kubernetes Engine using pods

Configuring Kubernetes Engine application monitoring and logging

3.3 Deploying and implementing App Engine and Cloud Functions resources. Tasks include:

Deploying an application to App Engine (e.g., scaling configuration, versions, and traffic splitting)

Deploying a Cloud Function that receives Google Cloud events (e.g., Cloud Pub/Sub events, Cloud Storage object change notification events)

3.4 Deploying and implementing data solutions. Tasks include:

Initializing data systems with products (e.g., Cloud SQL, Cloud Datastore, BigQuery, Cloud Spanner, Cloud Pub/Sub, Cloud Bigtable, Cloud Dataproc, Cloud Storage)

Loading data (e.g., command-line upload, API transfer, import/export, load data from Cloud Storage, streaming data to Cloud Pub/Sub)

3.5 Deploying and implementing networking resources. Tasks include:

Creating a VPC with subnets (e.g., custom-mode VPC, shared VPC)

Launching a Compute Engine instance with custom network configuration (e.g., internal-only IP address, Google private access, static external and private IP address, network tags)

Creating ingress and egress firewall rules for a VPC (e.g., IP subnets, tags, service accounts)

Creating a VPN between a Google VPC and an external network using Cloud VPN