Victor Yang pydevops

(still a work-in-progress)

Shortlinks:

Cluster Health
- Index Level
- Shard Level
Nodes Overview
Indices Overview
Cluster Maintenance

Good luck to everyone taking this exam!
Skimmed through documents mentioned in https://medium.com/@earlg3/google-cloud-architect-exam-study-materials-5ab327b62bc8
It is a good idea to take the practice exam https://cloud.google.com/certification/practice-exam/cloud-architect. It will give a taste of what the real exam feel like in a lighter fashion. There are right answers given after the exam. I found it is worth the time.
If you have more time, might be a good idea to watch the Google Cloud Next 2017: https://www.youtube.com/playlist?list=PLIivdWyY5sqI8RuUibiH8sMb1ExIw0lAR
IMHO Comparing to the AWS certification exams, it feels like harder than the associate exams but easier than the professional level exams. AWS exams have been designed to have more matching answers, it is a matter to choose what matches most.
Case studies: All the case studies except JencoMart are on my exam. Dress4win got 6 or 7. Please note I have found some question is very generic, not entirely related to the case study

references

cheatsheet & tips

Use case

Secrets such as aws key and secret, google service account json, database id and password etc. can be easily encrypted and decrypted with https://cloud.google.com/kms/. Cloud KMS does not directly store secrets. It can encrypt secrets that you store elsewhere, i.e. the key itself is stored within KMS.

Let's illustrate with a real world example step by step. We can encrypt and decrypt a service account json file for compute instances. These instances are a part of an elasticsearch cluster. The google cloud admin creates the service account. The service account is used by the Terraform to provision the compute instances as shown in https://www.terraform.io/docs/providers/google/r/compute_instance.html. The developers want a copy of the service account 's json file so that they can develop & test with the elasticsearch cluster. The google cloud admin creates the plain text service json file, where and how to store it safely and securely? Storing on admin's laptop is not 100% safe and secur

0.1. References
0.2. Other cheatsheets
0.3. Manage multiple gcloud config configurations
- 0.3.1. Switch gcloud context with gcloud config
0.4. Credentials
0.5. info
0.6. projects
0.7. zones & regions
0.8. Organization
0.9. billing

	#!/bin/bash

	SRC_DIR=$HOME/Desktop
	DEST_DIR=$HOME/man

	mkdir -p $DEST_DIR
	for mdfile in ${SRC_DIR}/*.md
	do
	filename=${mdfile##*/}
	basename=${filename%.md}

	package main

	import (
	"bytes"
	"encoding/json"
	"fmt"
	"io/ioutil"
	"os"

	flatten "github.com/jeremywohl/flatten"

	#! /usr/bin/env bash
	set -u

	# constants
	PROJECT=$(gcloud info --format='value(config.project)')
	LOCKS_BUCKET=$PROJECT-db2-locks
	# how long do we wait for lock or condition
	SLEEP=5

	# Check if a lock file exists

	MAKESELFPATH=/opt/makeself

	PAYLOADFOLDER=$(readlink -e $1)
	OUTPUTFILENAME=$(pwd)/$2
	LABEL=$3
	INSTALLER=$(readlink -e $4)

	cd $MAKESELFPATH
	echo "Executing: sh makeself.sh $PAYLOADFOLDER $OUTPUTFILENAME $LABEL $INSTALLER"
	sh makeself.sh $PAYLOADFOLDER $OUTPUTFILENAME $LABEL $INSTALLER

	#!/bin/bash
	## Please set run-list and env-name as instance attributes.

	### Installs chef, kicks off initial chef run using passed runlist.
	CHEF_VERSION="12.21.31"
	RUN_LIST=$(curl "http://metadata.google.internal/computeMetadata/v1/instance/attributes/run-list" -H "Metadata-Flavor: Google")
	ENV_NAME=$(curl "http://metadata.google.internal/computeMetadata/v1/instance/attributes/env-name" -H "Metadata-Flavor: Google")
	CHEF_USER=terraformci
	CHEF_SERVER_URL="https://chef-server:443/organizations/org/"
	NODE_NAME=$(curl "http://metadata.google.internal/computeMetadata/v1/instance/name" -H "Metadata-Flavor: Google")