Last active
October 26, 2020 08:38
-
-
Save Rand0mB0t/1baceae3c41fa66b6b9e1436e98c51ab to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Started for Container Registry [milestone 1] | |
https://cloud.google.com/container-registry/docs/container-analysis-audit-logging | |
Exporting logs - https://cloud.google.com/logging/docs/export | |
Excluding logs - https://cloud.google.com/logging/docs/exclusions | |
Binary authorization - https://cloud.google.com/solutions/secure-software-supply-chains-on-google-kubernetes-engine | |
More Binary authorization - https://cloud.google.com/binary-authorization/docs/key-concepts | |
Started for Cloud Build [milestone 2] | |
Cloud build overview - https://cloud.google.com/cloud-build/docs/overview | |
Building artifacts - https://cloud.google.com/cloud-build/docs/building/build-java | |
Using secret on build - https://cloud.google.com/cloud-build/docs/securing-builds/use-encrypted-secrets-credentials#example_build_request_using_an_encrypted_variable | |
Use Secret Manager rather than Cloud KMS for cloud build | |
IAM for build - https://cloud.google.com/cloud-build/docs/securing-builds/configure-access-for-project-members | |
CMEK compliance in build - https://cloud.google.com/cloud-build/docs/securing-builds/cmek | |
Started for Kubernetes [milestone 3] | |
All concepts of GKE - https://cloud.google.com/kubernetes-engine/docs/concepts | |
If you have qwiklabs account then you can brush up kubernetes from - https://googlecourses.qwiklabs.com/course_templates/2 | |
Go through the concepts and different types of deployable unit in GKE and get your mind around what, why and how of containers, | |
dockers, pods, services, secrets, configmap. And What is a Daemonset ? I dont want to scare you, but there is a lot to cover in GKE. | |
Once you get your head around it, you would have your baseline knowledge about GKE and then you can explore different scenario based solutions around GKE. | |
My knowledge around cryptography is very limited, so you may see some links which are just for people who are starting to | |
explore cryptography just like me, others can skip these links. | |
secret usage - https://cloud.google.com/kubernetes-engine/docs/how-to/encrypting-secrets | |
Key rotation[cryptography specific] - https://cloud.google.com/kms/docs/key-rotation | |
Envelope encryption[cryptography] - https://cloud.google.com/kms/docs/envelope-encryption | |
GKE Pod Networking - https://youtu.be/mTWagH7kDsM | |
Started for Stackdriver Logging [milestone 4] | |
Go through all of the concepts - https://cloud.google.com/logging/docs/concepts | |
It is the best way to learn about any service, just go through the concepts and you will have a high level understanding of what it is. | |
And you can pretty much understand easily how it is used.And also you'll understand any how-to-guides easily. | |
vpc flow logs - https://cloud.google.com/vpc/docs/using-flow-logs | |
.. | |
.. missing links for dashboard and all, got carried away while reading forget to add links, will do later. | |
.. | |
Started for Stackdriver Debugger [milestone 5] | |
Setting up the debugger - https://cloud.google.com/debugger/docs/setup | |
Logpoint - https://cloud.google.com/debugger/docs/using/logpoints | |
Snapshot - https://cloud.google.com/debugger/docs/using/snapshots | |
logs panel - https://cloud.google.com/debugger/docs/using/logs-panel | |
cluod trace - https://cloud.google.com/trace/docs/overview | |
Setting up trace - https://cloud.google.com/trace/docs/setup | |
cloud profiling - https://cloud.google.com/profiler/docs/concepts-profiling | |
complete the codelab - https://codelabs.developers.google.com/codelabs/cloud-profiler#0 | |
Started for Spinnakerdeployment strategies and SRE [milestone6] | |
concepts and deployment strategy - https://spinnaker.io/concepts/ | |
SRE overview playlist - https://www.youtube.com/watch?v=uTEL8Ff1Zvk&list=PLIivdWyY5sqJrKl7D2u-gmis8h9K66qoj | |
NOTES / USEFUL LINKS | |
Compute options - https://www.youtube.com/watch?v=Ajhe82IL1b8&ab_channel=Qwiklabs-Courses | |
Binary Authorization - https://cloud.google.com/solutions/binary-auth-with-cloud-build-and-gke | |
CD Pipeline usecase - https://cloud.google.com/kubernetes-engine#section-7 | |
Qwiklab-helper-lab - https://google.qwiklabs.com/focuses/1104?parent=catalog | |
Qwiklab-challenge-lab - https://google.qwiklabs.com/focuses/10457?parent=catalog | |
Good to know for graph reading Flame graph - https://cloud.google.com/profiler/docs/concepts-flame | |
Complete this quest for all things stackdriver/operations - https://www.qwiklabs.com/quests/35?catalog_rank=%7B%22rank%22%3A2%2C%22num_filters%22%3A0%2C%22has_search%22%3Atrue%7D&search_id=4476323 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Container Registry | |
- immutable artifacts | |
- Artifact repository | |
- binary authorization | |
- IAM policy per environemnt ( have an overview of this ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cloud build | |
- Deployment to different services ( App Engine, GKE, Function, clour Run, Firebase) | |
- configuration | |
- pipeline triggers | |
- cloud build github app | |
- Cloud source Repos | |
- Cloud Pub/Sub |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Spinnaker | |
- Deployment strategies ( this is like canary, Blue/green and so on ) | |
- Testing new version | |
- configuration | |
Kubernetes | |
- configuration | |
- secret storage method | |
- secret rotaion and config changes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Stackdriver logging | |
- log-based metric | |
- Enabling Vpc flow logs, cloud audit logs | |
- exporting logs to may be bigquery, gcs( project levl/ org level ) | |
- logs from compute engine, GKE | |
- third party logs | |
- application logs to stackdriver api directly | |
- basic and advance logging filters | |
- logging exclusion | |
- IAM | |
- restrict access to audit logs | |
- restrict export configuration |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Stackdriver Tracer/profiler | |
- Check performance | |
- What will be the impact to the user | |
- Be able to analyse answer what can be imporved | |
Stackdriver Debugger | |
- debug the app engine code | |
- debugger snapshots | |
- debugger Logpoints |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Deployment Strategies | |
- Canary deployment | |
- B/G deployment [promoting from staging to production] | |
Review SRE practice | |
- SLI | |
- SLO | |
- SLA | |
- Error Budget | |
- Incident | |
- Incident management | |
- Postmortem | |
Make sure you know all the services of Stackdriver (cloud Operations), | |
Log Based metrics and integration with Fluentd. | |
Understand advanced logs filtering. Review some examples of advance log filters |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment