Google Cloud for DevOps Engineers

Google Cloud for DevOps Engineers

by Sandeep Madamanchi
Released July 2021
Publisher(s): Packt Publishing
ISBN: 9781839218019

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Explore site reliability engineering practices and learn key Google Cloud Platform (GCP) services such as CSR, Cloud Build, Container Registry, GKE, and Cloud Operations to implement DevOps

Key Features

  • Learn GCP services for version control, building code, creating artifacts, and deploying secured containerized applications
  • Explore Cloud Operations features such as Metrics Explorer, Logs Explorer, and debug logpoints
  • Prepare for the certification exam using practice questions and mock tests

Book Description

DevOps is a set of practices that help remove barriers between developers and system administrators, and is implemented by Google through site reliability engineering (SRE).

With the help of this book, you'll explore the evolution of DevOps and SRE, before delving into SRE technical practices such as SLA, SLO, SLI, and error budgets that are critical to building reliable software faster and balance new feature deployment with system reliability. You'll then explore SRE cultural practices such as incident management and being on-call, and learn the building blocks to form SRE teams. The second part of the book focuses on Google Cloud services to implement DevOps via continuous integration and continuous delivery (CI/CD). You'll learn how to add source code via Cloud Source Repositories, build code to create deployment artifacts via Cloud Build, and push it to Container Registry. Moving on, you'll understand the need for container orchestration via Kubernetes, comprehend Kubernetes essentials, apply via Google Kubernetes Engine (GKE), and secure the GKE cluster. Finally, you'll explore Cloud Operations to monitor, alert, debug, trace, and profile deployed applications.

By the end of this SRE book, you'll be well-versed with the key concepts necessary for gaining Professional Cloud DevOps Engineer certification with the help of mock tests.

What you will learn

  • Categorize user journeys and explore different ways to measure SLIs
  • Explore the four golden signals for monitoring a user-facing system
  • Understand psychological safety along with other SRE cultural practices
  • Create containers with build triggers and manual invocations
  • Delve into Kubernetes workloads and potential deployment strategies
  • Secure GKE clusters via private clusters, Binary Authorization, and shielded GKE nodes
  • Get to grips with monitoring, Metrics Explorer, uptime checks, and alerting
  • Discover how logs are ingested via the Cloud Logging API

Who this book is for

This book is for cloud system administrators and network engineers interested in resolving cloud-based operational issues. IT professionals looking to enhance their careers in administering Google Cloud services and users who want to learn about applying SRE principles and implementing DevOps in GCP will also benefit from this book. Basic knowledge of cloud computing, GCP services, and CI/CD and hands-on experience with Unix/Linux infrastructure is recommended. You'll also find this book useful if you're interested in achieving Professional Cloud DevOps Engineer certification.

Table of contents

  1. Google Cloud for DevOps Engineers
  2. Contributors
  3. About the author
  4. About the reviewers
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Download the color images
    6. Conventions used
    7. Get in touch
    8. Reviews
  6. Section 1: Site Reliability Engineering – A Prescriptive Way to Implement DevOps
  7. Chapter 1: DevOps, SRE, and Google Cloud Services for CI/CD
    1. Understanding DevOps, its evolution, and life cycle
      1. Revisiting DevOps evolution
      2. DevOps life cycle
      3. Key pillars of DevOps
    2. SRE's evolution; technical and cultural practices
      1. The evolution of SRE
      2. Understanding SRE
      3. SRE's approach toward DevOps' key pillars
      4. Introducing SRE's key concepts
      5. SRE's technical practices
      6. SRE's cultural practices
    3. Cloud-native approach to implementing DevOps using Google Cloud
      1. Focus on microservices
      2. Cloud-native development
      3. Continuous integration in GCP
      4. Continuous delivery/deployment in GCP
      5. Continuous monitoring/operations on GCP
      6. Bringing it all together – building blocks for a CI/CD pipeline in GCP
    4. Summary
    5. Points to remember
    6. Further reading
    7. Practice test
    8. Answers
  8. Chapter 2: SRE Technical Practices – Deep Dive
    1. Defining SLAs
      1. Key jargon
      2. Blueprint for a well-defined SLA
      3. SLIs drive SLOs, which inform SLAs
    2. Defining reliability expectations via SLOs
      1. SLOs drive business decisions
      2. Setting SLOs – the guidelines
    3. Exploring SLIs
      1. Categorizing user journeys
      2. SLI equation
      3. Sources to measure SLIs
      4. SLI best practices (Google-recommended)
    4. Understanding error budgets
      1. Error budget policy and the need for executive buy-in
      2. Making a service reliable
      3. Summarizing error budgets
    5. Eliminating toil through automation
    6. Illustrating the impact of SLAs, SLOs, and error budgets relative to SLI
      1. Scenario 1 – New service features introduced; features are reliable; SLO is met
      2. Scenario 2 – New features introduced; features are not reliable; SLO is not met
    7. Summary
    8. Points to remember
    9. Further reading
    10. Practice test
    11. Answers
  9. Chapter 3: Understanding Monitoring and Alerting to Target Reliability
    1. Understanding monitoring
      1. Monitoring as a feedback loop
      2. Monitoring misconceptions to avoid
      3. Monitoring sources
      4. Monitoring strategies
      5. Monitoring types
      6. The golden signals
    2. Alerting
      1. Alerting strategy – key attributes
      2. Alerting strategy – potential approaches
      3. Handling service with low traffic
      4. Steps to establish an SLO alerting policy
      5. Alerting system – desirable characteristics
    3. Time series
      1. Time series structure
      2. Time series cardinality
      3. Time series data – metric types
    4. Summary
    5. Points to remember
    6. Further reading
    7. Practice test
    8. Answers
  10. Chapter 4: Building SRE Teams and Applying Cultural Practices
    1. Building SRE teams
      1. Staffing SRE engineers (SREs)
      2. SRE team implementations – procedure and strategy
      3. SRE engagement model
    2. Incident management
      1. Incident life cycle
      2. Elements of effective incident management
    3. Being on call
      1. Paging versus non-paging events
      2. Single-site versus multi-site production teams
      3. Recommended practices while being on call
    4. Psychological safety
      1. Factors to overcome in order to foster psychological safety
    5. Sharing vision and knowledge and fostering collaboration
      1. Unified vision
      2. Communication and collaboration
    6. Summary
    7. Points to remember
    8. Further reading
    9. Practice test
    10. Answers
  11. Section 2: Google Cloud Services to Implement DevOps via CI/CD
  12. Chapter 5: Managing Source Code Using Cloud Source Repositories
    1. Technical requirements
    2. Introducing the key features
      1. Creating a repository via Google Cloud Console
      2. Creating a repository via the CLI
      3. Adding files to a repository in CSR
    3. One-way sync from GitHub/Bitbucket to CSR
    4. Common operations in CSR
      1. Browsing repositories
      2. Performing a universal code search
      3. Detecting security keys
      4. Assigning access controls
    5. Hands-on lab – integrating with Cloud Functions
      1. Adding code to an existing repository through the Cloud Shell Editor
      2. Pushing code from the Cloud Shell Editor (local repository) into CSR
      3. Creating a cloud function and deploying code from the repository in CSR
    6. Summary
    7. Further reading
    8. Practice test
    9. Answers
  13. Chapter 6: Building Code Using Cloud Build, and Pushing to Container Registry
    1. Technical requirements
    2. Key terminology (prerequisites)
    3. Understanding the need for automation
    4. Building and creating container images – Cloud Build
      1. Cloud Build essentials
      2. Building code using Cloud Build
      3. Storing and viewing build logs
      4. Managing access controls
      5. Cloud Build best practices – optimizing builds
    5. Managing build artifacts – Container Registry
      1. Container Registry – key concepts
    6. Hands-on lab – building, creating, pushing, and deploying a container to Cloud Run using Cloud Build triggers
      1. Creating an empty repository in Source Repositories
      2. Creating a Cloud Build trigger
      3. Adding code and pushing it to the master branch
      4. Code walk-through
      5. Viewing the results
    7. Summary
    8. Points to remember
    9. Further reading
    10. Practice test
    11. Answers
  14. Chapter 7: Understanding Kubernetes Essentials to Deploy Containerized Applications
    1. Technical requirements
    2. Kubernetes – a quick introduction
      1. Container orchestration
      2. Kubernetes features
    3. Kubernetes cluster anatomy
      1. Master components – Kubernetes control plane
      2. Node components
      3. Using kubectl
    4. Kubernetes objects
      1. Pod
      2. Deployment
      3. StatefulSets
      4. DaemonSets
      5. Service
    5. Scheduling and interacting with Pods
      1. Summarizing master plane interactions on Pod creation
      2. Critical factors to consider while scheduling Pods
    6. Kubernetes deployment strategies
      1. Recreate strategy
      2. Rolling update strategy
      3. Blue/Green strategy
      4. Canary deployment
    7. Summary
    8. Points to remember
    9. Further reading
    10. Practice test
    11. Answers
  15. Chapter 8: Understanding GKE Essentials to Deploy Containerized Applications
    1. Technical requirements
    2. Google Kubernetes Engine (GKE) – introduction
      1. Creating a GKE cluster
      2. GKE cluster – deploying and exposing an application
      3. GKE Console
    3. GKE – core features
      1. GKE node pools
      2. GKE cluster configuration
      3. AutoScaling in GKE
      4. Networking in GKE
      5. Storage options for GKE
      6. Cloud Operations for GKE
    4. GKE Autopilot – hands-on lab
    5. Summary
    6. Points to remember
    7. Further reading
    8. Practice test
    9. Answers
  16. Chapter 9: Securing the Cluster Using GKE Security Constructs
    1. Technical requirements
    2. Essential security patterns in Kubernetes
      1. Authentication
      2. Authorization
      3. Control plane security
      4. Pod security
    3. Hardening cluster security in GKE
      1. GKE private clusters
      2. Container-optimized OS
      3. Shielded GKE nodes
      4. Network Policies – restricting traffic among pods
      5. Workload Identity
    4. Points to remember
    5. Further reading
    6. Practice test
    7. Answers
  17. Chapter 10: Exploring GCP Cloud Operations
    1. Cloud Monitoring
      1. Workspaces
      2. Dashboards
      3. Metrics explorer
      4. Uptime checks
      5. Alerting
      6. Monitoring agent
      7. Cloud Monitoring access controls
    2. Cloud Logging
      1. Audit Logs
      2. Logs ingestion, routing, and exporting
      3. Summarizing log characteristics across log buckets
      4. Logs Explorer UI
      5. Logs-based metrics
      6. Network-based log types
      7. Logging agent
    3. Cloud Debugger
      1. Setting up Cloud Debugger
      2. Using Cloud Debugger
      3. Access control for Cloud Debugger
    4. Cloud Trace
      1. Trace Overview
      2. Trace List
      3. Analysis Reports
    5. Cloud Profiler
      1. Access control for Cloud Profiler
    6. Binding SRE and Cloud Operations
      1. SLO monitoring
      2. Hands-on lab – tracking service reliability using SLO monitoring
    7. Summary
    8. Points to remember
    9. Further reading
    10. Practice test
    11. Answers
  18. Appendix: Getting Ready for Professional Cloud DevOps Engineer Certification
    1. Cloud Deployment Manager
    2. Cloud Tasks
    3. Spinnaker
  19. Mock Exam 1
    1. Test Duration: 2 hours
    2. Total Number of Questions: 50
    3. Answers
  20. Mock Exam 2
    1. Test Duration: 2 hours
    2. Total Number of Questions: 50
    3. Answers
    4. Why subscribe?
  21. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Leave a review - let other readers know what you think

Product information

  • Title: Google Cloud for DevOps Engineers
  • Author(s): Sandeep Madamanchi
  • Release date: July 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781839218019