google_cloud_ace_topics_20221211172730 Flashcards

Question 1

Q

3 types of Storage Systems

Answer

A

Cache, Persistent, Object

Question 2

Q

Example of cache in GC

Answer

A

Memory Store - managed Redis service

Question 3

Q

1 benefit of cache

Answer

A

low latency - sub-millisecond access

Question 4

Q

3 problems of cache

Answer

A

volatile - lost when machine shuts down2. more expensive than SSD or HDD3. can get out of sync with the system of truth (persistent storage)

Question 5

Q

Cache - quick definition

Answer

A

in memory data store

Question 6

Q

Persistent Storage - quick definition

Answer

A

durable block storage

Question 7

Q

Where can you use persistent storage?

Answer

A

Can be attached to VMs in Compute Engine and Kubernetes Engine.

Question 8

Q

Where is persistent storage located?

Answer

A

On the network. They are not attached to the physical servers hosting your VM. They exist independently of VMs.

Question 9

Q

Can a VM have locally attached persistent storage?

Answer

A

Yes. VM can have local SSD, but it is volatile.

Question 10

Q

Types of persistent storage

Answer

A

SSD and HDD

Question 11

Q

Differences between SSD and HDD

Answer

A

HDD have higher latency, but lower cost.Network attached SSD are 40/20 times faster (R/W) than HDD. Locally attached SSD are 200/150 times faster.

Question 12

Q

Max size of SSD/HDD

Question 13

Q

4 facts of persistent storage

Answer

A

can create file systems on them2. data is automatically encrypted3. size can be increased while mounted to VM4. can be mounted in read-only mode on multiple VMs at once

Question 14

Q

Is persistent storage zonal or regional?

Answer

A

Both. Regional replicates data across different zones, but is more expensive than purely zonal storage.

Question 15

Q

What is Object Storage good for?

Answer

A

large volumes of data that is shared widely

Question 16

Q

3 storage data models

Answer

A

object2. relational3. NoSQL

Question 17

Q

GC app example of object model storage

Answer

A

Cloud Store

Question 18

Q

How are object model objects stored?

Answer

A

Atomically. Cannot read parts of an object. Must copy to server, make changes and then copy object back to object storage system. Used when you don’t need fine-grained access to data within the object while it is in the object store

Question 19

Q

3 GC app examples of Relational model storage

Answer

A

Cloud SQL2. Cloud Spanner3. Big Query

Question 20

Q

3 facts of Relational model storage

Answer

A

supports frequent queries and updates to data2. allows for consistent view of data3. supports database transactions (Cloud SQL and Cloud Spanner)

Question 21

Q

3 GC app examples of NoSQL model storage

Answer

A

Cloud Datastore2. Cloud Firestore3. Bigtable

Question 22

Q

Benefits/Limitations of 3 types of Storage systems.

Answer

A

cache is fastest but most expensive and volatile.2. persistent is used for things that need block storage. SSD are faster but more expensive.3. object storage used for large volumes of data for long periods of time.

Question 23

Q

5 things to consider when planning object storage

Answer

A

frequency of read/write2. consistency3. transaction support4. cost5. latency

Question 24

Q

Planning storage - frequency of read/writeBest for structured data that is frequently accessed

Answer

A

Cloud SQL

Question 25

Q

Planning storage - frequency of read/writeBest for global database that supports relational read/writes

Answer

A

Cloud Spanner

Question 26

Q

Planning storage - frequency of read/writeBest for writing data at high rates and in large volumes

Question 27

Q

Planning storage - frequency of read/writeBest for writing files and downloading them in their entirety

Answer

A

Cloud Store

Question 28

Q

Planning Storage - ConsistencyStrongest consistency (2)

Answer

A

Cloud SQLCloud Spanner

Question 29

Q

Planning Storage - ConsistencyGood for unstructured data

Answer

A

Datastore

Question 30

Q

Planning Storage - Transaction Support3 apps that support transactions

Answer

A

Cloud SQLCloud SpannerDatastore

Question 31

Q

Planning Storage - LatencyFastest

Question 32

Q

Planning Storage - LatencyGlobally consistent and scalable

Answer

A

Cloud Spanner

Question 33

Q

Cloud Functions - Definition

Answer

A

Serverless computing platform designed to run single-purpose pieces of code in response to events in GCP environments (PaaS)

Question 34

Q

How are Cloud Functions managed? (3 key points)

Answer

A

functions execute in a secure isolated environment2. since they each run in a separate instance, they don’t share memory, so they need to be stateless3. multiple instances may be running at once.

Question 35

Q

How long can a Cloud Function run?

Answer

A

default timeout is 1 min, but can be configured up to 9 min

Question 36

Q

What languages do Cloud Functions support?

Answer

A

Node.js 8Node.js 10Python 3.7Go 1.1

Question 37

Q

Cloud Functions - key points (3)

Answer

A

managed independently from other services2. short running code3. fully managed - serverless

Question 38

Q

How do cloud functions work?

Answer

A

Events have triggers which executes a function in response to the event.

Question 39

Q

Examples of Cloud Function events (5)

Answer

A

HTTP Request2. Cloud Storage event - adding, deleting, etc… a file3. Cloud Pub/Sub event - publishing a message4. Firebase - database trigger5. Stackdriver logging

Question 40

Q

Cloud Function functions - key points (3)

Answer

A

run in a separate instance every time they are invoked2. no way to share data without using external service3. the function is passed arguments about the event

Question 41

Q

Cloud Functions use case examples (4)

Answer

A

webhooks - respond to an http request2. image processing - validate or transform images3. mobile back end - react to storage, authentication or data event4. IOT - react to pub/sub from devices

Question 42

Q

What needs to be filled in when creating a cloud function via the cloud console?

Answer

A

name2. memory allocation - 128MB to 2GB3. trigger4. event type - depends on trigger5. source of function code - editor , zip file , upload, etc…6. runtime - node, python or go

Question 43

Q

Create cloud function via shell - main command

Answer

A

gcloud functions deploy [NAME]

Question 44

Q

Cloud function shell parameters (3)

Answer

A

–trigger-resource or –trigger-topic–trigger-event

Question 45

Q

Command to delete a cloud function via shell?

Answer

A

gcloud functions delete [NAME]

Question 46

Q

BigQuery description

Answer

A

petabyte scale analytics database service for data warehousing

Question 47

Q

BigQuery key points (9)

Answer

A

serverless2. uses standard sql queries3. near real-time interactive analysis of massive data sets4. can access info stored in Cloud Storage, Cloud SQL, Bigtable and Google Drive5. Storage and computing are handled and billed separately6. Automatic data replication7. Can modify data with DLL8. Can query public or commercial data sets.9. High availability

Question 48

Q

What are 3 BigQuery use cases?

Answer

A

Real-time Inventory2. Predictive Marketing3. Analytical Events

Question 49

Q

What Google apps can BigQuery access?

Answer

A

Cloud Storage2. Cloud SQL3. Cloud Bigtable4. Google Drive

Question 50

Q

How do you estimate the cost of a BigQuery query via shell?

Answer

A

You run the query with a flag of –dry_run setbq –location=[LOCATION] query –use_legacy_sql=false –dry_run [SQL QUERY]

Question 51

Q

What are jobs in BigQuery?

Answer

A

Processes used to load, export copy and query data. Jobs are automatically started when you start one of these processes.

Question 52

Q

How do you view the status of a BigQuery job? (Shell and console)

Answer

A

Console - click job history from BQ consoleShell - bq –location=[LOCATION] show -j [JOB ID]

Question 53

Q

How do you export BQ data from the console?

Answer

A

go to BigQuery -> Resources, open the dataset containing the table to be exported and select the table. Export options are on upper right

Question 54

Q

Where can you export BQ data to?

Answer

A

Cloud Storage or Data Studio (a GCP analysis tool)

Question 55

Q

How do you import BQ data via console?

Answer

A

go to BiqQuery -> Resources and select a dataset to import into. Click create table tab. Select a source, file format (if source is not empty table)table type (external or native - if external, data is kept in source location and only metdata about the table is stored in BigQuerytable name

Question 56

Q

What file formats can you import data from in BigQuery?

Answer

A

CSVJSONAvroParquetPRCCloud Datastore Backup

Question 57

Q

How do you export BigQuery data from the command line?

Answer

A

bq extract –destination_format [FORMAT] –compression [COMPRESSION] –field_delimiter [DELIMITER] –print_header {BOOLEAN] [PROJECT ID]:[DATASET].[TABLE] gs://[BUCKET]/FILENAME

Question 58

Q

How do you import data into BigQuery from the command line?

Answer

A

bq load –autodetect –source_format=[FORMAT[ [DATASET].[TABLE] [PATH to SOURCE]

Question 59

Q

Cloud Dataflow description

Answer

A

Fully managed service for creating data (batch and stream) processing pipelines where data is collected, transformed and then output

Question 60

Q

What are the key features of Cloud Dataflow? (7)

Answer

A

Based on Apache Beam2. Process data on multiple machines in parallel.3. Handles streaming data like Cloud Pub/Sub4. Handles batch or archived data like Cloud BigQuery5. Serverless6. Templates for ease of replication7. Best choice if not using Apache Hadoop or Spark

Question 61

Q

Where does Cloud Dataflow deliver its output?

Answer

A

BigQuery, Cloud Machine Learning, Cloud Bigtable

Question 62

Q

3 examples of Cloud Dataflow

Answer

A

Analytical dashboards2. Forecasting Sales Trends3. ETL

Question 63

Q

Cloud SQL definition

Answer

A

Managed database service that provides MySQL, PostgreSQL and SQL Server databases

Question 64

Q

Key points of CloudSQL (4)

Answer

A

Allows users to set up database without all the database administration tasks2. High Availability - manages replication and allows for automatic failover3. Suited for applications with consistent data structure (for databases that don’t need to scale horizontally)4.Scales vertically (by running on servers with more memory and CPUs)

Answer 62

A

MySQL 5.6/5.7 up to 416GB RAM and 30TB data storage2. PostgreSQL up to 416GB RAM and 64 CPUs and 30TB storage3. SQL Server 416 GB RAM 64 CPUs 30 TB storage

Answer 63

A

gcloud sql connect [INSTANCE NAME] -user=[USERNAME]

Answer 64

A

gcloud sql backups create –async –instance [INSTANCE NAME]

Answer 65

A

gcloud sql instances patch [INSTANCE NAME] -backup-start-top [HH:MM]

Answer 66

A

In a bucket in Cloud Store.

Answer 67

A

gcloud sql export [TYPE] {INSTANCE NAME] gs://[BUCKET]/[FILE NAME] –database=[DATABASE NAME]You need to make sure that the service account can write to the bucket.

Answer 68

A

gcloud sql import [TYPE] {INSTANCE NAME] gs://[BUCKET]/[FILE NAME] –database=[DATABASE NAME]

Answer 69

A

a petabyte-scale fully managed NoSQL database service

Answer 70

A

can manage billions of rows and thousands of columns - not all rows need to use all columns2. low-millisecond latency - can support millions of operations per second3. based on NoSQL wide-column data model, not document database4. Supports Hbase API for Hadoop5. Integrates with open source tools for data processing, graph analysis and time-series analysis6. runs in clusters and scales horizontally

Answer 71

A

applications with high data volume and high velocity ingest of data1. time series2. iot3. financial applications

Answer 72

A

There are no options via console or shell. You need to use a java application or use HBase interface to execute HBase commands

Answer 73

A

Globally distributed relational database

Answer 74

A

combines benefits of relational database with NoSQL database - strong consistency, transactions and horizontal scaling.2. High availability3. Enterprise-grade security with encryption at rest and in transit4. ANSI 2011 standard SQL5. Much more expensive than other databases6. Regional or multi-regional

Answer 75

A

when there are extremely large volumes of relational data or data that needs to be globally distributed while ensuring consistency and transaction integrity across all servers

Answer 76

A

Global supply chains.2. Financial services applications

Answer 77

A

The import/export will incur Cloud Dataflow charges.2. There may be additional charges if the region the job is run in does not overlap the region in which the instance resides. 3. You cannot import/export via shell

Answer 78

A

Highly-scalable NoSQL managed document database

Answer 79

A

Managed service - serverless2. Document database3. Accessed via REST API in Compute Engine, Kubernetes Engine or App Engine4. Automatically partitions data and scales up or down as needed5. Supports transactions, indexes and SQL-like queries (using GQL)

Answer 80

A

Applications that demand high scalability, structured data and don’t need strong consistency

Answer 81

A

Does not use relational model and does not require fixed structure or schema2. Data organized into documents3. Documents are made up of key-value pairs called entities4. Entities do not need to have the same set of properties5. Allows for a flexible schema6. Does not support relational operations like joining tables or computing aggregates7. Kind is analogous to a table name

Answer 82

A

Done via shell only and data is stored in a bucket in Cloud Storage

Answer 83

A

gcloud datastore export –namespaces=”(default)” gs://[BUCKET]1. it will create a folder using the date and time of the export2. the folder will contain a metadata file and a folder containing the exported data3. the metadata file is used when importing that data

Answer 84

A

datastore.database.export

Answer 85

A

in memory cache service (managed Redis Service)

Answer 86

A

Managed Redis service for caching frequently used data2. Sub-millisecond access3. Can be configured for high availability4. Can be used with Compute Engine, App Engine and Kubernetes Engine5. 1GB to 300 GB of memory

Answer 87

A

Managed NoSQL database service designed for highly scalable web and mobile apps.

Answer 88

A

Uses the document data model2. Designed for storing, synchronizing and querying data across distributed applications like mobile apps.3. Supports transactions and provides multi-regional replication

Answer 89

A

Shared file system for use with Compute Engine and Kubernetes Engine

Answer 90

A

Based on NFS2. Suitable for applications that require operating system-like file access3. exists independently of the VMs or applications that access those files4. can support a high number of IO operations per second5. variable storage capacity

Answer 91

A

It delivers defense at scale against infrastructure and application DDoS attacks.

Answer 92

A

allow or restrict access based on IP2. predefined rules to counter cross-site scripting attacks3. counter SQL injection4. restrict access based on geolocation of incoming traffic5. define rules at level 3 (network) and level 7 (application)

Answer 93

A

a Content Delivery Network - allows low latency response by caching content on a number of servers around the world.

Answer 94

A

a service for connecting existing networks to GCP

Answer 95

A

traffic between your on-premise network and your VPC doesn’t traverse the public internet2. two options dedicated and partnered3. standard Google VPN services can be used if you don’t mind using the public internet

Answer 96

A

Dedicated - direct accessa direct connection is maintained between an on-premise or hosted data center and a Google colocation facility2. Partnered - peereda third party network provider provides connectivity between company’s data center and google.

Answer 97

A

a command line interface for managing GCP resources.

Answer 98

A

Java, Python, Node.js, Ruby, Go, .NET and PHP

Answer 99

A

a distributed tracing system for collecting latency data from an application

Answer 100

A

shows where applications are spending their time (bottlenecks)2. traces are generated when Cloud Trace is called from an application3. you can create reports that filter trace data according to report criteria

Answer 101

A

provides status information on the services that are a part of GCP The dashboard lists services and uses icons to display their statuses

Answer 102

A

allows a developer with no experience to develop machine learning tools

Answer 103

A

for building and deploying scalable machine learning systems

Answer 104

A

for analyzing human language and extracting information from text

Answer 105

A

an image analysis platform

Answer 106

A

store info on how to pay for resources used.2. associated with one or more projects3. all projects must have a billing account associated with it.4. can have similar structure to resource hierarchy5. can be exported to BigQuery or Cloud Storage file (CSV or JSON)

Answer 107

A

self-service : paid by debit, credit or bank account automatically2. invoiced - invoices sent to customers

Answer 108

A

Billing Account Creator - can create new self-service billing accounts2. Billing Account Admin - manages billing accounts but cannot create them3. Billing Account User - allows user to link projects to a billing account4. Billing Account Viewer - view billing account cost and transactions

Answer 109

A

you can be sent a notice when a certain percentage of your budget has been spent in a month2. that amount can be a set amount or based on the previous month’s amount3. the three default percentages are 50%, 90% and 100%, but you can add more.4. alert will be sent via email, but can also be sent to Cloud Pub/Sub5. Since more than one project can be associated with a billing account, the alert amount needs to take into account the amount spent on all projects in the account

Answer 110

A

uses fixed size blocks (4kb and up)2. available on disks attached to a VM3. persistent - exists independently of VM4. ephemeral - exists only while VM is running5. faster than object storage6. used by File system and databases

Answer 111

A

allows exploration and preparation of data for analysus

Answer 112

A

start with a group to indicate a resource (e.g compute)2. followed by a subgroup to indicate what type of group resource you are working with (e.g instances)3. after a subgroup, usually a verb and then parametersgcloud compute instances create [instance name] –zone us-central1a

Answer 113

A

Organization2. Folder3. Project

Answer 114

A

it’s the root of the hierarchy2. typically responds to a company or organization3. to create you need to use G Suite or Cloud Identity4. a single Cloud Identity is associated with at most one organization5. when G Suite or Cloud Identity creates a billing account, GCP creates an organization resource

Answer 115

A

an organization contains folders2. a folder can contain projects or other folders3. folders typically built around services provided by projects and/or the company’s internal structure (departments)

Answer 116

A

projects are where we create resources and use GCP services2. anyone with the resourcemanager.projects.create IAM permission can create a project (this permission is given to everyone by default)3. organizations have a project quota which can be increased by contacting google

Answer 117

A

Stackdriver - collects metrics, logs and event data2. Monitoring - extends Stackdriver by collecting performance data from GCP and external services3. Logging - store, analyze and alert on log data from GCP and AWS4. Error Reporting - aggregates crash information in a centralized interface5. Trace - captures latency data6. Debugger - inspect the state of running code, inject commands, view stack variables7. Profiler - collect CPU and memory utilization

Answer 118

A

GCP can have internal and external addresses2. Your internal GCP network is defined as a VPC- internal addresses are only accessible from your VPC- external addresses are available from the internet3. External addresses can be assigned to a device for a long time (static) or only while the VM is running and released when the VM is stopped (ephemeral)

Answer 119

A

controls access to an organization’s resources2. lets you specify limits on the ways resources can be used3. defined in terms of constraints on a resource (boolean)- allow or deny a set of values- deny a value and its child values- allow all allowed values- deny all values4. can define policies with constraints and attach it to an object in the resource hierarchy5. policies are inherited and cannot be overwritten by objects lower in the hierarchy6. policies are managed through Organization Policies in IAM & admin7. multiple policies can be in effect for a folder or project

Answer 120

A

It means that the machine in question could be shut down at any time if the resources it is consuming are needed elsewhere. This is a much cheaper option.

Answer 121

A

A service account can be assigned to an application so that the application can run without giving users access to the underlying resources. (e.g giving the service account database access so that it can run queries for users without giving users access to the database)

Answer 122

A

Sometimes treated as a resource and sometimes treated as an identity.2. Two types, user manages and GCP managed3. Users can create up to 100 service accounts per project4. GCP automatically creates some service accounts when certain products are created5. service accounts can be managed as a group of accounts at the project level or at the individual account level

Answer 123

A

a Virtual Machine is an abstraction of a physical server which is essentially a program that emulates a physical server and provides CPU, memory storage and other services you would find on a typical physical server2. it is run within a security-hardened hypervisor-it runs on windows or linux- can run multiple OSes while keeping them isolated from each other.- each instance of a guest OS is a VM instance3. they are predefined or customizable

Answer 124

A

A fully managed cluster data processing service (Apache Spark and Apache Hadoop service)

Answer 125

A

Compatible with Apache Hadoop, Spark and Hive2. Runs in clusters3. Allows existing projects to be moved without redevelopment4. Fast cluster creation - can create workflow templates5. Can scale clusters without stopping Job6. Can switch to different versions7. Can handle streaming and batch data

Answer 126

A

If you have dependencies on Hadoop or Spark, or if you want more hands on management and control.

Answer 127

A

gcloud dataproc clusters create [CLUSTER NAME] –zone [ZONE]

Answer 128

A

gcloud dataproc jobs submit [TYPE] –cluster [CLUSTER NAME] –jar [JAR FILE]

Answer 129

A

Single - for development2. Standard - one master node3. High Availability - uses 3 master nodes

Answer 130

A

Spark2. PySparck3. SparkR4. Hive5. Spark SQL6. Pig7. Hadoop

Answer 131

A

You don’t. It’s a data analysis platform, not a database.You can import and export to save/restore the cluster configuration data.gcloud beta dataproc clusters export [CLUSTER NAME] – destination=[PATH TO EXPORT FILE]gcloud beta dataproc clusters import [SOURCE FILE]

Answer 132

A

A fully managed messaging middleware service

Answer 133

A

Allows messages between independent apps either within or outside of Google Cloud2. One to many, many to one, many to many3. Both push and pull messages.4. Messages are encrypted and HIPPA compliant5. Durable messaging - the messages will be kept as long as it is needed

Answer 134

A

Streaming data2. Event notifications3. Service to service communication to set up asynchronous workflows

Answer 135

A

The publisher sends a message.2. The message belongs to a topic.3. The topic has subscriptions attached to it.4. Subscribers can be subscribed to a particular subscription so that they will get the message.5. The subscriber sends an acknowledgement back to the subscription. 6. Pub/Sub will wait the period of time set in the acknowledgement Deadline parameter (10-600 seconds) or specified by the retention period (the length of time to keep an un-deliverable message). After this time, the message will be deleted

Answer 136

A

Push and Pull.Pull -an application reads messages for a given subscription topicPush - a subscription writes messages to an endpoint URL

Answer 137

A

gcloud pubsub topics create [TOPIC NAME]gcloud pubsub subscriptions create [SUBSCRIPTION NAME]

Answer 138

A

gcloud pubsub topics publish [TOPIC NAME] –message [MESSAGE]

Answer 139

A

gcloud pubsub subscriptions pull –auto-ack [SUBSCRIPTION NAME]

Answer 140

A

A software version of a physical network that links resources in a project

Answer 141

A

automatically created when a project is created.2. global - spans the globe without relying on the public internet3. secure - can be securely routed through Google global network3. backend services can access other Google services without creating a public IP4. can be linked to on-premise VPNs using IPSec5. can use firewalls 6. can use separate projects and billing accounts7. can contain subnets - subnets are regional, have range of private internal ips

Answer 142

A

can specify region2. can specify IP range3. can turn off Private Google access, allowing VMs on subnet to access Google services without assigning external IP to the VM4. can turn off logging of network traffic5. can set up firewall rules6. dynamic routing option - global or regional7. can set up DNS policy server that enables DNS name resolution by GCP or can customize

Answer 143

A

glcoud compute networks create [VPC NAME] –subnet-mode=[auto|custom]

Answer 144

A

gcloud beta compute network subnets create [SUBNET NAME] –network=[VPC NAME] –region=[REGION] –range=[RANGE] –enable-private-ip-google-access –enable-flow-logs

Answer 145

A

need to make sure you have the Shared VPC Admin role (compute.xpnAdmin)2. gcloud compute shared-vpc enable [HOST PROJECT ID]3. gcloud compute shared-vpc associated-projects add [SERVICE PROJECT ID] –host-project [HOST PROJECT ID]

Answer 146

A

Folder or organization.

Answer 147

A

allows inter-project traffic when an organization does not exist

Answer 148

A

gcloud compute networks peerings create [PEER NAME] –network [VPC 1 NAME] –peer-project [PROJECT 2 NAME] –peer-network [VPC 2 NAME] –auto-create-routesthen do the same but reverse project 1, vpc1 and vpc 2

Answer 149

A

They are defined at the network level and used to control flow of traffic to VMs. They allow or deny traffic on a port and are applied in one direction (incoming or outgoing)

Answer 150

A

direction - incoming or outgoing2. priority - highest rules are applied. lower priority rules that match are not applied. 0 to 65535. 0 is the highest3. action - allow or deny4. target - an instance to which the rules apply (all in a network, instances with particular network tag or instances using a specific service account)5. source/destination - source applies to IP ranges, network tags, service accounts or combination. destination only uses IP ranges6. Protocol and port (TCP, UDP, ICMP etc…)7. enforcement status - enabled or disabled

Answer 151

A

allows egress to all destinations2. denies all traffic from any sourceboth rules have priority 65535 so they can be overwritten

Answer 152

A

allows incoming traffic from any VM on same network2. allows incoming TCP on port 22 (for SSH)3. allows incoming TCP on port 3389 (allowing RDP)4. allow incoming ICMP from any source (Internet Control Message Protocol)all these have priority 65535

Answer 153

A

gcloud compute firewall-rules create many options

Answer 154

A

gcloud compute networks subnets expand-ip-range [SUBNET NAME] –prefix-length [NEW PREFIX LENGTH]You can only increase the number of addresses. The only was to decrease is to recreate the subnet.

Answer 155

A

Standard Tier uses internet for some transfer of data2. Premium Tier routes all traffic over Google’s global network (more expensive)

Answer 156

A

a central repository of applications and data sets that can be deployed to your GCP environment

Answer 157

A

Pricing (license type)1. free - linux and FreeBSD2. paid - windows and enterprise-supported linux - will be charged a fee based on usage3. byol - bring your own license - includes two supported linux systems, but you are responsible for acquiring the proper license

Answer 158

A

Can create your own deployment configuration file - written in YAML2. Configuration files have name, type and key value pairs to specify configuration parameters3. Can use deployment templates which are text files used to define resources, and you can import those resources into configuration files - templates written in Python or Jinja24. To deploy template from the command line : gcloud deployment-manager deployments create [DEPLOYMENT NAME] –config [CONFIG FILE NAME]5. To describe state of deployment : gcloud deployment-manager deployments describe [DEPLOYMENT NAME]

Answer 159

A

It is a means to distribute workloads across cloud infrastructure.

Answer 160

A

it distributes workloads across cloud infrastructure2. it adapts to failed or degraded servers3. autoscales resources to accommodate changes in workloads4. supports internal load balancing so IP addresses don’e need to be exposed5. can load balance HTTP, HTTPS, TCP/SSL and UDP

Answer 161

A

Global vs Regional2. External vs Internal3. Traffic Type

Answer 162

A

Global has 3 load balancers.1. HTTP(S) - balances HTTP and HTTPS2. SSL Proxy - terminates SSL/TLS connections3. TCP Proxy - terminates TCP sessions at the load balancer then forwards traffic to backend serversRegional1. Internal TCP/UDP - balances TCP/UDP traffic on private networks hosting internal VMs2. Network TCP/UDP - balances based on IP protocol, address and port, used for SSL and TCP traffic not supported by the SSL Proxy and TCP Proxy Load balancers

Answer 163

A

External distributes traffic from the internet while internal distributes traffic that originates within GCP. The Internal TCP/UDP load balancer is the only internal load balancer

Answer 164

A

gcloud compute forwarding-rules create [NAME] –port=[PORT] –target-pool [POOL]target pools are created via :gcloud compute target-pools add-instances [NAME] –instances [INSTANCE 1, INSTANCE 2…]

Answer 165

A

high availability, low latency service for mapping domain names to IP addresses

Answer 166

A

automatically scales2. provides private zones to use custom names for VMs3. NS and SOA records are added when a zone is created. NS -name server recordSOA -start of authority record4. You can add other records such as A and CNAME

Answer 167

A

public - accessible from internet, provide name servers that respond to queries from any source2. private - provide name services to your GCP resources, only respond to queries that originate from resources in the same project

Answer 168

A

gcloud beta dns manage-zones create [ZONE NAME] —dns-name=[DNS SUFFIX] –visibility=[private|public]

Answer 169

A

You start a transaction, add the record then execute the transactiongcloud dns record-sets transaction start –zone=[ZONE]gcloud dns record-sets transaction add [IP or NAME] –name=[NAME] -ttl=[TTL] –type=[TYPE] –zone=[ZONE]gcloud dns record-sets transaction execute –zone=[ZONE}

Answer 170

A

Identity and access management - allows fine-grained access control to cloud resources with users, roles and privileges

Answer 171

A

Primitive2. Predefined3. Custom

Answer 172

A

a role is a collection of permissions2. permissions cannot be assigned to users, only roles3. roles are assigned to users

Answer 173

A

Three types:1. viewer - read only2. editor - viewer plus can modify an entity3. owner - editor plus can manage roles and permissions on an entity and can set up billing for a project

Answer 174

A

they provide granular access to GCP resources2. they are specific to GCP products

Answer 175

A

1.Allow cloud admin to create and administer their own roles2. Created using permissions defined in IAM3. Some permissions are not available in custom roles

Answer 176

A

Assign least privilege - grant smallest set of permissions to allow someone to do their job2. Separation of duties - user would not be able to perform multiple sensitive operations that together could present a risk

Answer 177

A

gcloud projects get-iam-policy [PROJECT NAME]

Answer 178

A

gcloud iam roles describe [ROLE ID]

Answer 179

A

gcloud projects add-aim-policy-binding [RESOURCE NAME] –member user:[USER EMAIL] –role [ROLE ID]

Answer 180

A

gcloud iam roles create [ROLE ID] –project [PROJECT ID] –title [ROLE NAME] –description [ROLE DESCRIPTION] –permissions [PERMISSIONS LIST] –state [LAUNCH STATE]

Answer 181

A

An account used to provide identities independent of users. It can be granted roles and is assigned to a VM.

Answer 182

A

A permission granted to a VM to perform some operation.

Answer 183

A

Scopes authorize the access to API methods2. To configure access controls for a VM you will need to configure both IAM roles and scopes3. A scope is specified by a URL that starts with https://www.googleapis.com/auth and is followed by permission on a resource. For example: https://www.googleapis.com/auth/bigquery.insertdata4. An instance can only perform operations allowed by both IAM roles assigned to the service and scopes defined on the instance

Answer 184

A

gcloud compute instances set-service-account [INSTANCE NAME] [–service account [SERVICE_ACCOUNT_EMAIL] ] | [–noservice-account] [–no-scopes | –scopes [SCOPES,…]]

Answer 185

A

gcloud compute instances create [INSTANCE NAME] –service-account [SERVICE ACCOUNT EMAIL]

Answer 186

A

a unified object storage system

Answer 187

A

manages objects in terms of blobs2. objects are atomic3. objects are grouped into buckets that are individually addressable by URL4. serverless5. not limited by size of disks attached to server6. access can be controlled at object level7. does not support concurrency

Answer 188

A

storing large volumes of data that don’t require a consistent data structure

Answer 189

A

buckets share a global namespace, so they must be globally unique2. buckets are like directories - used to help organize objects into groups, but they do not have sub-directories3. when you create a bucket, you specify the location - objects may be stored in different regions for high availability4. 4 different storage classes5. buckets can be configured to retain versions- latest version is live version- when live version is deleted, it is archived instead6. provides lifecycle management policies

Answer 190

A

a way to mount a bucket as a file system on linux and mac - allows upload and download of files to/from buckets using system commands

Answer 191

A

Multi-regional2. Regional3. Nearline4. Coldline

Answer 192

A

data is replicated across multiple regions for high availability2. redundancy in the case of zone failures3. may reduce latency if users are spread out4. higher cost (~1.25x regional)5. it’s for frequently used data

Answer 193

A

for frequently used data2. storage is in one region

Answer 194

A

infrequently used data (< 1 per month)2. lower SLA 3. lower cost (~ half regional)4. retrieval charge per GB retrieved5. minimum 30 day storage duration

Answer 195

A

very infrequently used data (< 1 per year)2. lower SLA3. lowest cost (~ 1/3 regional)4. higher retrieval cost per GB (about 5x nearline)5. minimum 90 day storage duration

Answer 196

A

You can configure objects to be moved based on different criteria, like time1. move objects to lower cost storage class2. delete objects based on age, creation date, live state or current storage class3. can set up lifecycle policy after bucket creation

Answer 197

A

gsutil rewrite -s [STORAGE CLASS] gs://[PATH TO OBJECT}

Answer 198

A

gsutil mb gs://[BUCKET NAME]

Answer 199

A

gsutil cp [LOCAL OBJECT} gs://[DESTINATION BUCKET]

Answer 200

A

gsutil cp gs://[SOURCE BUCKET]/[SOURCE OBJECT] [DESTINATION DIR}

Answer 201

A

gsutil mv gs://[SOURCE BUCKET]/[SOURCE OBJECT] gs://[DEST BUCKET]/[DEST OBJECT]

Answer 202

A

It allows secure communication between Google network and your external network

Answer 203

A

Gateway2. Tunnels3. Routing

Answer 204

A

The GCP side of the VPN1. Network2. Region containing the network3. static IP

Answer 205

A

The other (non GCP) endpoint of the VPNSpecify shared secret

Answer 206

A

Dynamic - uses BGP to learn routes in your network2. Route Based - requires IP range of remote network3. Policy Based - require remote IP ranges, local sub-networks and local IP ranges

Answer 207

A

gcloud compute target-vpn-gateways creategcloud compute forwarding-rules creategcloud compute vpn-tunnels create

Answer 208

A

A set of services for monitoring, logging, tracing and debugging applications and resources.

Answer 209

A

works in hybrid environments -GCP, AWS and on-premise resources2. metrics are defined measurements on a resource collected at regular intervals - aggregate values such as min, max or average3. you create a policy to monitor a metric4. needs a workspace to store the data5. can receive reports by email6. agents send data from monitored resources to Stackdriver in streams7. serverless

Answer 210

A

average CPU utilization over last minute2. number of bytes written to a storage device over last minute.

Answer 211

A

A policy consists of conditions that determine when to issue an alert or notification. They include notification channels and optional documentation

Answer 212

A

anytime a value exceeds a threshold2. anytime a value exceeds a threshold for an extended period of time

Answer 213

A

Email2. Slack3. GCP4. PagerDuty5. HipChat6. Campfire

Answer 214

A

OpenCensus - higher level open source monitoring-focused API2. Stackdriver’s Monitoring API - lower level

Answer 215

A

30 days - need to export them to Cloud Storage, BigQuery, Cloud Pub/Sub or custom destination to keep them longer

Answer 216

A

Log sinks are the places that logs are moved to (exported to) in order to retain them for more than 30 days

Answer 217

A

Platform as a Service that provides a managed platform for running applications

Answer 218

A

Application2. Service3. Version4. Instance

Answer 219

A

A high level resource created in a project. Each project can have one App Engine Application.

Answer 220

A

The service is the code executed in the app. It is typically structured to perform a single function. Services are defined by their source code and their configuration.

Answer 221

A

The source code and configuration of a service constitutes a version of the app. A service can have multiple versions.

Answer 222

A

When a version executes, it creates an instance of the app.

Answer 223

A

Standard Environment2. Flexible Environment

Answer 224

A

runs application in a pre-configured language specific sandbox2. fastest spin up time and less expensive3. suited for apps written in one of the supported languages and you don’t need OS packages or other compiled software external to the app4. Two types: 1st generation and 2nd generation

Answer 225

A

Supports Python 2.7, PHP 5.5 or Go 1.92. only a select set of white-listed extensions and libraries are allowed3. restricted network access

Answer 226

A

java 8, Python 3.7, Php 7.2, Node.js 8 and Go 1.112. any language extenstion3. full network access4. can scale down to 0 instances if there is no load

Answer 227

A

based on Docker Containers2. users can customize runtime environments by configuring container3. native support for Java 8, Eclipse Jetty 9, Python 2.7, Python 3.6, Node.js, Ruby, PHP, .Net and Go4. good option when you can package applications and services into a small set of containers5. works well when you have 3rd party software or libraries that need to run along side application6. slower spin up time and more expensive.7. will scale down but will always have at least one instance running8. the health is monitored by Google9. can work with OS background processes and write to local disk

Answer 228

A

Through push queues, pull queues or cron jobs

Answer 229

A

gcloud app deploy [.yaml CONFIG FILE NAME]2. app.yaml is default, so no need to specify if that is the config file name3. must be run in directory containing .yaml file4. once deployed, output will provide url to view result of deployed service ([project name].appspot.com)

Answer 230

A

gcloud app versions stop [v1 v2…] pass in list of versions to stop

Answer 231

A

dynamic instances - based on load2. resident instances - running all the time

Answer 232

A

it is optimized for cost savings by shutting down unused resources2. uses two types of scaling - automatic and basic

Answer 233

A

Automatic Scaling2. Basic Scaling

Answer 234

A

Add automatic_scaling to .yaml file along with parameters:1. target_cpu_utilization - max cpu usage before additional instances are started2. target_throughput_utilization - (0.5 to 0.95)3. max_concurrent_requests default 10, max 804. max_instances5. min_instances6. max_pending_latency - max time a request waits in the queue to be processed.7. min_pending_latency

Answer 235

A

add basic_scaling to .yaml file followed by parameters:1. ide_timeout2. max_instances

Answer 236

A

Manual scaling. can add manual_scaling to .yaml file along with the parameter instances

Answer 237

A

IP address - client is always routed to the same version as long as their IP doesn’t change2. HTTP Cookie - preferred way to split. will send user to same version even if their IP changes3. Random - default - distributes workload evenly

Answer 238

A

gcloud app services set-traffic [SERVICE NAME] [SPLIT METHOD]–splits v1=.4, v2=.6 for a 40/60 split–migrate - indicates traffic should be migrated from previous version to new version–split-by - ip, random or cookie

Answer 239

A

IaaS which allows users to create VMs, attach to persistent storage and make use of ther GCP services

Answer 240

A

Scalable, high performance virtual machines that are completely customizable.- over 25 predefined machine types with various numbers of CPUs and memory- customize 1-64 CPUs with up to 6.5GB RAM per CPU

Answer 241

A

Images that contain an OS, libraries and other code.-Google provides Linux and Windows Server images-3rd party vendors provide other images-Can create custom image from boot disk or snapshot from an existing VM

Answer 242

A

Contained in a project and run in a zone and region- hardware costs and availability can differ between regions

Answer 243

A

remote standard persistent disks2. local solid state drives

Answer 244

A

short lived instances that can persist up to 24 hours2. low cost3. may not be available and can terminate at any time with 30 sec notice4. cannot migrate to a regular VM5. cannot be set to automatically restart6. good for apps that are fault tolerant and can withstand interruptions

Answer 245

A

completely customizable2. can be made preemptible3. can create instance groups4. can set up health checks5. can attach GPU for math intensive applications

Answer 246

A

It lets you manage multiple VMs as a single unit. 1. any gcloud command issued to the group is applied to all VMs in the group2. instance template is based of an instance and can be used to make identical instances3. all GCP load balancing requires use of an instance group

Answer 247

A

Unmanaged-collections of instances with different configurations- no auto-scaling- can’t use instance templatesManaged- collection of instances that are identical- automatically scale and load balance- instance that crashes can be automatically recreated- can be set up with instance template- zonal or regional

Answer 248

A

A health check contacts the server and waits for a response. When setting up a health check, you set the frequency, how long to wait for a response and what a given number of successes or failures means in terms of health

Answer 249

A

billed in 1 sec increments based on machine type2. discount for sustained usage3. charged for a minimum of 1 min4. preemptible can save up to 80%5. once the instance is stopped, you are not billed

Answer 250

A

not all zones/machine types have GPUs as an option2. can have 1, 2 or 4 GPUs attached to a machine3. cannot be attached to shared memory machines

Answer 251

A

A copy of a disk that is useful for backup.1. first snapshot contains full data - subsequent ones are incremental2. if application is buffered in memory, make sure to flush it before creating snapshot3. users must have Compute Storage Admin role to work with a snapshot

Answer 252

A

A copy of a disk that is in a suitable format for creating a VM1. can be made from a disk, snapshot, cloud storage file or another image.2. can delete or deprecate an image3. a family is a group of related images which are usually different versions of the same underlying image

Answer 253

A

gcloud compute instances create [instance name]Values from default project will be used if not specified

Answer 254

A

gcloud compute project-info describe

Answer 255

A

gcloud compute instances list

Answer 256

A

–boot-disk-size (10GB and 2TB)–boot-disk-type–labels–machine-type : type of machine to use, standard is n1-standard-1–preemptible–subnet [SUBNET NAME] : to create the vm in a particular VPC

Answer 257

A

gcloud compute machine-types list

Answer 258

A

Key values pairs that are stored in a metdata serer and can be queried by Compute Engine API. It’s useful if running startup or shutdown scripts and need to change behavior based on metadata values

Answer 259

A

preemptibility2. automatic restart - auto restart if machine shut down3. on host maintenance - allows instances to be migrated to other servers during maintenance

Answer 260

A

Shielded VM - configured to have additional security measures2. Secure Boot - only authenticated OS software can run on VM3. VTPM - Virtual Trusted Platform Module4. Integrity Monitoring - uses a known baseline of boot measurements to compare current boot measurement5. SSH keys - can block project wide SSH keys

Answer 261

A

Specify whether boot disk is deleted when instance is deleted.2. How encryption will be managed3. Add new disk setting name, type, r/w parameters, size, encryption

Answer 262

A

add network tags2. add another network interface to another network3. choose a VPC and select a subnet4. specify static IP or custom ephemeral address

Answer 263

A

It ensures that your VMs run on a server only with your other VMs

Answer 264

A

gcloud compute instance-templates create [template name]1. you can specify existing VMs as a source of the instance template2. it can contain instances zonally or regionally

Answer 265

A

It is GCP’s managed Kubernetes service.

Answer 266

A

can create and maintain clusters without having to manage the Kubernetes platform2. Kubernetes runs containers on a cluster of VMs3. Similar to instance groups except Kubernetes can run different images and it uses containers4. Allows the user to describe the compute, storage and memory resources needed to run their services5. In between App Engine and Compute Engine in terms of deployment speed and management requirements.6. Only supports Docker7. Automatic load balancing and scaling.8. Automatic software updates with no downtime9. Automatic health checks & logging (Stack Driver)10. All traffic orchestrated by the master Kubernetes controller

Answer 267

A

Highly-portable, light weight way of distributing and scaling apps and workloads without replicating the quest OS. It starts and stops more quickly and uses less resources (than a VM?)

Answer 268

A

A Kubernetes cluster consists of a cluster master and one or more nodes2. The cluster master can be replicated and distributed for high availability and fault tolerance3. The Cluster master manages services provided by Kubernetes.4. Nodes execute the workloads run on the cluster5. Specify machine type when creating a cluster. Some of the memory and CPU is reserved for Kubernetes, so not all is available for the node

Answer 269

A

Kubernetes API, controllers and schedulers2. All interaction with nodes goes through master3. Master issues commands that perform an action on a nodeUsers can issue commands via kubectl command

Answer 270

A

Nodes are VMs that run containers configured to run an application. 2. They are primarily controlled by cluster manager but some commands can be run manually.3. Nodes run an agent called kubelet which is a service that communicates with the cluster manager.4. The vm created runs specialized OS optimized to run containers

Answer 271

A

Pods2. Services3. Replica Set4. Deployment5. Stateful Sets6. Jobs

Answer 272

A

A pod is a single instance of a running process in a cluster1. They contain at least one container. usually one, but can run multiple2. Use shared networking and shared storage across containers - Each pod gets a unique IP and set of ports - Containers connect to a port - multiple containers within a pod connect to different ports and can talk via localhost3. A pod allows its containers to behave as if they were running on an isolated VM, sharing common storage, one IP and a set of ports. This allows deploying multiple instances of the same application or different instances of the same application on the same node without having to change their configuration4. the pod treats multiple containers as a single entity for management purposes5. They are usually created in group. 6. Pods support auto-scaling7. Ephemeral - they are expected to terminate8. A controller manages health monitoring and scaling

Answer 273

A

A service provides API end points with a stable IP address and allows applications to discover pods running a particular application. Services update when changes are made to a pod, in order to maintain an up to date list of pods running an application. Services that depend on pods should not be tightly coupled to particular pods.

Answer 274

A

Pods are ephemeral and their IP may change

Answer 275

A

A controller used by deployment to ensure the correct number of identical pods is running. If a pod is unhealthy, it will be terminated. If not enough pods are running, one will be created.

Answer 276

A

A deployment is set of identical pods that are created using a pod template. A pod template is a definition of how to run a pod. The description of how to define the pod is a pod specification. Kubernetes uses this definition to keep the pod in the state defined by the template (e.g add pods to ensure a minimum set in the template)

Answer 277

A

Progressing - in the process of performing a task2. Completed - roll out of containers is complete and all pods are running the latest version of containers3. Failed - deployment process encountered a problem it could not recover from

Answer 278

A

Most deployments are stateless. Stateful sets are like deployments, but a unique id is assigned to the pods. This allows Kubernetes to track which pod is used by which client, It is used when an application needs a unique network identifier or stable persistent storage

Answer 279

A

A job is an abstraction about a workload. Jobs create pods and run them until the application completes a workload. Job Specs are in a config file and include specs about the container to use and the command to run.

Answer 280

A

Good option for running applications that depend on multiple micro services2. Good choice for large scale applications that require high availability and high reliability

Answer 281

A

Provides load balancing across Compute Engine VMs that are deployed in a Kubernetes cluster2. Automatic scaling of nodes in the cluster3. Automatic upgrade of cluster software as needed4. Node monitoring and health repair5. Logging6. Support for node pools ( collections of nodes with the same configuration)7. Supports eviction policies which sets threshold for resources and shuts down pods when threshold is surpassed

Answer 282

A

KE is similar to running VMs, but rather than using hypervisor to separate the computing resources, a container manager is used. 2. No additional guest OSes run on top of the container manager3. Containers make use of host OS functionality4. OS and container manager ensure isolation between running containers

Answer 283

A

Create a cluster under KE -> Clusters : select zone/region/ machine template/ number node pools. KE runs a number of workloads to manage the cluster. You can view them in the workloads pagegcloud container clusters create [NAME] Parameters include project, zone, machine type, image disk type, disk size, number of nodesCommand to create a cluster can be very long. It’s better to select a template from the console and it will give you the necessary command

Answer 284

A

From Cluster page of KE, select Create a Deployment. Specify container image, environment variables, initial command, application name, labels, namespace and cluster to deploy to. Once deployed you can display the corresponding YAML specification of the deployment which can be saved and used to create deployments from the command line.kubectl run [DEPLOMENT NAME] –image=[DOCKER IMAGE NAME] –port=[PORT]

Brainscape's Knowledge GenomeTM

google_cloud_ace_topics_20221211172730 Flashcards

Brainscape's Knowledge Genome^TM