Quickhits Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

APIs enabled by default (14 of them)

A

BigQuery APIBigQuery Storage APICloud Datastore APICloud Debugger APICloud Logging APICloud Monitoring APICloud SQLCloud StorageCloud Storage APICloud Trace APIGoogle Cloud APIsGoogle Cloud Storage JSON APIService Management APIService Usage API

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Dataproc and Dataflow

A

Cloud Dataflow uses the Apache Beam framework and can process streamed data. Cloud Dataproc is for Spark/Hadoop and doesn’t handle streamed data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

get information about a GKE cluster

A

kubectl get deployment [Deployment Name] -o yaml

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What do you use when dealing with stack traces

A

Stackdriver Error Reporting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Should you log to stdout and stderr on GCE for Stackdriver

A

No it is not the recommended way, write to a log file instead and configure Stackdriver to use that.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What role allows modification of an App engine cookie time

A

App Engine Admin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the maximum size of an object in GCS

A

5 TiB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What the limit to the size of object names.

A

This limit is 1024 bytes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Maximum payload size for a GCS JSON API call

A

10MB.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the bandwidth limits for GCS

A

200 Gbps for each region from Cloud Storage to Google services. 50 Gbps per-project, per-region default bandwidth quota for Google services accessing a bucketEgress to Cloud CDN is exempt from these quotas.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

GCS Minimum storage duration

A

Standard Storage : NoneNearline Storage : 30 daysColdline Storage : 90 daysArchive Storage : 365 days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

GCS Retrieval Fees

A

Standard Storage : $0 per GBNearline Storage : $0.01 per GBColdline Storage : $0.02 per GBArchive Storage : $0.05 per GBAbout Doubles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Sample Storage Fees (differs by region)

A

Standard Storage: $0.023Nearline Storage: $0.013 1/2 standardColdline Storage: $0.006 .05 of NearlineArchive Storage: $0.0025 .05 of Archive

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

If you want to use JSON to send structure logging to Cloud Logging from the command line, what must you do

A

Pass –payload-type=json

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How do you list the name of the currently active account

A

gcloud auth lists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How do you linke a project to a billing account?

A

gcloud beta billing links a project to a billing account, in GUI it is automatic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

How are credentials pass to Cloud Functions

A

As Environment Variables - i.e. key value pairs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the minimum number of service accounts an instance needs

A

The default instance account can be removed from an instance leaving none

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What was Cloud Logging previous known by?

A

previously Stackdriver Logs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What email address is used for the default App Engine service

A

PROJECT_ID@appspot.gserviceaccount.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How many keys can you configure for a service account?

A

You may generate a small number of keys per service account to facilitate key rotation. Primarily used for outside services and so that you can rotate to new keys. 10 is the max.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How do you enable to Compute API

A

Via the command line but a quicker way is to navigate to the Compute Engine of the console which automatically enables the GCE API.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

How do you configure authentication for using Cloud Shell

A

You do not have to configure authentication to be able to use Cloud Shell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How does the “Defaults” project affect API inheritance

A

‘There is no such thing as a “defaults” project

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What does “Metadata-Flavor: Google” do

A

This header indicates that the request was sent with the intention of retrieving METADATE VALUES, rather than unintentionally from an insecure source, and lets the metadata server return the data you requested.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What does legacyBucketWriter do

A

Grants permission to create, replace, list and delete objects

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is the command for generating a Kubernetes Secret from a file of key value pairs

A

kubectl create secret generic –from-file=.env.staging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is Data Studio

A

Visualize your data through highly configurable charts and tables.Easily connect to a variety of data sources.Tell your data story with charts, including line, bar, and pie charts, geo maps, area and bubble graphs, paginated data tables, pivot tables, and more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is a limitation of roles/compute.storageAdmin

A

Grants permissions to create, modify, and delete disks, images, and snapshots, but not view the contents of Storage Buckets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What does the following dokubectl diff -f ./my-manifest.yaml

A

Compares the current state of a cluster with the contents of the manifest file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Can you expand a IP-Subnet in GCP?

A

Yes you can, provided there aren’t conflicts. https://cloud.google.com/sdk/gcloud/reference/compute/networks/subnets/expand-ip-range

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is gvisor

A

gVisor is a userspace re-implementation of the Linux kernel API that does not need elevated privileges. In conjunction with a container runtime such as containerd , the userspace kernel re-implements the majority of system calls and services them on behalf of the host kernel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What does Datastore Emulator do and how do you install it

A

Provides local emulation of the production Datastore environment, installed by gcloud components install cloud-datastore-emulator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

How do you list the components available for installation in gcloud

A

gcloud components list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

How can you manage GKE locally

A

By installing kubectl locallygcloud components install kubectl

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What does roles/browser allow

A

To view the hierarchy of the GCP org structure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What does the following dokubectl config use-context

A

Allows you to access multiple clusters by using configuration files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What are some resource types that Deployment Manager can deploy

A

Compute EngineManaged InstancesGKEBigQueryCloud SQLAnd many more

39
Q

How do you deploy a docker files

A

Create Docker image from it, upload to Container Registry then deploy from kubectl using that

40
Q

What is Google Datastore

A

A time series NoSQL database

41
Q

What does gcloud iam roles listdo?

A

It lists the IAM roles available

42
Q

What do these roles doCompute AdminCompute Image UserCompute Instance AdminCompute OS Admin LoginCompute Storage AdminCompute Security Admin

A

Compute Admin - Full controlCompute Image User - Permission to list and read images without having other permissions on the image. Compute Instance Admin - Permissions to create, modify, and delete virtual machine instances. This includes permissions to create, modify, and delete disks, and also to configure Shielded VM settings. Compute OS Admin Login - Access to log in to a Compute Engine instance as an administrator user. Compute Storage Admin - Permissions to create, modify, and delete disks, images, and snapshots. Compute Security Admin - Permissions to create, modify, and delete firewall rules and SSL certificates, and also to configure Shielded VM settings.

43
Q

What is a Shielded VM

A

Shielded VMs are virtual machines (VMs) on Google Cloud hardened by a set of security controls that help defend against rootkits and bootkits.

44
Q

Does GCP allow migration of App Engine Standard apps to a new zone/region

A

No, it does not. Each Cloud project can contain only a single App Engine application, and once created you cannot change the location of your App Engine application.

45
Q

What does the following dogcloud iam roles describe

A

It list information about the role along with the included permissions

46
Q

What 3 IAM roles can run BigQuery queries?

A

roles/bigquery.adminroles/bigquery.jobUserroles/bigquery.user

47
Q

For compute engine, what is the combined total limit for all metadata entries?

A

512KB

48
Q

Are metadata entries case sensative?

A

Yes

49
Q

What are the size limits for metadata entries

A

metadata key - 128 bytesmetadata value - 256 KB

50
Q

For metadata fields, what are valid boolean values

A

TRUE Y, Yes, 1FALSE N, No, 0

51
Q

How do you delete a GAE

A

You don’t. The currently is no way to delete an existing app in GAE, or change its initial configuration, such as region. If such changes are needed you will have to spin up a new project.However you can disable the app by going top App Engine -> Settings -> Disable Application

52
Q

What are the 7 layers for the OSI TCP/IP model

A

1) Physical2) Data Link3) Network4) Transport5) Session6) Presentation7) Application

53
Q

Which App Engine flavor allows custom code

A

App Engine Flexible allows custom code and languages. Runs in a Docker Container

54
Q

What is Cloud Run

A

a managed compute platform that enables you to run containers that are invocable via requests or events.

55
Q

Does Cloud SQL support user defined functions

A

No, Cloud SQL does not support user defined functions but it does support user defined proceduresBigQuery does support user defined functions

56
Q

Does BigQuery support UDF (User Defined Functions)

A

Yes, BigQuery does support UDFs.

57
Q

What is Cloud Spanner

A

Spanner is a distributed, globally scalable SQL database service that decouples compute from storage,

58
Q

How do you calculate number of IPs from a CIDR

A

Starting at 32, which gives 1 IP, the number of IPs double as the number decreases.32 - 131 - 230 - 429 - 828 - 1627 - 32

59
Q

Can you set IAM permissions at the folder level in the organizational hierarchy?

A

Yes

60
Q

Where would you migrate a Apache HBase workload to.

A

Cloud Bigtable, NoSQL database

61
Q

BigtableBigQueryCloud Spanner

A

Cloud Bigtable. A fully managed, scalable NoSQL database BigQuery stores data using a columnar storage format that is optimized for analytical queries. (BI)Fully managed relational database with unlimited scale, strong consistency and up to 99.999% availability.

62
Q

Cloud Run

A

For running managed highly scalable containerized applications

63
Q

What would you use to migrate MySQL, PostgreSQL or SQL Server data bases to GCP

A

Database Migration Services

64
Q

What does Striim do?

A

A service that provides automated connectors to build data streams from multiple sources into backend databases.

65
Q

Datastream

A

a serverless change data capture (CDC) and replication service.Analogous to Apache Beam

66
Q

gcloud command to expand a subnets IP range

A

gcloud compute networks subnets expand-ip-range NAME –prefix-length=PREFIX_LENGTH

67
Q

BigQuery pricing

A

Analysis Pricing (data processing) and Storage pricing.Active storage $0.02 per GBLong-term storage $0.01 per GBQueries (on-demand)$5 per TBThe first 1 TB per month is free.Data IngestionBatch Loading Free using the shared slot pool.Streaming inserts (tabledata.insertAll) $0.01 per 200 MB. Individual rows are calculated using a 1 KB minimum size.BigQuery Storage Write API $0.025 per 1 GB The first 2 TB per month are free.Batch exports Free using the shared slot pool.Streaming reads (BigQuery Storage Read API) $1.1 per TB read 300 TB of data per month free

68
Q

How much is BigQuery fixed rate pricing?

A

$2500 per month, does not include storage

69
Q

What does a GKE DaemonSet, do.

A

A DaemonSet ensures that all (or some) Nodes run a copy of a Pod. As nodes are added to the cluster, Pods are added to them.

70
Q

What is GKE StatefulSet

A

StatefulSet is the workload API object used to manage stateful applications and provide storage persistence for your workload

71
Q

What is a GKE Ingress Object?

A

An API object that manages external access to the services in a cluster, typically HTTP. May provide load balancing, SSL termination and name-based virtual hosting.

72
Q

Whats the difference between GKE AutoPilot and GKE Standard

A

Autopilot: GKE provisions and manages the cluster’s underlying infrastructure, including nodes and node pools, giving you an optimized cluster with a hands-off experience.Standard: You manage the cluster’s underlying infrastructure, giving you node configuration flexibility.

73
Q

What are the 4 types of Cloud Storage Triggers

A

google.storage.object.finalize (default)google.storage.object.deletegoogle.storage.object.archivegoogle.storage.object.metadataUpdate

74
Q

How do you grant access to Pub/Sub

A

Pub/Sub uses Identity and Access Management (IAM) for access control.Grant access on a per-topic or per-subscription basis, rather than for the whole Cloud project.Grant access with limited capabilities, such as to only publish messages to a topic, or to only consume messages from a subscription, but not to delete the topic or subscription.Grant access to all Pub/Sub resources within a project to a group of developers.

75
Q

What is the gcloud command for creating a DB

A

gcloud sql instances create INSTANCE

76
Q

Does BigQuery Data Transfer Service for Cloud Storage support versioning

A

No, if you include a generation number in the Cloud Storage URI, then the load job fails.

77
Q

Is loading a compressed JSON file into BigQUery, faster or slower than loading an uncompressed file

A

It is slower, BigQuery cannot read compressed data in parallel.

78
Q

What is the format for data and timestamp fields when loading CSV and JSON files into BigQuery?

A

YYYY-MM-DD and hh:mm:ss

79
Q

What is the maximum gzip file size for loading into BigQuery?

A

4 GB.

80
Q

What are the 4 emulators available to Google Cloud SDK

A

BigTable, Datastore, Firestore, and Cloud Pub/SubExample commandsgcloud components install cloud-datastore-emulatorgcloud beta emulators datastore start [flags]

81
Q

What is Data Studio

A

Data Studio is a free tool that turns your data into informative, easy to read, easy to share, and fully customizable dashboards and reports. Use the drag and drop report editor

82
Q

Does a server behind a GFE HTTPS load balancer require a valid certificate

A

NoWhen a GFE connects to backends that are within Google Cloud, the GFE accepts any certificate your backends present. GFEs do not perform certificate validation. For example, the certificate is treated as valid even in the following circumstances:The certificate is self-signed.The certificate is signed by an unknown certificate authority (CA).The certificate has expired or is not yet valid.The CN and subjectAlternativeName attributes don’t match a Host header or DNS PTR record.

83
Q

Which Cloud Storage classes offer low latency

A

All storage classes offer low latency (time to first byte typically tens of milliseconds) and high durability.

84
Q

What are GKE Deployments

A

GKE Deployments are a declaration of what you want. Functionally, a Deployment uses ReplicaSets to make sure that the right configuration and number of pods are deployed to the cluster.

85
Q

What are the three deployment lifecycles

A

A Deployments lifecycle can be in one of three states: progressing, completed, or failed.

86
Q

Are predefined roles fine-grained?

A

Yes, predefined roles are fine-grained enough to set permissions for specific roles requiring sensitive data access.

87
Q

Which is faster, BigQuery or BigTable?

A

Bigtable because it provides high-speed reads and writes, accommodates a simple schema, and is cost-effective

88
Q

What is Cloud Foundation Toolkit (CFT)?

A

It provides a series of reference templates for Deployment Manager and Terraform which reflect Google Cloud best practices.

89
Q

What are the 3 ways to protect a budget and what are their uses

A

1) Set up budgets and alerts in your project.Will notify but not prevent excessive resource consumption.2) QuotasQuotas will prevent resource consumption from exceeding specified limits.3) Export the billing reports, and analyze them with BigQueryAllows for analyzing the root cause for going over the budget but will not prevent overspend.

90
Q

What is the maximum cache size for Apigee Edge

A

512KB

91
Q

What is the maximum cache size for Cloud CDN

A

5TB

92
Q

When would you use Identity-Aware Proxy (IAP)

A

Use IAP when you want to enforce access control policies for applications and resources. IAP works with signed headers or the App Engine standard environment Users API to secure your app.

93
Q

What benefits does Virtual Private Network Service Controls provide

A

1) Can create granular access control policies in Google Cloud based on attributes like user identity and IP address.2) Can define a security perimeter around Google Cloud resources such as Cloud Storage buckets, Bigtable instances, and BigQuery datasets to constrain data within a VPC and control the flow of data.3) Can enforce a security posture across numerous Google Cloud services and projects.

94
Q

How do you init a gcloud without it opening a web browser

A

Pass the –console-only flaggcloud init –console-only