Reliable Cloud Infrastructure: Design and Process

Question 1

The course introduces design using a three-tier design model. The three tiers are:

Answer 1

Presentation layer, Business-logic layer, and Data layer.

Question 2

The design process includes which steps?

Answer 2

Begin simple and iterate. Plan for failure. Measure.

Question 3

What is it called when information must be preserved to perform a subsequent step?

Answer 3

Stateful. State information is stored.

Question 4

What is the focus of measurement?

Answer 4

Measure what the user cares about.

Question 5

How does a microservices design complicate business logic ?

Answer 5

Key business logic is implemented as cross-services communication.

Question 6

Which GCP platform services are identified as useful for the 12-factor principle of “store configuration information in the environment”?

Answer 6

Google Cloud Storage and the Metadata Server.

Question 7

What tradeoff occurs with the 12-factor principle of “store state information in the environment”?

Answer 7

Storing state information in the environment is slower than storing it locally on SSD.

Question 8

Which platform processing service is designed to offer the lowest IT overhead so you can focus on the application?

Answer 8

Google App Engine (GAE)

Question 9

What advice is given on horizontal scaling design?

Answer 9

Prefer small stateless servers. Keep servers simple; do one thing well.

Question 10

What does Data Integrity mean?

Answer 10

That users have access to their data and that the data persists without being corrupted or lost.

Question 11

What is the difference between a proxied and a pass-through load balancer?

Answer 11

A proxied load balancer terminates the incoming connection and initiates a separate connection, a pass-through redirects traffic without terminating it.

Question 12

Which form of load balancing enables you to load balance behind an IP address that is only accessible to instances within your Virtual Private Cloud (VPC)?

Answer 12

Internal load balancing.

Question 13

What is the service provided by a third party (such as an ISP) that enables you to connect another cloud directly to your Google cloud resources to create hybrid cloud solutions?

Answer 13

Dedicated interconnect.

Question 14

The design process includes which steps?

Answer 14

Begin simple and iterate. Plan for failure. Measure.

Question 15

What is it called when information must be preserved to perform a subsequent step?

Answer 15

Stateful. State information is stored.

Question 16

What is the focus of measurement?

Answer 16

Measure what the user cares about.

Question 17

What are the categories of requirements described in gathering requirements?

Answer 17

Quantitative, qualitative, scaling, and size.

Question 18

What does Data Integrity mean?

Answer 18

That users have access to their data and that the data persists without being corrupted or lost.

Question 19

What reason is given for the design advice to “design first and dimension later”?

Answer 19

Trying to optimize cost or optimize for size (dimension) before the design is fully developed can lead to confusion and ambiguities in the design process.

Question 20

What is the key advice presented about GCP deployment?

Answer 20

Automate everything you can – because launch and release automation has an influence over reliability.

Question 21

What is the difference between black box monitoring and white box monitoring?

Answer 21

In black box monitoring you can only monitor external observable events, whereas, in white box monitoring, you can also monitor the system’s internal events.

Question 22

From the bottom up, what are the first three layers in the Site Reliability Engineering pyramid?

Answer 22

Monitoring. Incident Response. Post Mortem / Root Cause Analysis.

Question 23

What are the steps in the capacity planning cycle?

Answer 23

Allocate. Approve. Deploy. Forecast.

Question 24

What are three methods for reducing the price of virtual machines (VMs) in GCP?

Answer 24

Sustained use discounts. Committed use discounts. Preemptible VMs.

Question 25

What does “pervasive defense in depth” mean?

Answer 25

Segregation of duties; Google handles some things, others are your responsibility.

Question 26

In most network devices such as a firewall, the network is subject to overload of the capacity of the interface. What is the overload capacity of a firewall in Google’s network?

Answer 26

The firewall is virtual, implemented through software defined networking, so there is no physical interface to be overloaded.

Question 27

Which edge features of Google’s networking provide automatic protections against Distributed Denial of Service attacks (DDoS) ?

Answer 27

TCP/SSL proxy, Global Load Balancing, and Cloud CDN.

Question 28

Which of the following describes Cross-project VPC network peering?

Answer 28

Projects are isolated in separate VPCs, but using network peering they can communicate over a private address space.

Question 29

When would you use CSEK (Customer Supplied Encryption Keys) ?

Answer 29

When you have a requirement to use your own AES-256 keys rather than those automatically generated by Google.

Question 30

What is the “principle of least privilege” as it relates to IAM Policies?

Answer 30

Grant roles at the smallest scope needed for the individual or service account to be functional with the services they require.

Question 31

What are the two main categories of failures described?

Answer 31

Failure due to loss of resources, and failure due to overload.

Question 32

To design to overcome a single point of failure, the N+2 strategy is recommended. What is N+2?

Answer 32

One alternative to ‘ N’ to handle an upgrade, and a second to handle a service outage.

Question 33

What is a correlated failure?

Answer 33

When a group of related items fail at the same time; the group is a failure domain.

Question 34

How can a design to improve reliability through failover create an opportunity for overload failure?

Answer 34

If growth occurs and the capacity is not increased to accommodate the new greater load during failover.

Question 35

What is a cascading failure?

Answer 35

When, due to an overload failure, the system seeks additional resources and spreads the overload until the system loses integrity.

Question 36

What is a fan-in or incast failure?

Answer 36

When many individual requests are responded to multiple times in error.

Question 37

What is it called when you are trying to make a system more reliable by adding retries and it creates the opportunity for an overload failure?

Answer 37

Positive feedback cycle overload failure.

Question 38

What is the recommended action to help cope with failure that involves Objectives and Indicators?

Answer 38

Incorporate failure planning including a margin of safety and scheduled downtime into the SLOs and SLIs.

Question 39

Why is DNS recommended for business continuity and disaster recovery?

Answer 39

Because you can use it to redirect client requests to an alternate backup service by changing the DNS definition.

Question 40

What is a lazy deletion strategy?

Answer 40

When a client deletes an object, it is not annihilated immediately, but concealed and preserved for a period. There may be multiple tiers in the deletion strategy that permit different kinds of recovery of the object.

Question 41

What is a key technology for scalable and resilient design that enables both scaling of capacity and redirecting traffic to alternate resources in the event of a failure?

Answer 41

Load balancing.