SRE Projects

Question 1

What is MTU (3)

Answer 1

MEASUREMENT
In networking, maximum transmission unit (MTU) is a measurement representing the largest data packet that a network-connected device will accept. Imagine it as being like a height limit for freeway underpasses or tunnels: Cars and trucks that exceed the height limit cannot fit through, just as packets that exceed the MTU of a network cannot pass through that network.

FRAGMENTATION
However, unlike cars and trucks, data packets that exceed MTU are broken up into smaller pieces so that they can fit through. This process is called fragmentation. Fragmented packets are reassembled once they reach their destination.

BYTES
MTU is measured in bytes — a “byte” is equal to 8 bits of information, meaning 8 ones and zeroes. 1,500 bytes is the maximum MTU size.

Question 2

Define MSS (4)

Answer 2

Maximum segment size

MSS is used by TCP at layer 4 of the Internet, the transport layer, instead of layer 3. MSS is only concerned with the size of the payload within each packet. It is calculated by subtracting the length of TCP and IP headers from MTU.

While packets that exceed a router’s MTU are either fragmented or dropped, packets that exceed the MSS are always dropped.

Question 3

What is a GRE tunnel (2)

Answer 3

Generic Routing Encapsulation
Tunneling protocol that can encapsulate a wide variety of network layer protocols

Question 4

What is the difference between Apache Kafka and Confluent Kafka (3)

Answer 4

Apache Kafka is an open source message broker that provides high throughput, high availability, and low latency.

Apache Kafka can be used either on its own or with the additional technology from Confluent.
Confluent Kafka provides additional technologies that sit on top of Apache Kafka.

Confluent Kafka provides companies with a stream data platform to help harness their high volume real-time data streams.

Question 5

What is Helm? (1)

What do Helm charts do? (2)

Answer 5

Helm a package manager for Kubernetes…. that makes it easy to take applications and services that are either highly repeatable or used in multiple scenarios and deploy them to a typical K8s cluster

Helm Charts help you define, install, and upgrade even the most complex Kubernetes application.

Question 6

What is Kafka used for? (2)

Answer 6

Apache Kafka is a real-time data streaming technology capable of handling trillions of events per day.

Question 7

Define Kubernetes (1)
What is it used for (1)

Answer 7

Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management.

Question 8

What is GitLab? (3)

Answer 8

GitLab is a web-based Git repository that provides free open and private repositories, issue-following capabilities, and wikis.
It is a complete DevOps platform that enables professionals to perform all the tasks in a project—from project planning and source code management to monitoring and security.

Question 9

What is network encryption (2)

Answer 9

Network encryption is the security applied to an organization’s network to protect and control this data internally.

Network layer encryption involves encrypting data as it is sent from one node, and decrypting it on arrival at another.

Question 10

TLS (1)

Answer 10

Transport Layer Security (TLS) encrypts data sent over the Internet…
to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information such as passwords, credit card numbers, and personal correspondence.

Question 11

SSL Cert (1)
Bonus analogy (1)

Answer 11

An SSL certificate is a bit of code on your web server that provides security for online communications….

When a web browser contacts your secured website, the SSL certificate enables an encrypted connection.

Bonus - It’s kind of like sealing a letter in an envelope before sending it through the mail.

Question 12

SSL (3)

Answer 12

Secure Sockets Layer (SSL)

is a standard security technology for establishing an encrypted link between a server and a client—

typically a web server (website) and a browser, or a mail server and a mail client (e.g., Outlook).

Question 13

What is Vault?

How does it work?

Answer 13

It is a secrets management tool designed to control access to sensitive credentials

By encrypting each secret to help prevent unauthorized users from gaining access

They function mostly as an active storage container for secrets as well as an account management system for dealing with multiple privileged accounts across the company.

Question 14

Helm Chart auto-testing

Question 15

Traefik (2)

Answer 15

a modern HTTP reverse proxy and load balancer that makes deploying microservices easy

Question 16

Logs vs Metrics (2)

Answer 16

Logs are about a specific event
Metrics are a measurement at a point in time for the system

Question 17

MSS clamping

Answer 17

a feature that sets the maximum segment size used by a TCP session

Question 18

What 3 problem areas did Vault aim to solve?

Question 19

What is Rubocop?

Answer 19

Ruby code linting tool

Question 20

What is linting?

Answer 20

Process of running a program that will analyse code for potential errors

Question 21

What is a sub-processor in the context of GDPR?

Answer 21

a third party data processor engaged by a Data Processor who has or will have access to or process personal data from a Data Controller.

Question 22

What is a CRD?

Answer 22

Custom Resource Definitions - allows you to extend your clusters to a usable level.

Allows you to define a new type of resource that behaves like the built-in resources in Kubernetes.

Question 23

What is GitLab tagging?

Question 24

Define mTLS

Question 25

What is cert-manager?

Question 26

What is in our platform cluster?

Answer 26

DNS
Admin tooling and maintenance

Question 27

What is in our customer cluster?

Question 28

pgcat

Question 29

patroni

Question 30

pgbackrest