Google Cloud Certified Associate Cloud Engineer
This course is designed to not only help you pass the Google Cloud Certified - Associate Cloud Engineer exam but also to learn the real-world skills you'll need to be a cloud engineer. This course loosely follows the domain objectives outlined in the certification info. However, instead of just walking you through each bullet point and showing how that particular item works, without any context, we’ve chosen to use a scenario.
In this scenario, you’ve been hired by a startup called Find Seller. They're working on an app that allows users to post a picture of an item and tag it as something they want to buy or sell. They’re having trouble getting funded because currently all of their technology resides on the developers' laptops, and they don’t have any idea how to move to the cloud. That’s where you and I enter the scenario. You’ve been hired as a junior cloud operations engineer, and I’ll be working as a senior cloud engineer. I’ll be mentoring you as we’re assigned tasks from our boss, and we’ll go through the process of deploying and maintaining the application.
Here are some of the areas of focus:Set up a cloud solution environment.Plan and configure a cloud solution.Deploy and implement a cloud solution.Ensure successful operation of a cloud solution.Configure access and security.
By the end of this course, you should be ready to pass the Google Cloud Certified- Associate Cloud Engineer Exam
We all have to start somewhere! In this course introduction video, we'll talk about what this course has to offer, who should take it, and what you'll already need to know before starting!
About the Training Architect
If you're about to spend several hours listening to some random person on the internet, shouldn't you know a little about them? We think so! In this video, you can learn more about the course author.
This course is based on a simple scenario. The idea is that you're a junior cloud engineer who has joined a startup to support their Google Cloud infrastructure. In this brief lesson, we'll talk about that scenario.
Setting up a Cloud Solution Environment
Setting up Cloud Projects and Accounts
This course is mostly scenario driven. In this lesson, we'll plan out our agenda for the next several lessons. This kicks off the scenario for the course.
Creating an Account
In order to work with Google Cloud, we need an account. In this lesson, we'll create a Google Cloud account that we'll use throughout the course. Note: Be aware that the process for an organization account will differ in that you will need to first set up a G Suite or Cloud Identity domain. This lesson covers setting up a personal GCP account.
Creating a New Project
All resources in Google Cloud belong to a project. In this lesson, we'll learn why projects are important, and we'll create the project that we'll use during the course.
Creating Users and Assigning Roles
An essential skill of every cloud engineer is the ability to manage users, roles, and permissions. In this lesson, we'll learn how to add a new user to G Suite, and then add that user to Cloud IAM. We'll also cover how to set roles for users.
The entire Google Cloud Platform is just a set of REST APIs that we can interact with using different interfaces. By default, most of these APIs are disabled. Enabling an API is easy to do, and in this lesson, you'll learn how. Note: Be aware that web console navigation may change over time. The metrics of API versions and methods is now hidden behind the 'view metrics' link in API traffic information. This will not be a testable topic.
Provisioning Stackdriver Accounts
Stackdriver is Google's monitoring and logging service, and if you work on Google Cloud, it's something you'll need to learn. In this lesson, we'll talk about how to create a Stackdriver account that can monitor one or more projects.
Thus far, we've covered a lot of information. In this slightly more casual lesson, we'll summarize what we've covered in this section.
Setting up Cloud Projects and Accounts
Managing Billing Configuration
Creating Billing Accounts
If you're going to use a Cloud Platform, then you need to be able to pay for the resources that you use. The way billing works on the Google Cloud platform is to use a billing account and link it to one or more projects. In this lesson, we'll talk about what billing accounts are, how to create them, and how to link them to projects.
Establishing Billing Budgets and Alerts
When using cloud platforms, it's easy to start up hundreds of virtual machines at the push of a button. However, all of those resources have a price tag attached and can get expensive. Budgets and alerts are one of the tools that will help us to avoid spending too much. In this lesson, we'll cover how to create budgets and alerts so that we don't break the bank!
Setting up Billing Exports to Estimate Daily/Monthly Charges
In this lesson, we'll learn what billing exports are and how to use them.
In this lesson, we'll review the key points from domain 1, section 2, of the exam outline.
Managing Billing Configuration
Installing the Cloud SDK
In this lesson, we'll install the Cloud SDK on an Ubuntu 16 server hosted with Cloud Playground Servers. You can set up your own Cloud Playground Server from the Playgrounds menu item above. Alternatively, you can also install the Google Cloud SDK in a local environment. If you want to follow along, or if you want to see how to install on a different OS, check out the installation documentation: https://cloud.google.com/sdk/docs/quickstarts
Using the Cloud SDK
The Cloud SDK is a cloud engineer's gateway to Google Cloud. It's one of the tools that we can use to manage and automate Google Cloud services. In this lesson we'll learn a bit more about the Cloud SDK. If you want to learn more about the different components available as part of the SDK, check out: https://cloud.google.com/sdk/docs/components
Planning and Configuring a Cloud Solution
Planning and Configuring Compute Resources
Comparing Compute Options
Google Cloud provides different compute services that each meet a specific use case. In this lesson, we'll get a high-level glimpse of the following services: Compute EngineKubernetes EngineApp EngineCloud Functions Google Cloud FAQ: https://cloud.google.com/appengine/kb/
Reviewing Compute Engine
Virtual machines remain one of the core technologies used today. They provide the basis for newer abstraction layers such as the nodes in a Kubernetes cluster, or the servers backing App Engine. Because VMs are a core service, Compute Engine deserves a bit more attention. In this lesson, we'll dig into Compute Engine a bit more.
Reviewing Compute Engine - Managed Instance Groups
Virtual machines on their own could make horizontal scaling a challenge. In this lesson, we'll review how to use managed instance groups to autoscale Compute Engine instances based on different metrics.
Reviewing Kubernetes Engine
If containers are UFOs, then Kubernetes is the mothership! Kubernetes is a container orchestration platform. It's responsible for ensuring containers are up-and-running. In this lesson, we'll take a closer look at the platform that is slowly taking over the world - Kubernetes. NOTE: Kubernetes Engine has had several substantial UI changes since this lesson was filmed. Many of the cluster options are now hidden behind More node pool options in the Node pools menu, such as image and boot disk options. Additionally, the Select Google Container Registry Image button has changed to simply SELECT in all caps to the right of the image path, not beneath it as previous.
Reviewing App Engine
Have you ever wanted to upload some code somewhere and have someone else deal with all of the management tasks? If so, you might be a developer! App Engine is one of the original "serverless" platforms. It allows us to deploy our code, and let Google worry about the underlying infrastructure. In this lesson, we'll take a closer look at App Engine.
Planning and Configuring Data Storage Options
Comparing Storage Options
Do you know how many storage services exist on Google Cloud? If you guessed 42, you're a bit off, which means maybe this lesson is for you! Google Cloud has services that cover:Traditional SQL databasesHorizontally scalable SQL databasesQueryable NoSQL databasesRow-key based NoSQL databasesKey-value storesObject stores...does it ever end? In this lesson, we'll take a high-level look at the different options and their use cases.
Planning and Configuring Network Resources
Reviewing Networking Options
All of those virtual machines running in the cloud require a network to interact with other servers/services. Google Cloud uses a software-defined network, which is the backbone of the platform. In this lesson, we'll learn more about the different components of the networking services.
Exploring the Application
In this lesson, we'll review the cloud architecture for the codebase we'll be installing in the upcoming lessons. The code requires several different services all working together. Knowing how they're expected to work will be important when it's time to deploy the different applications. Note: pssh is not available on Ubuntu 16.04 or 18.04. The equivalent is parallel-ssh.
Planning and Estimating Using the Pricing Calculator
Estimating the Price of the Application
In this lesson, we'll use the Google Cloud Price Calculator to determine a rough monthly cost for our application. The calculator is publically available at https://cloud.google.com/products/calculator/ Using the calculator not only helps to determine the price of running our code, but it can also help give hints about how different services function. For example, seeing the option for a regional and multi-regional Spanner database hints at Spanner being a regional resource, capable of replication to other regions.
Planning and Configuring a Cloud Solution
Deploying and Implementing a Cloud Solution
Planning the Application Deployment
Reviewing the Codebase
Being able to download the code, edit it, and learn from it is important. In this lesson, we'll take a look at the code and where to go to download a copy. Download/Fork the code from Github.
Deploying the Applications
Configuring Common Services 1 of 2
The applications that we're using in this course have some services common to each other. In order to start using them, we need to enable the APIs first. In this lesson, we'll be enabling the different Google Cloud services via the CLI, and we'll start to configure the common services. NOTE: You may receive different output due to changes in the command line environment since this lesson was created. Specifically, the output for enabling APIs has changed since this lesson's film date.
Configuring Common Services 2 of 2
This lesson completes the installation of the common services. We'll be working with Cloud Storage, Bigtable, and BigQuery to get them ready to use later in the course.
Deploying the Products API on Kubernetes 1 of 2
Building and deploying applications can be a time-consuming process. This lesson is part 1 of 2. In this lesson, we'll get a service account created, and a Kubernetes cluster setup. The service account will be used by the code running inside a Docker container to interact with the different Google Cloud services.
Deploying the Products API on Kubernetes 2 of 2
It's time to wrap up deploying the product's application on the Kubernetes cluster that was set up in part 1. In this lesson, we'll build the docker image, push it to the Google Cloud Container Registry, and then deploy the container inside a pod to a Kubernetes cluster. Wow! That was possibly the nerdiest sentence I've ever written. :D
Deploying the Ads API on Compute Engine With Deployment Manager 1 of 2
Before we can deploy our Golang application to Compute Engine, we need to make sure all of our prerequisites are ready. In this lesson, we'll create a Spanner instance and start looking into Google's Infrastructure as Code service named Deployment Manager. Deployment Manager allows us to create templates that define the infrastructure we want, and it will make REST API calls to build the infrastructure.
Deploying the Ads API on Compute Engine With Deployment Manager 2 of 2
When combining Compute Engine startup scripts with Deployment Manager, we can deploy our applications fairly easily. The app is written in Go, and will pull some basic data from a Spanner database. In this lesson, we're going to wrap up our application deployment. We'll use Deployment Manager to create a Managed Instance Group running behind a load-balancer.
Deploying the Image Processor With Cloud Functions
This lesson triggers Google Cloud Functions from messages published to a Pub/Sub topic.
In this lesson, we'll use Google's serverless platform to deploy a Node.js 6 application that's triggered every time a message is published to Pub/Sub. Cool, right?
Note: --runtime is now required to complete deployment functions.
UPDATE: Since this lesson was first released, it is now required to specify the runtime for a new function using the
Deploying the Front-end in App Engine
In this lesson, we'll deploy the component that ties all of the other APIs together - the front-end. The front-end for the application runs in an App Engine Standard environment, using the Go runtime. The front-end is responsible for taking user-supplied data and publishing it to a Pub/Sub topic. After that, the Image Processor code running as a Cloud Function is called by Pub/Sub to process and persist the data.
Deploying Wordpress with Cloud Launcher
Cloud Launcher is a tool built on top of Deployment Manager that allows for "one-click" installs of common applications. In this lesson, we'll be using Cloud Launcher to deploy Wordpress on a Compute Engine instance.
Deploying and Implementing a Cloud Solution
Ensuring Successful Operation of a Cloud Solution
Now that we've deployed our application, it's time to start covering some of the topics that will help us manage these services. In this lesson, we'll talk about the agenda for this section.
Managing Compute Engine Instances - Creating an Instance
In this lesson, we're going to set up a Compute Engine instance that we can use to dive deeper into Compute Engine. We're also going to use network tags to allow traffic to our instance over port 22. Note: If you are following along with a personal Google Cloud account, you will not have access to an organization layer, only projects.
Managing Compute Engine Instances - SSH
When working with Linux servers, we'll eventually need to connect to the server to perform management tasks, debugging, etc. In this lesson, we'll learn about how to manage SSH keys at both the project and instance level so that we can ensure users can connect to our instances.
Managing Compute Engine Instances - Images and Snapshots
As cloud engineers, we know how important backups are to a company. Disk snapshots allow us to create an incremental backup of our persistent disks. Images are copies of an instance, and they're robust enough to serve as both a backup and as a "golden image" that contains all of our code and configuration. In this lesson, we'll learn how to create snapshots and images.
Cloud SDK Configurations
When using multiple projects, especially when they use different defaults, the Cloud SDK could become a pain point. However, it doesn't have to!
The Cloud SDK supports multiple configurations and allows us to activate the one we want to use easily.
Since there are a lot of different commands that we covered in this lesson, they are also listed below for cross reference:
Create a new gcloud configuration
gcloud config configurations create (CONFIG_NAME)
(Note that creating a configuration will automatically activate it as well)
List all of your gcloud configurations
gcloud config configurations list
Activate another existing gcloud configuration
gcloud config configurations activate (CONFIG_NAME)
List the settings for your active configuration
gcloud config list
Assign a project to a configuration
gcloud config set project (PROJECT_ID)
Set account for your configuration
gcloud config set account (ACCOUNT_ID)
Managing Kubernetes Engine Resources
Working with Kubernetes is becoming a required skill for cloud engineers. While Google manages Kubernetes Engine, we'll need to know how to change the size of the cluster, manage and connect to pods, etc.
In this lesson, we'll resize the cluster with the UI and the CLI. We'll also talk about
kubectl and some common sub-commands. And we'll wrap up by connecting to a running container.
Managing App Engine Resources
App Engine is a fantastic platform as a service for running web applications. It does, however, require a bit of effort on our part to manage scaling settings and traffic splitting. Traffic splitting allows us to perform A/B testing, canary deployments, and simple rollbacks. The ability to tune the scaling settings allows us to find the right balance of cost vs. performance. In this lesson, we'll learn about both of these powerful features.
Working with Cloud Storage
Cloud Storage is a more powerful service than it might seem. It can be used as a backup solution; as an archive solution; it's often used to store static assets; it's also used to host static websites. With all of that power, it can be easy to miss some of the functionality we should know, such as object lifecycles and signed URLs. In this lesson we'll:Create a bucket and set a lifecycle ruleUpload an item from the CLIMove the object to another bucketMake an object publicUse signed URLs
Managing Networking Resources
When working with Google Cloud networks, we're able to expand a subnet's IP address range and reserve static IP addresses. In this lesson, we'll learn how to expand the IP address range, and we'll talk a bit about CIDR notation. We'll also talk about reserving static private and public IP addresses.
Monitoring and Logging
Many of the tasks cloud engineers perform boil down to monitoring and logging. On Google Cloud, Stackdriver is the first-party service we'll use for monitoring and logging. Stackdriver allows us to create alerts based on built-in metrics, as well as custom metrics. It also provides us with a robust logging tool that's capable of reading logs from the different services running on our instances. In this lesson, we'll learn about alerts, custom metrics, logging, and log sinks.
Configuring Access and Security
Working With Logs
Viewing Audit Logs for Project and Managed Services
A project's audit logs show who is doing what inside a project. Knowing this information, we'll be able to find potential breaches inside our projects. In this lesson, we'll talk about how to view the audit logs with the UI and CLI.
Managing Resources and Working with Logs
Domain Objective Review
If you're interested in taking the certification exam, then it's worth reviewing the domain objectives. In this lesson we're going to go through the domains and talk about why that info is important, and what Google really wants you to know.
In this lesson, we'll talk about the next steps as you work towards certification.
Am I Ready?
By the time you're 100% certain you're ready to pass an exam, you're probably ready to move on to a higher level cert. In this lesson, we'll talk a bit more about being ready for the exam, and we'll work through 2 practice questions together to figure out the correct answer.
Google Cloud Certified Associate Cloud Engineer - Practice Exam