mirror of https://github.com/01-edu/public.git
Zouhair AMAZZAL
3 months ago
committed by
Zouhair AMAZZAL
3 changed files with 207 additions and 0 deletions
@ -0,0 +1,84 @@
|
||||
## Easy-Cloud |
||||
|
||||
<center> |
||||
<img |
||||
src="./resources/easy-cloud.jpg?raw=true" style="width: 600px !important; height: 600px !important;"/> |
||||
</center> |
||||
|
||||
### Objective |
||||
|
||||
This project is designed to immerse you in the world of DevOps and Cloud engineering, focusing on deploying and managing a scalable application using a cloud provider from your choice, your mission is: |
||||
|
||||
- Establishing and configuring a public cloud environment suitable for a scalable web application. |
||||
- Utilizing managed web service or managed container service for deploying containerized microservices deployment. |
||||
- Implementing effective monitoring, logging, auto-scaling, and security measures to ensure the application's smooth and efficient operation. |
||||
- Emphasizing the use of managed services to reduce the operational overhead on the startup. |
||||
|
||||
### Hints |
||||
|
||||
Before embarking on this project, ensure you are equipped with: |
||||
|
||||
- An understanding of basic DevOps practices and principles. |
||||
- Familiarity with the public cloud concepts, managed public cloud services, and related networking/security services. |
||||
- Proficiency in Terraform for infrastructure as code. |
||||
- Knowledge in containerization technologies, specifically Docker. |
||||
- Insights into monitoring and logging practices and public cloud services. |
||||
|
||||
> Any lack of understanding of the concepts of this project may affect the difficulty of future projects, take your time to understand all concepts. |
||||
> Be curious and never stop searching! |
||||
|
||||
### Role Play |
||||
|
||||
The project includes a role play session to simulate a real-world scenario where you, as a Cloud Engineer, present and justify your infrastructure design and decisions to stakeholders or your team. This session aims to: |
||||
|
||||
- Evaluate your grasp of the technologies and strategies employed in your project. |
||||
- Test your communication skills and ability to articulate your choices. |
||||
- Encourage critical thinking and the consideration of alternative solutions. |
||||
|
||||
Be prepared to defend your architecture, explaining the rationale behind each decision and how it aligns with the project's objectives. |
||||
|
||||
### Architecture |
||||
|
||||
You are a Cloud engineer and you have received a mission from a small company with limited resources and limited cloud/devops knowledge, they want to create an infrastructure with the following: |
||||
|
||||
- Setup WordPress on at least two servers to ensure high availability. These servers should be configured identically to serve the WordPress application. |
||||
- Implement an auto-scaling mechanism that automatically scales the number of servers up during high load periods and scales down during low load periods. This ensures that your infrastructure can handle traffic spikes efficiently without manual intervention. |
||||
- Configure a load balancer to distribute incoming traffic evenly across all active servers. This ensures that no single server bears too much load, improving the responsiveness of your WordPress site. |
||||
- Utilize a network file system (NFS) for storing dynamic WordPress content, such as media uploads, plugins, and themes. This setup allows all servers to access and serve the same dynamic content, ensuring consistency across different user sessions. |
||||
- Store static content in an object storage service, designed for high durability and availability. This storage should serve static website assets like CSS, JavaScript, and image files. |
||||
- Integrate a Content Delivery Network (CDN) to cache and deliver static content from locations close to your users. This reduces load times and bandwidth costs while improving user experience. |
||||
- Use a managed database service for WordPress. This database should be accessible only by your WordPress servers and not exposed to the public internet, enhancing security. |
||||
- Ensure that the database service offers high availability features, such as automatic backups, failover mechanisms, and scalability options. |
||||
- Design your infrastructure to be fault-tolerant by deploying servers in different physical locations or data centers, if possible. This minimizes the impact of hardware failures and network issues. |
||||
- Implement health checks and failover strategies to automatically reroute traffic away from failed instances and maintain high availability. |
||||
- Monitor and adjust your infrastructure according to actual needs. Use the auto-scaling feature to align operational costs with traffic patterns, ensuring you only pay for the resources you need. |
||||
- Apply strict access controls to ensure only authorized access to your infrastructure components. This includes securing your network file system, object storage, and database. |
||||
- Use the LTS version for WordPress application, plugins, and themes to mitigate vulnerabilities. |
||||
- Use security groups or similar network security mechanisms to restrict inbound and outbound traffic to only necessary ports and protocols. |
||||
- Email alerts in the event of a problem with one of the services or a skip of the budget, you can define the budget by your self. |
||||
|
||||
> You are not allowed to use kubernetes services or install it in the servers, the client are not familiar with it. |
||||
|
||||
### Cost Management |
||||
|
||||
Effective cost management is crucial. Embrace the pricing model, monitor your usage, optimize resource allocation, and leverage your cloud provider cost management tools to control your project's financial footprint. Regularly review and adjust your resources to ensure you achieve the best balance between performance, scalability, and cost. |
||||
|
||||
> Remember that the responsibility for cost management lies with you. |
||||
|
||||
You should provide a cost estimation with the submitted files, you can use a cloud service for that. |
||||
|
||||
### Infrastructure as Code |
||||
|
||||
Provision the necessary resources for your Cloud environment using Terraform as an Infrastructure as Code (IaC) tools. This includes setting up Cloud computing instances, containers, networking components, and storage services (e.g. AWS S3). |
||||
|
||||
### Documentation |
||||
|
||||
Create a `README.md` file that provides comprehensive documentation for your architecture, which must include well-structured diagrams, thorough descriptions of components, and an explanation of your design decisions, presented in a clear and concise manner. Make sure it contains all the necessary information about the solution (prerequisites, setup, configuration, usage, ...). This file must be submitted as part of the solution for the project. |
||||
|
||||
### Submission and audit |
||||
|
||||
Upon completing this project, you should submit the following: |
||||
|
||||
- Your documentation in the `README.md` file. |
||||
- Configuration files for your Infrastructure as Code (IaC), containerization, and orchestration tools. |
||||
- Your cost estimation file. |
||||
@ -0,0 +1,123 @@
|
||||
#### General |
||||
|
||||
##### Check the Repo content: |
||||
|
||||
Ensure the repository contains all required files: |
||||
|
||||
- Comprehensive README.md file with detailed documentation of the architecture, design decisions, and component descriptions. |
||||
- All source code and scripts necessary for deploying the WordPress application. |
||||
- Terraform configuration files for the Infrastructure as Code (IaC) setup. |
||||
- A cost estimation file reflecting the budget and financial considerations for the project. |
||||
|
||||
###### Are all required files present? |
||||
|
||||
##### Play the role of a stakeholder: |
||||
|
||||
Conduct a role-play session where students present their solution as Cloud Engineers. Evaluate their understanding of cloud concepts, their solution's architecture, and their ability to communicate effectively. Suggested questions: |
||||
|
||||
- Ask the student to explain the choice of cloud provider and the benefits of using managed services in this project. |
||||
- How does your architecture ensure high availability and scalability for the WordPress application? |
||||
- Describe how you've implemented security measures to protect your application and data. |
||||
- Discuss the auto-scaling strategy you've chosen and how it aligns with cost management principles. |
||||
- How have you managed the storage of dynamic and static content to ensure consistency and performance? |
||||
- What monitoring and alerting mechanisms have you put in place to maintain the health and performance of your application? |
||||
- Provide details on how you used Terraform for infrastructure provisioning and the benefits of using Infrastructure as Code (IaC). |
||||
|
||||
###### Were the students able to answer all questions satisfactorily? |
||||
|
||||
###### Did the students demonstrate a comprehensive understanding of the technologies and strategies used? |
||||
|
||||
###### Could the students effectively communicate their design decisions and justify their architectural choices? |
||||
|
||||
##### Review the Architecture Design: |
||||
|
||||
Examine the student's architecture design to ensure it meets all project requirements: |
||||
|
||||
1. `Scalability`: Does the architecture include an auto-scaling setup that efficiently handles varying loads? |
||||
2. `High Availability`: Are services deployed across multiple servers or data centers to ensure fault tolerance? |
||||
3. `Security`: Are appropriate security measures in place, including access controls and database security? |
||||
4. `Cost Management`: Is there evidence of cost optimization strategies and a clear understanding of the chosen cloud provider's pricing model? |
||||
5. `Simplicity and Compliance`: Has the student managed to design a straightforward solution without Kubernetes, as per the project's constraints? |
||||
|
||||
###### Does the architecture align with the project's scalability, availability, security, and cost-effectiveness requirements? |
||||
|
||||
##### Test WordPress Functionality: |
||||
|
||||
- Navigate to the WordPress site URL. |
||||
- Upload a new media item to the WordPress site. |
||||
- Access various static assets (CSS, JavaScript, images). |
||||
|
||||
###### Are these loading quickly, indicating effective CDN use? |
||||
|
||||
###### Does the site load correctly from different locations or using different internet connections? |
||||
|
||||
###### Is the item immediately accessible from different sessions, indicating successful NFS setup for dynamic content? |
||||
|
||||
###### Is the WordPress application fully functional and serving content correctly? |
||||
|
||||
##### High Availability and Auto-scaling Verification: |
||||
|
||||
- Ask the student to demonstrate how WordPress instances are distributed across different physical locations or data centers. |
||||
- Simulate a server failure or take one instance offline. |
||||
- Show evidence of the auto-scaling configuration. Then, simulate or describe how the system scales up under high load and scales down when the load decreases. |
||||
- Perform a controlled load test to trigger auto-scaling. Monitor and record the scaling activity. |
||||
|
||||
###### Does the site remain accessible, indicating successful failover and high availability? |
||||
|
||||
###### Is the WordPress setup highly available with no downtime during server failures? |
||||
|
||||
###### Does the auto-scaling mechanism work as expected, adjusting the number of instances according to load? |
||||
|
||||
##### Load Balancing and Traffic Distribution: |
||||
|
||||
- Explain or show the load balancer setup ensuring even traffic distribution. |
||||
- Ask the student to explain how is traffic evenly distributed across all servers. |
||||
|
||||
###### Is the load balancing configured correctly, effectively distributing traffic across servers? |
||||
|
||||
##### Alert and Monitoring Setup: |
||||
|
||||
- Show the configuration for email alerts related to service problems or budget overruns. |
||||
- Trigger an Alert: (If possible), simulate a condition that would trigger an alert (e.g., stopping a service or exceeding a predefined budget threshold). |
||||
|
||||
###### Are alerts properly set up and working as expected for system issues and budget overruns? |
||||
|
||||
##### Security and Access Control: |
||||
|
||||
- Ask the student to explain how are strict access controls implemented to secure NFS, object storage, and the database. |
||||
- Verify that the managed database is accessible only by WordPress servers and not exposed to the internet. |
||||
- Check the configuration of security groups or similar mechanisms to restrict traffic to necessary protocols and ports only. |
||||
|
||||
###### Are security measures adequately implemented to protect infrastructure components? |
||||
|
||||
##### Documentation Review: |
||||
|
||||
Check the README.md file for completeness: |
||||
|
||||
###### Does it include detailed setup and configuration instructions? |
||||
|
||||
###### Are there clear, well-structured diagrams and thorough component descriptions? |
||||
|
||||
###### Is there a clear explanation of design decisions and their rationale? |
||||
|
||||
###### Is the documentation clear, complete, and easy to understand? |
||||
|
||||
##### Infrastructure as Code (IaC) Evaluation: |
||||
|
||||
- Request the student to demonstrate the use of Terraform commands (terraform plan, terraform apply) to verify the cloud environment setup. |
||||
|
||||
###### Is Terraform used effectively to provision and manage cloud resources? |
||||
|
||||
###### Do the Terraform configurations accurately reflect the architecture design and project requirements? |
||||
|
||||
###### Does the IaC setup align with best practices and project requirements? |
||||
|
||||
##### Cost Estimation Review: |
||||
|
||||
- Examine the cost estimation file submitted by the student: |
||||
|
||||
###### Does it provide a realistic estimate of the project's cost on the chosen cloud provider? |
||||
|
||||
###### Are there considerations for scaling, data transfer, storage, and other potential costs? |
||||
|
||||
###### Is the cost estimation detailed, realistic, and aligned with cloud provider pricing models? |
||||
|
After Width: | Height: | Size: 1.5 MiB |
Loading…
Reference in new issue