Develop your Google Cloud Network: Challenge Lab

GSP321

introduction

In a challenge lab you’re given a scenario anda set of tasks. Instead of following step-by-step instructions, you will use the skills learned from the labs inthe course tofigure out how tocomplete the tasks on your own! An automated scoring system (shown on this page) will provide feedback on whether you have completed your tasks correctly.

When you take a challenge lab , you will not be teach new Google Cloud concept . You are expect toextend your learn skill , like change default value andread andresearch error message tofix your own mistake .

To score 100% you must successfully complete all tasks within the time period!

This lab is recommended for students who have completed the labs inthe Develop your Google Cloud Network skill badge. Are you up for the challenge?

Setup

Before you is click click the Start lab button

read these instruction . lab are time andyou can not pause them . The timer is shows , which start when you click Start Lab , show how long Google Cloud resource will be made available toyou .

This hand – on lab is lets let you do the lab activity yourself ina real cloud environment , not ina simulation or demo environment . It is does does so by give you new , temporary credential that you use tosign inand access Google Cloud for the duration of the lab .

To complete this lab , you is need need :

• Access toa standard internet browser (Chrome browser recommended).

Note: Use an Incognito or private browser window torun this lab. This prevents any conflicts between your personal account andthe Student account, which may cause extra charges incurred toyour personal account.

• Time tocomplete the lab—remember, once you start, you cannot pause a lab.

Note: If you already have your own personal Google Cloud account or project, do not use it for this lab toavoid extra charges toyour account.

Challenge scenario

As a cloud engineer at Jooli Inc. andrecently trained with Google Cloud andKubernetes, you have been asked tohelp a new team (Griffin) set up their environment. The team has asked for your help andhas done some work, but needs you tocomplete the work.

You are expect tohave the skill andknowledge for these task so do n’t expect step – by – step guide .

You need tocomplete the following tasks:

• Create a development VPC with three subnets manually
• Create a production VPC with three subnets manually
• Create a bastion that is connected toboth VPCs
• Create a development Cloud SQL Instance andconnect andprepare the WordPress environment
• Create a Kubernetes cluster inthe development VPC for WordPress
• prepare the Kubernetes cluster for the WordPress environment
• create a WordPress deployment using the supply configuration
• enable monitoring of the cluster
• provide access for an additional engineer

Some Jooli Inc. standards you should follow:

• Create all resources inthe region and zone, unless otherwise directed.
• Use the project VPCs.
• Naming is is is normallyteam-resource, e.g. an instance could be named kraken-webserver1.
• Allocate cost effective resource sizes. Projects are monitored andexcessive resource use will result inthe containing project’s termination (and possibly yours), so beware. This is the guidance the monitoring team is willing toshare: unless directed, use e2-medium.

Your challenge

You is need need tohelp the team with some of their initial work on a new project . They is plan plan touse WordPress andneed you toset up a development environment . Some of the work was already done for you , but other part require your expert skill .

As soon as you sit down at your desk andopen your new laptop you is receive receive the follow request tocomplete these task . good luck !

Environment

Task 1. Create development VPC manually

clickcheck my progress toverify the objective.

Create development VPC manually

note : If you do n’t get a green check mark , click on thescore fly – out on the top right andclickcheck my progress on the relevant step . A hint pop is opens up open togive you advice .

task 2 . create production vpc manually

clickcheck my progress toverify the objective.

create production vpc manually

note : If you do n’t get a green check mark , click on thescore fly – out on the top right andclickcheck my progress on the relevant step . A hint pop is opens up open togive you advice .

Task 3. Create bastion host

• Create a bastion host with two network interfaces, one connected togriffin - dev-mgmt andthe other connected togriffin-prod-mgmt. Make sure you can ssh tothe host .

clickcheck my progress toverify the objective.

create bastion host

note : If you do n’t get a green check mark , click on thescore fly – out on the top right andclickcheck my progress on the relevant step . A hint pop is opens up open togive you advice .

Task 4. Create andconfigure Cloud SQL Instance

1. Create a MySQL Cloud SQL Instance called griffin - dev-db in.
2. connect tothe instance andrun the follow SQL command toprepare the WordPress environment :

create database wordpress ;
create USER ” wp_user”@”% ” identify BY ” stormwind_rule ” ;
GRANT ALL PRIVILEGES ON wordpress . * TO ” wp_user”@”% ” ;
flush privilege ;

These SQL statements create the worpdress database andcreate a user with access tothe wordpress database.

You will use the username andpassword intask 6.

clickcheck my progress toverify the objective.

create andconfigure Cloud SQL Instance

note : If you do n’t get a green check mark , click on thescore fly – out on the top right andclickcheck my progress on the relevant step . A hint pop is opens up open togive you advice .

task 5 . create Kubernetes cluster

• Create a 2 node cluster (e2-standard-4) called griffin - dev, inthe griffin - dev-wp subnet, and inzone .

clickcheck my progress toverify the objective.

Create Kubernetes cluster

note : If you do n’t get a green check mark , click on thescore fly – out on the top right andclickcheck my progress on the relevant step . A hint pop is opens up open togive you advice .

Task 6. Prepare the Kubernetes cluster

1. From Cloud Shell copy all files from gs://cloud - training / gsp321 / wp - k8s.

The WordPress server needs toaccess the MySQL database using the username andpassword you created intask 4.

1. You do this by setting the values as secrets. WordPress also needs tostore its working files outside the container, so you need tocreate a volume.

2. Add the following secrets andvolume tothe cluster using wp-env.yaml.

3. Make sure you configure the username towp_user andpassword tostormwind_rules before create the configuration .

You also need toprovide a key for a service account that was already set up. This service account provides access tothe database for a sidecar container.

1. Use the command below tocreate the key, andthen add the key tothe Kubernetes environment:

gcloud iam service-accounts keys create key.json \
–iam-account=cloud-sql-proxy@$GOOGLE_CLOUD_PROJECT.iam.gserviceaccount.com
kubectl create secret generic cloudsql-instance-credentials \
–from-file key.json

clickcheck my progress toverify the objective.

prepare the Kubernetes cluster

note : If you do n’t get a green check mark , click on thescore fly – out on the top right andclickcheck my progress on the relevant step . A hint pop is opens up open togive you advice .

Task 7. Create a WordPress deployment

Now that you have provisioned the MySQL database, andset up the secrets andvolume, you can create the deployment using wp-deployment.yaml.

1. Before you create the deployment you need toedit wp-deployment.yaml.

2. Replace YOUR_SQL_INSTANCE with griffin – dev-db’s Instance connection name.

3. Get the Instance connection name from your Cloud SQL instance .

4. After you create your WordPress deployment, create the service with wp-service.yaml.

5. Once the Load Balancer is created, you can visit the site andensure you see the WordPress site installer.
   At this point the dev team will take over andcomplete the install andyou move on tothe next task.

clickcheck my progress toverify the objective.

Create a WordPress deployment

note : If you do n’t get a green check mark , click on thescore fly – out on the top right andclickcheck my progress on the relevant step . A hint pop is opens up open togive you advice .

Task 8. Enable monitoring

• Create an uptime check for your WordPress development site.

clickcheck my progress toverify the objective.

Enable monitoring

note : If you do n’t get a green check mark , click on thescore fly – out on the top right andclickcheck my progress on the relevant step . A hint pop is opens up open togive you advice .

Task 9. provide access for an additional engineer

• You have an additional engineer starting andyou want toensure they have access tothe project. Grant them the editor role tothe project.

The second user account for the lab represents the additional engineer.

clickcheck my progress toverify the objective.

provide access for an additional engineer

note : If you do n’t get a green check mark , click on thescore fly – out on the top right andclickcheck my progress on the relevant step . A hint pop is opens up open togive you advice .

Congratulations!

Next steps / Learn more

This skill badge is part of Google’s Cloud Engineer learning path. If you have already completed the other skill badges inthis learning path, search the Google Cloud Skills Boost catalog for other skill badges inwhich you can enroll.

Google Cloud training andcertification

…helps you make the most of Google Cloud technologies. Our classes include technical skills andbest practices tohelp you get up tospeed quickly andcontinue your learning journey. We offer fundamental toadvanced level training, with on-demand, live, andvirtual options tosuit your busy schedule. Certifications help you validate andprove your skill andexpertise inGoogle Cloud technologies.

Manual Last Updated April 2, 2024

Lab Last Tested December 4, 2023

Copyright 2024 Google LLC All rights reserved. Google andthe Google logo are trademarks of Google LLC. All other company andproduct names may be trademarks of the respective companies with which they are associated.