Mastering Google Cloud DevOps: Insights and Tips for the Professional Cloud DevOps Engineer Exam
Introduction
Two weeks ago, I took the Professional Cloud DevOps Engineer (PCDE) exam as part of my goal to acquire all Google Cloud certifications. I’m happy to share that I passed the exam. In this article, I will share the experiences and impressions gained from preparing for and taking this exam.
For those interested in similar topics, you may find the following articles useful:
Scope of the Certification and My Impressions After Taking the Exam
Bootstrap a Google Cloud Organization for DevOps
- Developing the Infrastructure with Reproducibility: Installing Infrastructure as Code (IaC) tools like Terraform and Deployment Manager helps avoid human error when deploying numerous resources in the environment.
- Understanding the Organization Policy and IAM: It’s crucial to understand the resource hierarchy and the impact of applying policies and IAM roles at different levels, such as folders or the organization. Utilizing Organization Policy is effective for maintaining security, such as restricting service account keys and prohibiting external domains.
- Logging Management: You should understand how to aggregate logs between projects and preserve them in Cloud Storage buckets using Log Sinks. Additionally, knowledge of storage classes is important.
Apply Site Reliability Engineering (SRE) Practices to a Service
- Introducing the Postmortem: The postmortem plays a pivotal role in sharing experiences and knowledge to prevent future incidents. It’s essential to understand the basic rules of postmortems, such as not criticizing individuals but the system, analyzing the factors of the incident, and sharing the document with everyone.
- Understanding Service Level Indicator (SLI), Service Level Objective (SLO), and Service Level Agreement (SLA): To monitor the application from the customer’s viewpoint using metrics like Golden Signals, you should configure SLIs, SLOs, and SLAs to maintain system availability. Cloud Moniotring enables the configuration of these metrics and error budgets.
- Handling the Incident: You should understand how to handle incidents from the initial response to resolution. Assigning roles such as Incident Commander, Operations Lead, and Communication Lead is crucial for coordinating team efforts. As mentioned earlier, the postmortem is also important for sharing the entire incident event and resolution process with everyone.
Optimize Service Performance
- Streamlining the Service: To improve service performance, Cloud Profiler allows us to visualize metrics such as CPU and memory usage, helping to identify bugs and inefficient processes. Additionally, Cloud Trace helps identify issues related to network latency and request times.
- Capacity Planning and FinOps: It’s important to understand how to plan service resources and manage quotas. Cloud Quotas enable us to monitor and trigger alerts when approaching resource limits. Furthermore, utilizing the Recommender API and commited use discounts are essential tools for optimizing costs.
Build and Implement CI/CD Pipelines for a Service
- Automating Service Delivery: Automating build and deploy processes is an essential technique for DevOps engineers. Cloud Build is a CI/CD service in Google Cloud that triggers builds and deployments from code management platforms such as GitHub and GitLab. Additionally, it’s important to understand various test methods such as unit tests, E2E tests, acceptance tests, smoke tests, and shadow tests.
- Maintaining Security: To build and deploy securely, Artifact Registry provides vulnerability scaning to ensure image security, and Binary Authorization maintains image reliability. Moreover, data encryption is crucial for data security. Cloud Key Mangement Service (KMS) allows you to create, import, and manage cryptographic keys and perform cryptographic operations in a single centralized cloud service.
- Understanding Release Strategies: Choosing the appropriate service release method, such as Canary Release or Blue/Green Deployment, depends on the situation. A Canary Release allows us to release the application to a limited user group to monitor new updates, while Blue/Green Deployment enables immediate rollout and rollback of the application. Google Cloud managed application services, such as Cloud Run, provide these release strategies.
Implement Service Monitoring Strategies
- Understanding Monitoring Services: Cloud Monitoring provides custom dashboard service to monitor your services effectively. For Compute Engine, the Ops Agent plays a pivotal role in collecting metrics. Regarding logging services, it’s important to understand Monitoring Query Language (MQL) and Prometheus Query Language (PromQL) to find the desired logs of resources. Additionally, VPC Flow Logs enable us to identify network traffic issues.
Overall Impressions
The DevOps exam covers a wide range of services in Google Cloud, with a particular focus on application services like Google Kubernetes Engine (GKE) and Cloud Run. Additionally, Site Reliability Engineering (SRE), as proposed by Google, is a main topic of this exam. To gain a deeper understanding of SRE, Google provides a webpage introducing best practices, which I highly recommend reading.
If you are considering taking the PCDE exam as your next certification, it is beneficial to have the Professional Cloud Architect, Developer, and Security Engineer certifications, as these exams cover similar topics to the PCDE.
Preparation for the Exam
I recommend taking practice exams to familiarize yourself with the various question types, as the exam requires you to choose answers from four to five options.
- Take the official practice exam provided by Google Cloud.
- Purchase a practice exam course from online learning platforms such as Udemy.
It’s important to understand the answers by reading the official documentation, rather than just memorizing them. This approach will help you apply your knowledge to different questions.
Summary
In this article, I shared my experiences and impressions of undertaking the PCDE exam. Certification exams help maintain motivation to study Google Cloud, and you can receive rewards. Currently, only long sleeve shirts are available as rewards, but I hope short sleeve shirts will be added in the future🤞
