assignments examples
Examples of Assignments in our DevOps Academy.
Each task should take no more than 2 hours. The task will have to target below concepts when
- Building infrastructure
- Building applications
- Building CI/CD pipeline
Option 1
The Task
Your task is to create a repo in github and solve below problem
Create a kubernetes deployment, svc, hpa, pdb service account in kubernetes cluster. can be PaaS/Minikube
Deployment needs a secret with name API_KEY
Mount this secret in deployment
API_KEY should be a environment variables within the container when container starts inside a pod
API_KEY env variable is not used yet in app, but we want to see the approach
Acceptance criteria
You must provide your code in full with kubernetes manifests or pipelines or scripts
You must use either public cloud(AWS, GCP, Azure) or Minikube to run the above manifests file
You do not need toprovide access to the cluster in public cloud, only the code
Your code is clean and readable
You must document any steps that are not automated in the *README.md*
You must havededicated service account for deployment
You must have NodePort Type ofservice for application
You must have Minimum 2 pods always up and running
You must have only 1 pod unavailable during Rolling Update of Deployment
Assumptions
Can use any open-source tools/language to solve problem
Create extra code if needed like infra(terraform, scripts) etc in same repo
Choose simple applications from internet e.g. nginx, httpd
Bonus
Deployment container is scanned before getting deployed. If severity is high, pipeline should fail
Container in Pod, should not be running as root
Provide any code that you required to accomplish this task
You must document any steps that are not automated in the *README.md*
Option 2
The Task
Your task is to create a repo in github and solve below problem
Create a new namepace in kubernetes and deploy all solution in that namespace
Create a kubernetes deployment, svc, hpa, pdb service account in kubernetes cluster. can be PaaS/Minikube
Deployment needs an API_KEY which is a secret key. Mount this API_KEY as volume inside Deployment
Create a kubernetes role binding so that this secret is readable only from this namespace
e.g. namespace ns1 users can access secret s1 but namespace ns2 apps/users can not access secret s1
Acceptance criteria
You must provide your code in full with kubernetes manifests or pipelines or scripts
You must use either public cloud(AWS, GCP, Azure) or Minikube to run the above manifests file
You do not need toprovide access to the cluster in public cloud, only the code
Your code is clean and readable
You must document any steps that are not automated in the *README.md*
You must havededicated service account for deployment
You must have NodePort Type ofservice for application
You must have Minimum 2 pods always up and running
You must have only 1 pod unavailable during Rolling Update of Deployment
Assumptions
Can use any open-source tools/language to solve problem
Create extra code if needed like infra(terraform, scripts) etc in same repo
Choose simple applications from internet e.g. nginx, httpd
Bonus
Deployment container is scanned before getting deployed. If severity is high, pipeline should fail
Container in Pod, should not be running as root
Scan app repo code to see static code anyalysis in pipeline
Option 3
The Task
Your task is to provide a git repository that will contain the code to build a Kubernetes Operator that does the following:
Sends a Slack message *hello world form $name* when a pod resource with *$name* in the *spec* is created
Sends a Slack message *things have changed, $name* when the above custom resource is modified
Sends a Slack message *goodbye world from $name* when the above custom resource is deleted
You may use any language and/or toolset to achieve the above as long as they are freely available.
Acceptance criteria
Your code is clean and readable
You have a *README.md* that explains how to use your operator
You provide deployment instructions (ideally manifests or a Helm chart to deploy your operator to a cluster)
Provide some rationale for your design choices (I used *$language* because…, I used *$library* because…, etc. )
Assumptions
Can use any open-source tools/language to solve problem
Create extra code if needed like infra (terraform, scripts) etc in same repo
Choose simple applications from internet e.g. nginx, httpd
Bonus
Deployment container is scanned before getting deployed. If severity is high, pipeline should fail
Container in Pod, should not be running as root
Option 4
The Task – Infrastructure as a code
Your task is to provide a git repository that will contain the code to build a Terraform code that does the following:
Create 2 EC2 Instances under Auto-Scaling-Group
Create a NLB
Create a Listner on Port 80 on NLB
Creates Target-Group to send all traffic to Port 31555
Target Type for Target-Group should be all instances under Auto-Scaling-Group created in step 1
Schedule Auto-Scaling-Group to be scale down all instances after 18 00 PM CET Mon-Fri
Schedule Auto-Scaling-Group to be scale up all instances after 8 AM CET
You may use any language and/or toolset to achieve the above as long as they are freely available. We prefer you write it in terraform.
Acceptance criteria
Your code is clean and readable
You have a *README.md* that explains how to use your code and decisions you made
You provide deployment instructions
Provide some rationale for your design choices (I used *$language* because…, I used *$library* because…etc. )
Assumptions
Can use any open-source tools/language to solve problem
Create extra code if needed like infra (scripts) etc in same repo
Choose simple applications from internet e.g. nginx, httpd
Bonus
Install nginx/httpd with userdata
When hit the NLB URL on port 80, it connects to EC2 and shows default nginx/httpd page
Option 5
The Task – Infrastructure as a code
Your task is to provide a git repository that will contain the code to build a Terraform code that does the following:
Create 1 AWS KMS key with name
test-devops-kms-key-dev-eu-west-1
Create 1 dynamodb table with name
test-devops-dynamodb-dev-eu-west-1
Create 1 EC2 instance with name
test-devops-ec2-dev-eu-west-1
Create IAM Role with name
test-devops-role-dev-eu-west-1
Role should have a policy attached to it with following conditions
KMS Access with action decrypt, only to the ARN of KMS created above
DynamoDb Access with action GetRecords, GetItem, PutItem, only to the ARN of DynamoDB createdabove
Attach role to EC2 instance
You may use any language and/or toolset to achieve the above as long as they are freely available. We prefer you write it in terraform.
Acceptance criteria
Your code is clean and readable
You have a *README.md* that explains how to use your code and decisions you made
You provide deployment instructions
Provide some rationale for your design choices (I used *$language* because…, I used *$library* because…etc. )
Assumptions
Can use any open-source tools/language to solve problem
Create extra code if needed like infra (scripts) etc in same repo
Choose simple applications from internet e.g. nginx, httpd
Bonus
Extend code for nonprod/prod environments
All names of KMS Key/DynamoDB Tables/EC2/IAM Role should be dynamic
Hint: If you see the names of Resources, they have some pattern eg *COMMON NAME-RESOURCE TYPE-ENVIRONMENT-REGION*