Ukážka zadaní

Pozrite si ukážku zadaní, ktoré by ste riešili v našej DevOps Akadémii.

Each task should take no more than 2 hours. The task will have to target below concepts when

  • Building infrastructure
  • Building applications
  • Building CI/CD pipeline

Option 1

The Task

Your task is to create a repo in github and solve below problem

  • Create a kubernetes deployment, svc, hpa, pdb service account in kubernetes cluster. can be PaaS/Minikube

  • Deployment needs a secret with name API_KEY

  • Mount this secret in deployment

  • API_KEY should be a environment variables within the container when container starts inside a pod

  • API_KEY env variable is not used yet in app, but we want to see the approach

 

Acceptance criteria

  • You must provide your code in full with kubernetes manifests or pipelines or scripts

  • You must use either public cloud(AWS, GCP, Azure) or Minikube to run the above manifests file

  • You do not need toprovide access to the cluster in public cloud, only the code

  • Your code is clean and readable

  • You must document any steps that are not automated in the *README.md*

  • You must havededicated service account for deployment

  • You must have NodePort Type ofservice for application

  • You must have Minimum 2 pods always up and running

  • You must have only 1 pod unavailable during Rolling Update of Deployment

 

Assumptions

  • Can use any open-source tools/language to solve problem

  • Create extra code if needed like infra(terraform, scripts) etc in same repo

  • Choose simple applications from internet e.g. nginx, httpd

 

Bonus

  • Deployment container is scanned before getting deployed. If severity is high, pipeline should fail

  • Container in Pod, should not be running as root

  • Provide any code that you required to accomplish this task

  • You must document any steps that are not automated in the *README.md*

Option 2

The Task

Your task is to create a repo in github and solve below problem

  • Create a new namepace in kubernetes and deploy all solution in that namespace

  • Create a kubernetes deployment, svc, hpa, pdb service account in kubernetes cluster. can be PaaS/Minikube

  • Deployment needs an API_KEY which is a secret key. Mount this API_KEY as volume inside Deployment

  • Create a kubernetes role binding so that this secret is readable only from this namespace

  • e.g. namespace ns1 users can access secret s1 but namespace ns2 apps/users can not access secret s1

 

Acceptance criteria

  • You must provide your code in full with kubernetes manifests or pipelines or scripts

  • You must use either public cloud(AWS, GCP, Azure) or Minikube to run the above manifests file

  • You do not need toprovide access to the cluster in public cloud, only the code

  • Your code is clean and readable

  • You must document any steps that are not automated in the *README.md*

  • You must havededicated service account for deployment

  • You must have NodePort Type ofservice for application

  • You must have Minimum 2 pods always up and running

  • You must have only 1 pod unavailable during Rolling Update of Deployment

 

Assumptions

  • Can use any open-source tools/language to solve problem

  • Create extra code if needed like infra(terraform, scripts) etc in same repo

  • Choose simple applications from internet e.g. nginx, httpd

 

Bonus

  • Deployment container is scanned before getting deployed. If severity is high, pipeline should fail

  • Container in Pod, should not be running as root

  • Scan app repo code to see static code anyalysis in pipeline

Option 3

The Task

Your task is to provide a git repository that will contain the code to build a Kubernetes Operator that does the following:

  • Sends a Slack message *hello world form $name* when a pod resource with *$name* in the *spec* is created 

  • Sends a Slack message *things have changed, $name* when the above custom resource is modified

  • Sends a Slack message *goodbye world from $name* when the above custom resource is deleted

You may use any language and/or toolset to achieve the above as long as they are freely available.

 

Acceptance criteria

  • Your code is clean and readable

  • You have a *README.md* that explains how to use your operator

  • You provide deployment instructions (ideally manifests or a Helm chart to deploy your operator to a cluster)

  • Provide some rationale for your design choices (I used *$language* because…, I used *$library* because…, etc. )

 

Assumptions

  • Can use any open-source tools/language to solve problem

  • Create extra code if needed like infra (terraform, scripts) etc in same repo

  • Choose simple applications from internet e.g. nginx, httpd

 

Bonus

  • Deployment container is scanned before getting deployed. If severity is high, pipeline should fail

  • Container in Pod, should not be running as root

Option 4

The Task Infrastructure as a code

Your task is to provide a git repository that will contain the code to build a Terraform code that does the following:

  • Create 2 EC2 Instances under Auto-Scaling-Group

  • Create a NLB

  • Create a Listner on Port 80 on NLB

  • Creates Target-Group to send all traffic to Port 31555

  • Target Type for Target-Group should be all instances under Auto-Scaling-Group created in step 1

  • Schedule Auto-Scaling-Group to be scale down all instances after 18 00 PM CET Mon-Fri

  • Schedule Auto-Scaling-Group to be scale up all instances after 8 AM CET

You may use any language and/or toolset to achieve the above as long as they are freely available. We prefer you write it in terraform.

 

Acceptance criteria

  • Your code is clean and readable

  • You have a *README.md* that explains how to use your code and decisions you made

  • You provide deployment instructions

  • Provide some rationale for your design choices (I used *$language* because…, I used *$library* because…etc. )

 

Assumptions

  • Can use any open-source tools/language to solve problem

  • Create extra code if needed like infra (scripts) etc in same repo

  • Choose simple applications from internet e.g. nginx, httpd

 

Bonus

  • Install nginx/httpd with userdata

  • When hit the NLB URL on port 80, it connects to EC2 and shows default nginx/httpd page

Option 5

The Task Infrastructure as a code

Your task is to provide a git repository that will contain the code to build a Terraform code that does the following:

  • Create 1 AWS KMS key with name

    • test-devops-kms-key-dev-eu-west-1

  • Create 1 dynamodb table with name

    • test-devops-dynamodb-dev-eu-west-1

  • Create 1 EC2 instance with name

    • test-devops-ec2-dev-eu-west-1

  • Create IAM Role with name

    • test-devops-role-dev-eu-west-1

  • Role should have a policy attached to it with following conditions

    • KMS Access with action decrypt, only to the ARN of KMS created above

    • DynamoDb Access with action GetRecords, GetItem, PutItem, only to the ARN of DynamoDB createdabove

  • Attach role to EC2 instance

You may use any language and/or toolset to achieve the above as long as they are freely available. We prefer you write it in terraform.

 

Acceptance criteria

  • Your code is clean and readable

  • You have a *README.md* that explains how to use your code and decisions you made

  • You provide deployment instructions

  • Provide some rationale for your design choices (I used *$language* because…, I used *$library* because…etc. )

 

Assumptions

  • Can use any open-source tools/language to solve problem

  • Create extra code if needed like infra (scripts) etc in same repo

  • Choose simple applications from internet e.g. nginx, httpd

 

Bonus

  • Extend code for nonprod/prod environments

  • All names of KMS Key/DynamoDB Tables/EC2/IAM Role should be dynamic

Hint: If you see the names of Resources, they have some pattern eg *COMMON NAME-RESOURCE TYPE-ENVIRONMENT-REGION*

DevOpsGroup s. r. o.
Tolstého 5, 811 06 Bratislava
IČO: 53080513
DIČ: 2121252485
VAT: SK2121252485