diff --git a/README.md b/README.md
index 23f51d072..6a0b10ebf 100644
--- a/README.md
+++ b/README.md
@@ -622,6 +622,14 @@ Throughput. To have good throughput, the upload stream should be routed to an un
Explain Spine & Leaf
+"Spine & Leaf" is a networking topology commonly used in data center environments to connect multiple switches and manage network traffic efficiently. It is also known as "spine-leaf" architecture or "leaf-spine" topology. This design provides high bandwidth, low latency, and scalability, making it ideal for modern data centers handling large volumes of data and traffic.
+
+Within a Spine & Leaf network there are two main tipology of switches:
+
+* Spine Switches: Spine switches are high-performance switches arranged in a spine layer. These switches act as the core of the network and are typically interconnected with each leaf switch. Each spine switch is connected to all the leaf switches in the data center.
+* Leaf Switches: Leaf switches are connected to end devices like servers, storage arrays, and other networking equipment. Each leaf switch is connected to every spine switch in the data center. This creates a non-blocking, full-mesh connectivity between leaf and spine switches, ensuring any leaf switch can communicate with any other leaf switch with maximum throughput.
+
+The Spine & Leaf architecture has become increasingly popular in data centers due to its ability to handle the demands of modern cloud computing, virtualization, and big data applications, providing a scalable, high-performance, and reliable network infrastructure
@@ -3307,7 +3315,9 @@ Bonus: extract the last word of each line
## System Design
-Explain what is a "Single point of failure"?
+Explain what a "single point of failure" is.
+A "single point of failure", in a system or organization, if it were to fail would cause the entire system to fail or significantly disrupt it's operation. In other words, it is a vulnerability where there
+is no backup in place to compensate for the failure.
@@ -3334,10 +3344,34 @@ In multi-CDN, content is distributed across multiple different CDNs, each might
Explain "3-Tier Architecture" (including pros and cons)
+A "3-Tier Architecture" is a pattern used in software development for designing and structuring applications. It divides the application into 3 interconnected layers: Presentation, Business logic and Data storage.
+PROS:
+* Scalability
+* Security
+* Reusability
+CONS:
+* Complexity
+* Performance overhead
+* Cost and development time
-Explain Mono-repo vs. Multi-repo. What are the cons and pros of each approach?
+Explain Mono-repo vs. Multi-repo.What are the cons and pros of each approach?
+In a Mono-repo, all the code for an organization is stored in a single,centralized repository.
+PROS (Mono-repo):
+* Unified tooling
+* Code Sharing
+CONS (Mono-repo):
+* Increased complexity
+* Slower cloning
+
+In a Multi-repo setup, each component is stored in it's own separate repository. Each repository has it's own version control history.
+PROS (Multi-repo):
+* Simpler to manage
+* Different teams and developers can work on different parts of the project independently, making parallel development easier.
+CONS (Multi-repo):
+* Code duplication
+* Integration challenges
@@ -3346,6 +3380,7 @@ In multi-CDN, content is distributed across multiple different CDNs, each might
* Not suitable for frequent code changes and the ability to deploy new features
* Not designed for today's infrastructure (like public clouds)
* Scaling a team to work monolithic architecture is more challenging
+* If a single component in this architecture fails, then the entire application fails.
@@ -3357,16 +3392,17 @@ In multi-CDN, content is distributed across multiple different CDNs, each might
What's a service mesh?
-
-[This article](https://www.redhat.com/en/topics/microservices/what-is-a-service-mesh) provides a great explanation.
+It is a layer that facilitates communication management and control between microservices in a containerized application. It handles tasks such as load balancing, encryption, and monitoring.
Explain "Loose Coupling"
+In "Loose Coupling", components of a system communicate with each other with a little understanding of each other's internal workings. This improves scalability and ease of modification in complex systems.
What is a message queue? When is it used?
+It is a communication mechanism used in distributed systems to enable asynchronous communication between different components. It is generally used when the systems use a microservices approach.
#### Scalability
diff --git a/certificates/aws-cloud-practitioner.md b/certificates/aws-cloud-practitioner.md
index 0347d3c04..b98bf253f 100644
--- a/certificates/aws-cloud-practitioner.md
+++ b/certificates/aws-cloud-practitioner.md
@@ -400,8 +400,8 @@ Learn more [here](https://aws.amazon.com/snowmobile)
What is IAM? What are some of its features?
+IAM stands for Identity and Access Management, and is used for managing users, groups, access policies & roles
Full explanation is [here](https://aws.amazon.com/iam)
-In short: it's used for managing users, groups, access policies & roles
@@ -570,7 +570,7 @@ Read more about it [here](https://aws.amazon.com/sns)
What is the shared responsibility model? What AWS is responsible for and what the user is responsible for based on the shared responsibility model?
-The shared responsibility model defines what the customer is responsible for and what AWS is responsible for.
+The shared responsibility model defines what the customer is responsible for and what AWS is responsible for. For example, AWS is responsible for security "of" the cloud, while the customer is responsible for security "in" the cloud.
More on the shared responsibility model [here](https://aws.amazon.com/compliance/shared-responsibility-model)
@@ -611,6 +611,8 @@ Learn more [here](https://aws.amazon.com/inspector)
What is AWS Guarduty?
+
+Guarduty is a threat detection service that monitors your AWS accounts to help detect and mitigate malicious activity
@@ -621,6 +623,8 @@ AWS definition: "AWS Shield is a managed Distributed Denial of Service (DDoS) pr
What is AWS WAF? Give an example of how it can used and describe what resources or services you can use it with
+
+An AWS Web Application Firewall (WAF) can filter out unwanted web traffic (bots), and protect against attacks like SQL injection and cross-site scripting. One service you could use it with would be Amazon CloudFront, a CDN service, to block attacks before they reach your origin servers
@@ -697,6 +701,11 @@ Learn more [here](https://aws.amazon.com/certificate-manager)
What is AWS RDS?
+
+Amazon Relational Database Service (RDS) is a service for setting up and managing resizable, cost-efficient relational databases
+resource
+
+Learn more [here](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html)
@@ -730,7 +739,7 @@ Learn more [here](https://aws.amazon.com/dynamodb/dax)
What is AWS Redshift and how is it different than RDS?
-cloud data warehouse
+AWS Redshift is a cloud data warehousing service that is geared towards handling massive amounts of data (think petabytes) and being able to execute complex queries. In contrast, Amazon RDS is best suited for things like web applications requiring simple queries with more frequent transactions, and on a smaller scale.
@@ -815,7 +824,7 @@ CloudFormation
Which service would you use for building a website or web application?
-Lightsail
+Lightsail or Elastic Beanstalk
diff --git a/topics/ansible/README.md b/topics/ansible/README.md
index 0a0e51e26..e8f85ef86 100644
--- a/topics/ansible/README.md
+++ b/topics/ansible/README.md
@@ -509,6 +509,9 @@ If your group has 8 hosts. It will run the whole play on 4 hosts and then the sa
What is Molecule? How does it works?
+
+It's used to rapidy develop and test Ansbile roles. Molecule can be used to test Ansible roles against a varaitey of Linux Distros at the same time. This testing ability helps instill confidence of the automation today and as time go on while a role is maintined.
+
@@ -529,4 +532,4 @@ If your group has 8 hosts. It will run the whole play on 4 hosts and then the sa
What are collections in Ansible?
-
\ No newline at end of file
+
diff --git a/topics/aws/exercises/create_user/solution.md b/topics/aws/exercises/create_user/solution.md
index 34958af63..8b81c8d53 100644
--- a/topics/aws/exercises/create_user/solution.md
+++ b/topics/aws/exercises/create_user/solution.md
@@ -23,3 +23,37 @@ As you probably know at this point, it's not recommended to work with the root a
10. Click on "Next: Tags"
11. Add a tag with the key `Role` and the value `DevOps`
12. Click on "Review" and then create on "Create user"
+
+13. ### Solution using Terraform
+
+```
+
+resource "aws_iam_group_membership" "team" {
+ name = "tf-testing-group-membership"
+
+ users = [
+ aws_iam_user.newuser.name,
+
+ ]
+
+ group = aws_iam_group.admin.name
+}
+
+resource "aws_iam_group_policy_attachment" "test-attach" {
+ group = aws_iam_group.admin.name
+ policy_arn = "arn:aws:iam::aws:policy/AdministratorAccess"
+}
+resource "aws_iam_group" "admin" {
+ name = "admin"
+}
+
+resource "aws_iam_user" "newuser" {
+ name = "newuser"
+ path = "/system/"
+
+ tags = {
+ Role = "DevOps"
+ }
+}
+```
+
diff --git a/topics/aws/exercises/password_policy_and_mfa/solution.md b/topics/aws/exercises/password_policy_and_mfa/solution.md
index 41ac52da3..84585c1bf 100644
--- a/topics/aws/exercises/password_policy_and_mfa/solution.md
+++ b/topics/aws/exercises/password_policy_and_mfa/solution.md
@@ -30,3 +30,17 @@ MFA:
3. Expand "Multi-factor authentication (MFA)" and click on "Activate MFA"
4. Choose one of the devices
5. Follow the instructions to set it up and click on "Assign MFA"
+
+6. ### Solution using Terraform:
+
+```
+resource "aws_iam_account_password_policy" "strict" {
+ minimum_password_length = 8
+ require_numbers = true
+ allow_users_to_change_password = true
+ password_reuse_prevention = 1
+}
+```
+
+ **Note:** You cannot add MFA through terraform, you have to do it in the GUI.
+
diff --git a/topics/azure/README.md b/topics/azure/README.md
index 27215cce8..e2715873a 100644
--- a/topics/azure/README.md
+++ b/topics/azure/README.md
@@ -152,6 +152,8 @@ An Azure region is a set of datacenters deployed within an interval-defined and
What is the N-tier architecture?
+
+N-tier architecture divides an application into logical layers and physical tiers. Each layer has a specific responsibility. Tiers are physically separated, running on separate machines. An N-tier application can have a closed layer architecture or an open layer architecture. N-tier architectures are typically implemented as infrastructure-as-service (IaaS) applications, with each tier running on a separate set of VMs
### Storage
diff --git a/topics/databases/README.md b/topics/databases/README.md
index db5f679ce..e2ed2b533 100644
--- a/topics/databases/README.md
+++ b/topics/databases/README.md
@@ -20,7 +20,7 @@
Relational (SQL)
NoSQL
-Time serties
+Time series
### SQL
@@ -188,4 +188,4 @@ A database designed specifically for time series based data.
It comes with multiple optimizations:
: complete this :)
-
\ No newline at end of file
+
diff --git a/topics/kafka/README.md b/topics/kafka/README.md
index 719801eea..70e16a0fd 100644
--- a/topics/kafka/README.md
+++ b/topics/kafka/README.md
@@ -44,3 +44,23 @@ An application that publishes data to the Kafka cluster.
- Broker: a server with kafka process running on it. Such server has local storage. In a single Kafka clusters there are usually multiple brokers.
+
+
+ What is the role of ZooKeeper is Kafka?
+In Kafka, Zookeeper is a centralized controller that manages metadata for producers, brokers, and consumers.
+Zookeeper also:
+
+ - Tracks which brokers are part of the Kafka cluster
+ -
+Determines which broker is the leader of a given partition and topic
+
+ -
+Performs leader elections
+
+ -
+Manages cluster membership of brokers
+
+
+
+
+
diff --git a/topics/kubernetes/CKA.md b/topics/kubernetes/CKA.md
index d83554114..a00c37af0 100644
--- a/topics/kubernetes/CKA.md
+++ b/topics/kubernetes/CKA.md
@@ -22,7 +22,7 @@
## Setup
-* Set up Kubernetes cluster. Use on of the following
+* Set up Kubernetes cluster. Use one of the following
1. Minikube for local free & simple cluster
2. Managed Cluster (EKS, GKE, AKS)
@@ -54,7 +54,7 @@ Note: create an alias (`alias k=kubectl`) and get used to `k get po`
-Assuming you have a Pod called "nginx-test", how to remove it?
+Assuming that you have a Pod called "nginx-test", how to remove it?
`k delete nginx-test`
@@ -107,7 +107,7 @@ If you ask yourself how would I remember writing all of that? no worries, you ca
How to test a manifest is valid?
-with `--dry-run` flag which will not actually create it, but it will test it and you can find this way any syntax issues.
+with `--dry-run` flag which will not actually create it, but it will test it and you can find this way, any syntax issues.
`k create -f YAML_FILE --dry-run`
@@ -158,7 +158,11 @@ To count them: `k get po -l env=prod --no-headers | wc -l`
First change to the directory tracked by kubelet for creating static pod: `cd /etc/kubernetes/manifests` (you can verify path by reading kubelet conf file)
Now create the definition/manifest in that directory
+
+`k run some-pod --image=python --command sleep 2017 --restart=Never --dry-run=client -o yaml > status-pod.yaml`
+=======
`k run some-pod --image=python --command sleep 2017 --restart=Never --dry-run=client -o yaml > static-pod.yaml`
+
diff --git a/topics/kubernetes/README.md b/topics/kubernetes/README.md
index 6c4ae039b..982a13f8b 100644
--- a/topics/kubernetes/README.md
+++ b/topics/kubernetes/README.md
@@ -314,6 +314,7 @@ Outputs the status of each of the control plane components.
What happens to running pods if if you stop Kubelet on the worker nodes?
+When you stop the kubelet service on a worker node, it will no longer be able to communicate with the Kubernetes API server. As a result, the node will be marked as NotReady and the pods running on that node will be marked as Unknown. The Kubernetes control plane will then attempt to reschedule the pods to other available nodes in the cluster.
#### Nodes Commands
@@ -736,21 +737,29 @@ A Deployment is a declarative statement for the desired state for Pods and Repli
How to create a deployment with the image "nginx:alpine"?
-`kubectl create deployment my_first_deployment --image=nginx:alpine`
+`kubectl create deployment my-first-deployment --image=nginx:alpine`
OR
```
cat << EOF | kubectl create -f -
-apiVersion: v1
-kind: Pod
+apiVersion: apps/v1
+kind: Deployment
metadata:
name: nginx
spec:
- containers:
- - name: nginx
- image: nginx:alpine
-EOF
+ replicas: 1
+ selector:
+ matchLabels:
+ app: nginx
+ template:
+ metadata:
+ labels:
+ app: nginx
+ spec:
+ containers:
+ - name: nginx
+ image: nginx:alpine
```
diff --git a/topics/kubernetes/solutions/killing_containers.md b/topics/kubernetes/solutions/killing_containers.md
index d1b8908f7..de08581f8 100644
--- a/topics/kubernetes/solutions/killing_containers.md
+++ b/topics/kubernetes/solutions/killing_containers.md
@@ -9,4 +9,5 @@
## After you complete the exercise
-* Why did the "RESTARTS" count raised? - `because we killed the process and Kubernetes identified the container isn't running properly so it performed restart to the Pod`
+
+* Why did the "RESTARTS" count raised? - `Kubernetes restarted the Pod because we killed the process and the container was not running properly.`
\ No newline at end of file
diff --git a/topics/linux/exercises/copy/solution.md b/topics/linux/exercises/copy/solution.md
index c9d2b8c02..da3592686 100644
--- a/topics/linux/exercises/copy/solution.md
+++ b/topics/linux/exercises/copy/solution.md
@@ -17,9 +17,8 @@ touch /tmp/x
cp x ~/
cp x y
mkdir files
-cp x files
-cp y files
+mv x files | mv y files
cp -r files copy_of_files
mv copy_of_files files2
rm -rf files files2
-```
\ No newline at end of file
+```
diff --git a/topics/linux/exercises/create_remove/README.md b/topics/linux/exercises/create_remove/README.md
index ceffd33ec..c07d94ed4 100644
--- a/topics/linux/exercises/create_remove/README.md
+++ b/topics/linux/exercises/create_remove/README.md
@@ -5,10 +5,10 @@
1. Create a file called `x`
2. Create a directory called `content`
3. Move `x` file to the `content` directory
-4. Create a file insidethe `content` directory called `y`
+4. Create a file inside the `content` directory called `y`
5. Create the following directory structure in `content` directory: `dir1/dir2/dir3`
6. Remove the content directory
## Solution
-Click [here](solution.md) to view the solution.
\ No newline at end of file
+Click [here](solution.md) to view the solution.
diff --git a/topics/linux/exercises/create_remove/solution.md b/topics/linux/exercises/create_remove/solution.md
index 1cd8a58a5..1019727bf 100644
--- a/topics/linux/exercises/create_remove/solution.md
+++ b/topics/linux/exercises/create_remove/solution.md
@@ -5,7 +5,7 @@
1. Create a file called `x`
2. Create a directory called `content`
3. Move `x` file to the `content` directory
-4. Create a file insidethe `content` directory called `y`
+4. Create a file inside the `content` directory called `y`
5. Create the following directory structure in `content` directory: `dir1/dir2/dir3`
6. Remove the content directory
@@ -18,4 +18,4 @@ mv x content
touch content/y
mkdir -p content/dir1/dir2/dir3
rm -rf content
-```
\ No newline at end of file
+```
diff --git a/topics/shell/argument_check.md b/topics/shell/argument_check.md
index 73ddd12a2..134b9894e 100644
--- a/topics/shell/argument_check.md
+++ b/topics/shell/argument_check.md
@@ -6,18 +6,4 @@ Note: assume the script is executed with an argument
1. Write a script that will check if a given argument is the string "pizza"
1. If it's the string "pizza" print "with pineapple?"
- 2. If it's not the string "pizza" print "I want pizza!"
-
-### Solution
-
-```
-/usr/bin/env bash
-
-arg_value=${1:-default}
-
-if [ $arg_value = "pizza" ]; then
- echo "with pineapple?"
-else
- echo "I want pizza!"
-fi
-```
+ 2. If it's not the string "pizza" print "I want pizza!"
\ No newline at end of file
diff --git a/topics/sre/README.md b/topics/sre/README.md
index 305664090..2f7b5d59f 100644
--- a/topics/sre/README.md
+++ b/topics/sre/README.md
@@ -3,9 +3,71 @@
## SRE Questions
-What is SLO (service-level objective)?
-
+What is an SLI (Service-Level Indicator)?
+
+An SLI is a measurement used to assess the actual performance or reliability of a service. It serves as the basis for defining SLOs.
+
+Examples:
+- Request latency
+- Processing throughput
+- Request failures per unit of time
+
+Read more: [Google SRE Handbook](https://sre.google/sre-book/table-of-contents/)
+
+
+
+
+What is an SLO (Service-Level Objective)?
+
+
+An SLO is a target value or range of values for a service level that is measured by an SLI
+
+Example: 99% across 30 days for a specific collection of SLIs.
+
+It's also worthy to note that the SLO also serves as a lower bound, indicating that there is no requirement to be more reliable than necessary because doing so can delay the rollout of new features.
+
+Read more: [Google SRE Handbook](https://sre.google/sre-book/table-of-contents/)
+
+
+
+
+What is an SLA (Service-Level Agreement)?
+
+
+AN SLA is a formal agreement between a service provider and customers, specifying the expected service quality and consequences for not meeting it.
+
+SRE doesn't typically get involved in constructing SLAs, because SLAs are closely tied to business and product decisions
+
+Read more: [Google SRE Handbook](https://sre.google/sre-book/table-of-contents/)
+
+
+
+
+What is an Error Budget?
+
+
+An Error Budget represents the acceptable amount of downtime or errors a service can experience while still meeting its SLO.
+
+An error budget is 1 minus the SLO of the service. A 99.9% SLO service has a 0.1% error budget.
+
+If our service receives 1,000,000 requests in four weeks, a 99.9% availability SLO gives us a budget of 1,000 errors over that period.
+
+The error budget is a mechanism for balancing innovation and stability. If the SRE cannot enforce the error budget, the whole system breaks down.
+
+Read more: [Google SRE Handbook](https://sre.google/sre-book/table-of-contents/)
+
+
-What is SLA (service-level agreement)?
-
+What is Toil?
+
+
+Toil is the kind of work that tends to be manual, repetitive, automatable, tactical, devoid of enduring value, and that scales linearly as a service grows.
+
+If you can be automate a task, you should probably automate the task.
+
+Automation significantly reduces Toil. Investing in automation results in valuable work with lasting impact, offering scalability potential with minimal adjustments as your system expands.
+
+Read more: [Google SRE Handbook](https://sre.google/sre-book/table-of-contents/)
+
+
\ No newline at end of file
diff --git a/topics/terraform/README.md b/topics/terraform/README.md
index 38c9bd674..1f01fd5bd 100644
--- a/topics/terraform/README.md
+++ b/topics/terraform/README.md
@@ -359,7 +359,7 @@ False. You can specify any provider from any URL, not only those from hashicorp.
#### Input Variables
-What input variables are good for in Terraform?
+What are input variables good for in Terraform?
Variables allow you define piece of data in one location instead of repeating the hardcoded value of it in multiple different locations. Then when you need to modify the variable's value, you do it in one location instead of changing each one of the hardcoded values.
@@ -1874,4 +1874,4 @@ If it's a matter of changing a resource name, you could make use of `terraform s
Use the meta-argument `depends_on` in the app resource definition. This way the app will depend on the cluster resource and order will be maintained in creation of the resources.
-
\ No newline at end of file
+