How could I forget using S3 as a web server for static content? (With client-side javascript libraries and lambdas that means you can often create "serverless" websites.) Candidates shouldn't need to know the details but should know that S3 is an alternative to apache and nginx, and they should know that you can configure S3 so it sends an alert when a file is deleted and that means you can use cheaper 'spot instances' for scalability using cheaper spot instances. For instance you may have full-resolution video on permanent S3 and video in different formats on spot storage. When the latter file is deleted it automatically triggers a process that will recreate it. This is usually finished by the time a user requests a copy of the file, esp. if you are also using a caching layer.
Candidates shouldn't need to know the details of how to do this but they should understand that a request for a "web server" might be satisfied by S3 and a lighter EC2 instance instead of a more expensive EBS and a heftier EC2 instance running the web server that provides the same static content. Or that if devs use S3 storage they may also may also need SNS (iirc) so they can receive notifications. SNS means knowing that the could be linked to other messaging tools, e.g., SQS that acts as a JMS server. It sounds like I'm arguing for a cloud-specific LPIC-2 but people still need to be able to set up most (not all) conventional servers as well. That's especially true with privacy laws that have a consequence of encouraging hybrid solutions where sensitive information is stored in a small data center the company controls while the public access is entirely done in a scalable public cloud. No unencrypted sensitive information would ever be on the public cloud, not even only in memory. Someone in that situation needs to know the costs and benefits of both S3 and apache/nginx, of RDS and their own oracle/mssql/mysql/postgresql server, etc. Bear On Mon, Nov 19, 2018 at 8:01 AM Bear Giles <[email protected]> wrote: > After thinking about it a bit more I think my thoughts are more along the > lines of recognizing a need for a split between a traditional sysadmin role > and a devops role. What do you wish developers knew when they asked for > resources? What would you require them to know before they have access to > production servers? (I agree that's contrary to best practices but some > definitions of 'devops' go that far.) What about ad hoc infrastructure, > e.g., what would expect developers to know before they start creating > running their own docker images on a k8s cluster? > > I'm in an unusual, but not unheard of, position since we have a stable ops > environment but our product requires us to support an incredible variety of > servers/configurations. Many developers know how to create an instance on > EC2 and how to use yum to install the latest version of some server but I'm > currently on a joint team trying to figure out how we can offload a lot of > non-production work from the ops team without blowing up the budget or > destroying security. Ops simply doesn't have the bandwidth to understand > all of the different servers/versions we need to support. > > I also want to reiterate one point - the LPIC exam shouldn't cover the > same material as the AWS exams even though so many devops candidates will > be doing most if not all of their work in a cloud environment. However the > test should be aware of it, e.g., if you're in a traditional environment > you'll set up postfix so your server can forward local email into your > corporate email. If you're in a cloud you'll probably use SES for the same > purpose. Why would you want to have to maintain an additional server if > you're only using it as a relay? Every server you run on your EC2 instances > increase the risk surface for a compromise. Likewise OpenLDAP should > mention that it can be backed by a relational database even if no details > are required. In a traditional environment you'll set up a database > somewhere, in the cloud you might decide it's better to use RDS. I think > AWS also offers AD. > > A sample question could be: > > Which server/service can be used to send email (Choose two) > - postfix > - postgres > - SMS > - SES > - RDS > > but that can be a little tricky since someone familiar with AWS will know > that you can easily set up pipelines between different services directly or > with simple lambdas. That means the client may post to a JMS topic and it > magically transform into outbound email. That means that 'SES' (simple > email service) is the correct answer but 'SMS' (simple messaging service, > iirc), 'SNS' (simple notification service), and possibly even SQS (simple > queuing service) would have to be an acceptable answer if the person is > knowledgeable. > > BTW AWS services aren't limited to the cloud. It's easy to set up desktops > to use AWS to send email, to use as the database, etc. You could use the > AWS gateway so the services are transparently visible on your VPN or just > use secure protocols. (E.g., access SES via SMTPS.) For some small- and > medium-sized businesses it may be more cost-effective to do this than to > maintain their own servers. > > Bear >
_______________________________________________ lpi-examdev mailing list [email protected] http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
