Google Cloud Resume Challenge
Serverless Website deployment using Infrastrucure as Code and automated with a CI/CD Pipeline
How did it all start?
It all started after I passed my certification. I thought to myself, this is it, you've achieved your first short term goal of getting into the Cloud world, something you've been studying tirelessly for in recent months. But I must admit I thought that once certified the offers would fall left and right. Haha !!! it's not the case and it wasn't going to happen, we can't make you an offer like that just because you are certified inh, Certified people, we can find all over the place lately. Certification at best is just the key to open the door of Cloud house ๐, it just offers the opportunity to be consulted, to have a little bit of visibility or I would say consideration. But to get a job (like settling down in the Cloud house ๐), to get offers as I thought, you have to justify your know-how and your knowledge in the Cloud by practical, relevant and convincing experiences. And I can see from afar this question that we juniors often ask ourselves "How can we get experience if we are not given the opportunity to join a company where we can develop these experiences? ๐ค" Honestly (at least for the IT world) we can do without it, we can justify our skills, our experiences, our knowledge by projects, challenges, that make us go through the pitfalls, the mistakes, the solutions, the obstacles, the dark days, the light that make us build and help us to polish a profile well adapted and that constitutes a solution to the needs and problems of companies. It is with this in mind that after watching a video of Forrest Brazeal, I came across the Cloud Resume Challenge.
What is The Cloud Resume Challenge ?
The Cloud Resume Challenge is a hands-on project designed to help bridge the gap from Cloud certification to Cloud job. It incorporates many of the skills that real Cloud and DevOps engineers use in their daily work. The Cloud Resume Challenge is a multiple-step (It's roughly 16 steps) resume project, from the creation of a website to the implementation of a CI/CD pipeline, which helps build and demonstrate skills fundamental to pursuing a career as a Cloud Engineer.
Certification
The first step of the challenge is to get a Cloud certification of beginner or associate level. I don't think it's an obligation, but from my personal point of view I strongly recommend it, especially when you are a beginner or if you have a non-technical background. it will allow you to acquire and validate the fundamentals that you need to pursue a career in the cloud. For me, I had to pass the associate level certification of Google Cloud, the Google Cloud Associate Cloud engineer thanks to the Google Africa Developer ScholarshipGADS 2021 program
The architecture
Website
Setup
To go fast and get to the heart of things, I didn't have to write HTML files from scratch, I rather took a free template that I modified and adapted to my needs with the little and old knowledge I have in HTML and CSS. Once the website files are ready, it must be hosted, right? Since the challenge is based on a serverless spirit, the site is not hosted on a server but on the Object storage service of Google Cloud. By uploading website contents as files to Cloud Storage, we can host static websites on buckets. See how to do it.
Make the site accessible via a domain name and secure it
Usually to make a site accessible via a domain name, you must map the IP address of the server hosting the site to a domain name. But in our case there is no server in play that has an IP address, what can I do? Fortunately we have the managed HTTP Load Balancer on Google Cloud which can allow us to set up a LoadBalancer with a public IP address and point this address to a Bucket that hosts a static site. This solves the problem of IP address, we now have an IP address to access our website, we can now link a domain name to this IP address and access our website as usual. But with only that, the site is only accessible in HTTP, for more security the site must use HTTPS, again thanks to Google Cloud's LB we can set this up, without too much trouble, Google Cloud's HTTPS LB has an option for automatic management of SSL certificates that can be activated during the implementation of the LB.
But in a corporate environment it is better that the certificates are managed and controlled by you For the domain name I used Namecheap, however you can use Cloud DNS from Google Cloud to do this
Website visitors count
This part of the challenge consists in having the number of visitors who have visited the site. For this I wrote a JavaScript code in addition to the website files on one side, and on the other side a function in python which is hosted on Google Cloud Function. The purpose of the javascript is to call the execution of the python function which in turn is executed, calculates and stores the result in the Document NoSQL database, Firestore and returns the total number of visitors in Json format to the JS code which is responsible for displaying it on the site, This operation is done each time there is a visit to the page. The python function in this case serves as an API to avoid having the JS code communicate directly with the database
Test
To ensure that the python code works as it should and returns the expected result, it was necessary to write python a test using the unittest module provided by the Python standard library which help write and run tests for Python code. Since the JS code needs to get the data concerning the number of visitors in json format, the python test here verifies if the data returned by the function are indeed in json format
Well I think we can take a coffee break โ
So far everything that has been done has been manually clicking around in the Google Cloud console. In the following stages, the methods and techniques used by DevOps Engineers will intervene, in particular Infrastructure as Code, GitOps and the CI/CD (I admit it's not that hard in this challenge but it's the same operating mode)
Infrastructure as Code
Here I discovered a rather brilliant thing. Before telling you, know that it is planned here to define resources in a Terraform template and deploy them using the Terraform CLI. But instead of getting into another hassle of rewriting everything I've done so far in Terraform, testing it, destroying it, aligning it to what exists and all that, I discovered a Google Cloud tool that I can use to generate Terraform code for resources in a project, folder, or organization.
The gcloud beta resource-config bulk-export --resource-format=Terraform
command exports resources currently configured in the project, folder, or organization and prints them to the screen in HCL code format.
(Of course that's what I did)
So what's left for me to do is manage these Terraform templates with a source control system, so I can integrate it into the pipeline later. aSo what's left for me to do is manage those templates with Github, so I can integrate it into the pipeline later. and when I need to make changes to my Cloud resources , I just have to adjust a few lines and that's it.
But I point out, before using this tool, it is necessary to already have Terraform bases. Here's a great guide to getting started
CI/CD
To setup the CI/CD pipeline or I would rather say the pipelines, since there are two, one for the frontend and another for the backend. I created a Github repository for the frontend (i.e. the website files), and thanks to Cloud Build I automate the update of the website which is triggered each time I make a push. On the other side for the Backend (i.e. the infrastructure resources that are defined in a Terraform template), I also created a Github repo for this purpose. So when I make changes to .tf files my Cloud resources are automatically updated, whether it's deletion, change or addition, all of this is done automatically without any intervention on my part.
In the end ...
Well, that's an overview of how I managed to complete this challenge, which by the way is very rewarding, allowed me to learn and discover really useful things, to identify my weaknesses and how to strengthen them and above all has allowed me to have relevant experience in the cloud. and I don't intend to stop there ๐ Of course some of the steps were not fun, but thanks to the help of some of my SWE connections, in particular Vincent Bakpatina, Corneille ALLOGBALO, Abdel-Khafid ATOKOU and Samtou Assekouda I was able to overcome.
Here are some useful resources ๐๐พ
Here is my Github repo for the frontend, concerning the backend, since it contains some sensitive information I have not made it public
Host a static website on Google Cloud Storage Functions Framework for Python Automated static website publishing with Cloud Build Invalidate cached content Managing infrastructure as code with Terraform, Cloud Build, and GitOps Export your Google Cloud resources into Terraform format