What You Should Know Before Starting Google Certification

Photo by Jess Bailey on Unsplash

So you’ve figured out which certification to pursue, but you’re still inspecting what the prerequisites are before jumping into the cloud. No worries, we have specially curated all the essential components required to build a strong foundation in Google Cloud.

Linux

Just like macOS and windows, Linux is also a type of operating system. Linux is built on UNIX (the origin of nearly all operating systems).

Google Cloud Certification Bootcamp

Earn Associate Cloud Engineer and Professional Architect certifications at the same time—and get 2 hours of 1:1 coaching with a GCP expert.

See details

The most powerful application of Linux is the terminal; below you’ll find the common commands of the terminal that you will frequently be applying in Google Cloud.

  1. ping - check the connectivity of a specific IP address
  2. curl - transfer data to/from the server
  3. mkdir - create an empty directory
  4. cd - change the directory to a specific location
  5. nano - text editor pre-installed in Linux OS, used to edit your files
  6. vim - another text editor pre-installed in Linux OS, used to edit your files
  7. touch - create an empty file with any name and extension
  8. cat - display the contents of a specific file
  9. ls - list all the files in a given directory
  10. pwd - display your current working directory in the directory ecosystem (in the Linux OS, storage is segmented in the form of directories)

 

Linux File System

Data needs to be stored somewhere! Just like Windows has disk volumes/partitions like E: or C:, Linux has a distinguishing file system in which every data is treated as a file. The Linux file system has a hierarchical file structure. It contains a root directory and subdirectories.

  1. / - root parent directory; every directory can be found here
  2. bin - contains all the binary files along with the common commands used by the users
  3. lib - comprises all the kernel modules
  4. etc - contains all the configuration files; for example, you can find the routing table here
  5. var -it stores all the log files or the files which are expected to grow in size

 

   

Networking            

Google Cloud offers a broad portfolio of networking services that are extremely scalable, available, and most importantly built on top of Google’s internal networking backbone, thus providing the most efficient solutions out in the market. One of the most critical elements in every type of communication is networking. Without strong fundamentals in networking, one cannot create reliable, scalable, and cost-effective solutions.

Let's have a look at some necessary components of networking:

  1. HTTP: The entire internet is based on the client-server architecture. The messages sent by the client, usually a web browser, are called requests, and the messages sent by the server as an answer are known as responses. HTTP is the protocol that defines how data is transmitted over the internet and determines how web servers and browsers should respond to the request. In more basic terms, HTTP is a protocol used for fetching resources such as HTML documents.
  2. Transmission Control Protocol (TCP) vs User Datagram Protocol (UDP): TCP is a transport layer protocol. It provides reliable and error-free communication between end systems. The main characteristic of TCP is that it is a connection-oriented protocol, i.e. before any data transfer can take place, there is a need to make a connection between the systems. The main advantages of TCP revolve around secure communication, as it involves a 3-way handshake, provides sequencing of data packets, and extensive error checking.  The only disadvantage is that it requires a lot of overhead to maintain the connection. UDP is also a transport layer protocol but is connection-less. As it doesn't require any connection, it doesn't provide all the features of TCP like reliability and sequencing. It has the advantage of being very cost-effective and easy to maintain.

Protocols: Protocols are just the set of rules defined by organizations such as ISO. Our whole internet is based on the TCP/IP suite, which is 5 layers. In the transport layer (2nd layer of the TCP/IP model) we need a protocol to transfer our communication to the network layer. Though there are protocols at all layers, for the sake of simplicity, we will learn more about the TCP and UDP protocols which are used more frequently.

  1. Ports: Most people assume ports are physical objects, but in reality, ports are software-defined numbers associated with a specific protocol. In order for a successful transfer of data, we need to define the correct port and protocol. Some commonly used ports are 80 for HTTP, 443 for HTTPS, and 25 for SMTP.
  2. Networks: Iin very basic terminology, networks can be thought of as a house. Just like a house acts as an abstraction for the rooms inside it, networks in cloud computing provide isolation to the internal resources. One network is totally unknown/isolated from the other. In Google Cloud, networks are referred to as Virtual Private Cloud (VPC). In order to create  a VPC, you need a unique name and the subnet configuration (another abstraction inside the VPC).
  3. Firewalls: Coming back to our house illustration, just as the boundaries of a house ensure security from intruders, similarly a firewall in Google Cloud provides security to a VPC from unrecognized traffic. To create a firewall rule, you must have a VPC, direction of traffic (ingress/egress), actions on match (allow/deny), targets (all instances in a network, specified target tags, specified service account), ports, and protocols.
  4. RFC1918: A few decades ago, Internet Protocol version 4 (IPv4) was running out of usable IP addresses. In response to this, 3 CIDR blocks of IP addresses were designated as addresses meant only for internal use, meaning that organizations were authorized to use the ranges within their own isolated networks. These 3 blocks of IP addresses are what is known as RFC1918. In Google Cloud, only 3 services support RFC1918, those being direct interconnect, partner interconnect, and VPN (Classic and HA). The 3 reserved CIDR blocks are as mentioned below.
    • 10.0.0.0 – 10.255.255.255 
    • 172.16.0.0 – 172.31.255.255 
    • 192.168.0.0 – 192.168.255.255 

 


Compute        

When we hear the term “compute”, we generally assume that whatever we’re talking about is going to be related to computers. However, this term is actually referring to some sort of computational power accompanied by some memory. Compute Engine is the very core of 90% of operations performed in Google Cloud. Some common computing services in Google Cloud are explained below:

  1. Compute Engine:  In Google Cloud, the most basic form of computing is Compute Engine. Many services like GKE Google Kubernetes Engine (GKE) use Google Compute Engine under the hood. In simpler words, Compute Engine is nothing but Virtual Machines deployed on Google Cloud with a pay-as-you-go model with no upfront payment  needed to use the machines (unlike traditional computational services).

You can refer to Google Cloud Official Documentation for more information on Google Compute Engine.

  1. Google Kubernetes Engine: This is one of the most advanced Cloud-based Kubernetes Engines. It currently supports the best service that deploys N number of containers by using multi-dimensional scaling to deploy packages at very minimal cost and time. It works very similarly to Kubernetes, the main difference being that the master node is handled by Google Cloud’s backend logic. You just have to focus on your code/deployment rather than managing the infrastructure and the configuration, which GKE will do for you.

You can refer to Google Cloud Official Documentation for more information on Google Kubernetes Engine.

 

      

Serverless          

Let’s break down the word serverless: server + less = no servers…. Does this make sense? Actually, yes! With serverless computing, there are servers/computational powers involved, you just are not liable to manage them. It’s the duty of the Cloud Provider to maintain the infrastructure as you configured; your role is limited to just deploying the workload.

Google Cloud provides 3 options for serverless Cloud Functions (gen1 and gen2), Cloud Run, and App Engine.

 

 

Autoscaling   

This is a service offered by all Cloud Vendors, in which you can increase the number of resources (compute/memory) as per the defined criteria. The criteria can be anything, including CPU utilization, memory consumption, or custom-created criteria.

In Google Cloud, the best inclusion of autoscaling is with the Managed Instance Groups (MIGs), which scale-in or scale-out based on the defined criteria.

Furthermore, the real function of MIGs is experienced when integrated with Cloud Load Balancer.

 

IAM 

IAM is the acronym for Identity and Access Management. For accessing any resource on the internet/cloud, you need to work with 2 concepts: authentication and authorization.

Authentication verifies the identity of a user or service, and authorization determines their access rights. In Google Cloud, you manage access control by defining WHO (identity) has WHAT access (role) for WHICH resource.

There are 3 elements of IAM: principal, roles, and policy binding.

  1. A principal is the "WHO" in the authentication process. It can be a Google account, a Google group, a service account, a Google workspace account, or a Cloud Identity domain that can access a resource.
  2. A role is "WHAT" in the authentication process. In basic terminology, it is the collection of permissions that a user is allowed to perform. Roles are broadly classified into basic, pre-defined, and custom.
  3. The policy is the bond between the principal and the role. It binds one or more roles to a principal.

You can refer to Google Cloud Official Documentation to learn more about Identity and Access Management.

 

Service Accounts

Service accounts are meant for non-human interaction workloads, for when you do not want to expose your true identity, or for when there are some sort of dependencies between the services.

In Google Cloud, the most common use case of a service account is when Google Kubernetes Engine (GKE) uses Google Compute Engine (GCE) internally. We create a cluster and nodes get created automatically, but under the hood, a service account is used to create the specified number of Compute Engine instances and are linked to the cluster.

We have created a service account but now how do we access it? Using a password? But we didn’t define it… For service accounts we use keys. Keys are encrypted passwords with infinite life. Any user who has access to these key materials has full access to resources to which the service account is linked. Keys are generally generated using the RSA algorithm during the creation of the service account key; the public portion is stored on Google Cloud, while the private portion is available only to you. In Google Cloud, there are 2 types of service accounts: client managed and Google managed

You can refer to Google Cloud Official Documentation to learn more about service accounts.

 

   

Kubernetes and Docker:

As a Cloud Engineer, you are expected to have strong expertise in Docker and Kubernetes. Before diving into Google Cloud, let’s have a high-level overview of the technology and terms involved:

  1. Docker: With the rise of microservice architecture, each service of an application can be built completely independently. Docker is the tool used to build images for particular modules/services.
  2. Kubernetes: Often referred to as k8s, Kubernetes is a production grade container orchestration tool open-sourced by Google to run containers and handle microservices in a more efficient manner.
  3. Cluster: This is an umbrella term used to describe all the components of a cluster.
  4. Master Node: Also known as the control plane, it is responsible for maintaining the state of your cluster. When you perform some operations, every command is first pointed to the master node.
  5. Worker Node: Often referred to as just nodes, these are the computing resources that a cluster uses to get the work/job done, for example, interacting with Docker daemon to launch the containers.

Components of Kubernetes:

  1. kube-apiserver: This is the heart of Kubernetes; more precisely, it is a REST API that exposes all the k8s features to the other components. In basic terms, it is the single entry point for all the operations in a cluster.
  2. kube-scheduler: This component is responsible for electing a worker node out of the available nodes in the cluster.
  3. etcd: This is a no-SQL database maintained by k8s. It is composed of all the entries of the operations performed in the cluster. Furthermore, it is ephemeral storage i.e. if the cluster is rebooted, the content that is stored in the database will be lost.
  4. kube-controller-manager: This component is responsible for maintaining the actual state of the cluster with the desired state of the cluster.
  5. kubelet: This component is a part of all the worker nodes and is pre-installed on each one of them. It acts as a bridge between kube–apiServer and the Docker daemon.
  6. kubectl: This is an HTTP client that provides a human-recognizable set of commands, which are later converted into an API call and sent to the apiserver.

You can refer to Docker Official Documentation and Kubernetes Official Documentation for a better overview on the subject.

 

Billing  

Google Cloud comes with a free trial period, which provides up to $300 in services for 90 days per user, with access to 20+ essential products. Billing comes with 2 options:

  1. Self-serve billing/ Pay-as-you-go
  2. Monthly billing cycle/Invoiced billing

Google Cloud also provides discounts based on your requirements:

  1. Committed Use Discounts: These types of discounts are charged when you commit to Google Cloud that you will be using specific hardware or software for a particular duration. These discounts are really huge.
  2. Sustained Use Discounts: These types of discounts are charged when you use X% of resources in a billing cycle. Whenever you use an applicable resource for more than a fourth of a billing month, you automatically receive a discount for every incremental hour that you continue to use that resource.

For accurate pricing and estimates, you can use Google Cloud Pricing Calculator.

 


Storage:

Data data data! Every company is rushing for the data …. But where do they store it?? Google Cloud offers a variety of services for storing your valuable data:

  1. Structured: Structured data is the data that has some sort of schema (fixed key-value pairs) or has a well-defined structure. Usually, SQL is used for storing this form of data. It is generally tabular with columns and rows. The major use of structured data is OLTP (Online Transaction Processing), as it requires a high level of consistency since data is stored as index based.
  2. Semi-structured: Semi-structured data is data that does not have any fixed or rigid schema. As the data doesn't have a fixed schema, it cannot be stored in the form of rows and columns. Some examples are emails and TCP/IP packets. The advantage of using this type of data storage is that it doesn't require any specific language like MySQL, and the data stored is portable.
  3. Unstructured: Any form of data other than the above 2 types is categorized as unstructured data. Examples include pictures, text files, and videos. The only advantage of using this type is that it is highly portable and flexible. There is no need for the user to define any schema; everything will be stored as a blob.

You can use Google Cloud Storage for unstructured data.

Cloud Spanner, Cloud SQL is for structured data.

BigTable, Datastore is for semi-structured data.

 

You can refer to Google Cloud Official Documentation for a better overview on all the storage options provided by Google Cloud.

 

We are now well equipped with the desired skill set required before jumping into the Cloud. 

Since you are prepping for the certification, you must have figured out there are two beginner-friendly certifications in Google Cloud. Let's figure out the details of the certifications.


Cloud Digital Leader (CDL)

You can learn more about this certification from our previous blog post.

  • The length of the exam is 90 minutes.
  • The registration fee is $99 (plus tax where applicable).
  • To register for the exam, you need to create an account at Webassessor and book the exam at your convenience.
  • Languages supported for this exam are English, and Japanese.
  • The exam format is comprised of  multiple choice and multiple select questions.

 

Associate Cloud Engineer (ACE)

You can learn more about this certification from our previous blog.

  • The duration of the exam is 2 hours.
  • The registration fee for ACE is $125 (plus tax where applicable).
  • To register for the exam, you need to create an account at Webassessor and book the exam at your convenience.
  • Languages supported for this exam are English, Japanese, Spanish, and Portuguese.
  • Exam format consists of multiple choice and multiple select, which can be taken remotely or in-person at a test center.

 

 

Professional Exams

Professional exams require some seriously engraved skills in an individual in order to pass. As per Google Cloud, you need 3+ years of industry experience, including 1+ years of designing and managing solutions using Google Cloud. You can learn more about this certification from our previous blog post.

  • The duration of the exam is 2 hours.
  • The registration fee for the exam is $200 (plus tax where applicable).
  • To register for the exam, you need to create an account at Webassessor and book the exam at your convenience.
  • Languages supported are English and Japanese.
  • The exam format is multiple choice, multiple select, and a case study (in some exams), which can be taken remotely or in-person at a test center.

After the exam is finished, you will receive a PASS/FAIL status with no detailed scorecard, unlike all other cloud providers. If you pass the exam, the official results will be mailed to you within 6 days along with the promo code to order goodies (only for professional certification).

The retake policy for every certification is the same.

  • First failed attempt: You can apply for the same exam after a cooldown period of 14 days.
  • Second failed attempt: You can apply for the same exam after a cooldown period of 2 months.
  • Third failed attempt: You can apply for the same exam after a cooldown period of 1 Year.

So you passed the certification exam, but what do you get in return??

Let's discover some of the perks of getting Google Cloud certified:

  1. Get added to the Google Cloud Credential Directory, and potential recruiters will have their eyes on you.
  2. If you pass any Google Cloud professional certification, Google Cloud will ship goodies to you as a token of appreciation.
  3. At various times of the year, Google Cloud hosts Cloud-based events and you may get an exclusive invite to such events.
  4. Append your skill set with more authenticity.

Certification renewal/recertification:

Candidates must recertify in order to maintain their certification status. Unless explicitly stated in the detailed exam descriptions, all Google Cloud certifications are valid for two years from the date of certification.

Recertification is accomplished by retaking the exam during the recertification eligibility time period and achieving a passing score. You will receive some mail from Google Cloud 2 months prior to the expiration of the certification, along with a 50% off voucher for scheduling your exam.

Ready to get started? We’ll give you a coach and help you pass your Google Cloud certification exam the first time—guaranteed.

Get new blogs in your inbox

click here