If you've never heard The Arcade by Google Cloud, it's a Qwiklabs and Google Cloud program where they create a learning experience for you where you can win prizes and measure your cloud knowledge with other players. Personally I am excited about this program and I became a facilitator last month. You can enter https://go.qwiklabs.com/arcade
Just today (July 5) access to the trivia was unlocked and these laboratories are, in my opinion, the most common cases in working life (Focused on business days)
I explain the content of each of them
In this lab, you will learn how to leverage NetApp Cloud Volumes ONTAP for SMB workloads. You will get practical experience in configuring and accessing NetApp volumes using the SMB protocol with integration to Active Directory. In addition, you will learn how to recover data from NetApp Snapshots using Windows's native way and how to optimize storage consumption of any workload (SMB included) using Thin Provisioning and Data Tiering along with BlueXP's automatic capacity management mode. This lab is derived from the BlueXP documentation published by NetApp.
Objectives
You will learn how to perform the following tasks:
Integrate Cloud Volumes ONTAP with Active Directory
Create and access a NetApp volume using SMB
Restore SMB data from NetApp Snapshots
Use NetApp storage efficiency features to optimize storage consumption
2. Check Point: Next-Gen Data Center Security CloudGuard for Google Cloud GSP818
Organizations are starting to adopt public cloud environments as an extension of their internal Data Centers (DC) to gain operational flexibility and lower operational costs. The increasing number of applications in DC has led to a dramatic increase in network traffic between the different servers/application inside DC (east-west traffic).
However, when it comes to security, the focus has been on protecting the entrance to the DC, and the perimeter, but there are few controls to secure east-west traffic inside the data center. This represents a critical security risk where threats can traverse unimpeded once inside the data center. Furthermore, traditional security approaches to this problem are unable to keep pace with the dynamic network changes and rapid provisioning of applications in a cloud environment.
Check Point CloudGuard for Google Cloud with its advanced threat prevention capabilities will allow you to deal with that security risk and minimize it. This lab will provide you with some getting started steps required to get familiar with the Google Cloud environment & how to deploy a basic day to day scenario with CloudGuard in place. You will understand and simulate a real-life use case to grasp the ease of deploying automated advanced security protections within the Google Cloud. You will walk through a few simple exercises to illustrate the benefits of having security integrated into a virtual networking platform. These exercises are incremental; they start from basic setup and progress into more advanced scenarios.
3. Cisco: SD-WAN Cloud Hub with Google Cloud GSP772
This lab illustrates a scenario for the Cisco SD-WAN Cloud Hub with Google Cloud solution, the application-centric multi-cloud networking fabric developed in partnership by Cisco and Google. In this scenario, a video is streamed from an application hosted in Google Cloud across a Wide Area Network (WAN).
The lab shows how to leverage Google Service Directory and Cisco SD-WAN to optimize the performance of the video streaming application. You will learn how to use Google Service Directory to configure a *traffic profile* associated with the video streaming application, and (optionally) you will use Cisco SD-WAN vManage to better understand how SD-WAN optimizes the applications associated with that *traffic profile*.
Objectives
In this lab, you will:
Create a Compute Engine instance that hosts a streaming video service, using a pre-built Docker container, and connect it to an SD-WAN edge router
Log on to a Windows client VM and use the VLC application to start streaming a video clip from the video service created above
Set up bandwidth monitoring on the client VM in order to observe the traffic optimization offered by the Cloud Hub solution
Associate traffic profile service metadata to the video streaming application via Service Directory, and observe how Cisco SD-WAN optimizes in real time the quality of the received video clip
(Optional) Explore the Cisco SD-WAN management web UI (Cisco vManage) to better understand what's happening behind the scenes
4. Datadog: Getting started with the Helm Chart GSP937
The Datadog Agent has many features. In this lab you will run the Datadog Agent in a Kubernetes cluster as a DaemonSet in order to start collecting your cluster and applications metrics, traces, and logs. You can deploy a Datadog Agent with a Helm chart or directly with a DaemonSet object YAML definition.
In this lab you will be explaining and using those options in a real cluster, checking in real time the features they enable.
Objectives
In this lab you will learn about using the Helm chart used to install the Datadog Agent. You will learn how to:
Deploy the Datadog Helm chart
Add a toleration to the agent
Change configuration values from the Helm chart
Check the logs
Enable the APM agent
Enable the cluster agent
5. Prisma Cloud: Securing GKE Run Time GSP696
In this lab you will use Prisma Cloud Compute to secure runtime aspects of a Google Kubernetes Engine (GKE) Cluster.
What you'll do
Setup a GKE Cluster
Deploy service on the GKE Cluster
Deploy Prisma Cloud Compute Console on the GKE Cluster
Configure Security Policies in Prisma Cloud Compute
Go through a real world use case
6. Getting Started with Elasticsearch on Google Cloud GSP817
Elasticsearch is a search engine based on the Lucene library. It provides a distributed, multitenant-capable full-text search engine with a HTTP web interface and schema-free JSON documents.
In this lab you will focus on creating a simple Elasticsearch deployment, leveraging Google Cloud Platform. Once you have created your Elastic cluster you will explore a sample dataset and visualize the data in a dashboard.
Objectives
In this lab, you learn how to perform the following tasks:
Create an Elasticsearch deployment on the Google Cloud Platform
Explore data in Elastic through dashboards and more
7. Offloading Financial Mainframe Data into BigQuery and Elastic Search GSP1153
Financial institutions have vast amounts of data about their customers. However, many of them struggle to leverage data to their advantage. Data may be sitting in silos or trapped on costly mainframes. Customers may only have access to a limited quantity of data, or service providers may need to search through multiple systems of record to handle a simple customer inquiry. This creates a hazard for providers and a headache for customers.
Elastic and Google Cloud enable institutions to manage this information. Powerful search tools allow data to be surfaced faster than ever - Whether it's card payments, ACH (Automated Clearing House), wires, bank transfers, real-time payments, or another payment method. This information can be correlated to customer profiles, cash balances, merchant info, purchase history, and other relevant information to enable the customer or business objective.
In this hands-on lab, you'll import synthetic data representing financial records offloaded from a bank's mainframe into BigQuery. You'll then explore it using SQL, then create a Dataflow job to process and ingest a subset of that data into Elastic Search. Finally, you'll create a dashboard in Elastic's Kibana tool to gain a 360 degree view of a customer's financial history.
Objectives
Importing mainframe data into BigQuery and exploring it using SQL
Get an Elastic Trial and deploy an Elastic Cluster on Google Cloud
Creating a Dataflow job from an Elastic template
Running and monitoring a Dataflow job's progress
Inspecting datasets in Elastic with Kibana
Building a dashboard to visualize the mainframe data
8. Palo Alto Networks: VM-Series Network Tags and TCP/UDP Internal Load Balancing GSP1022
In this lab, VM-Series firewalls are deployed to secure north/south traffic for a single VPC network. The lab provides guidance on how to leverage network tags to steer traffic to specific internal TCP/UDP load balancers that frontend VM-Series firewalls. Network tags have a variety of use-cases, including:
Prevention of cross-region traffic flows.
Isolation of egress traffic between development and production environments.
Creation of “swimming-lanes” to distribute traffic to different sets of load balanced firewalls.
This lab specifically focuses on leveraging network tags to isolate regional traffic flows for a global VPC network.
The diagram below shows the lab environment. Everything in the lab is built through Terraform, including the local configuration of the compute resources.
Objectives
In this lab, you will:
Secure outbound internet traffic for a global VPC network with two pairs of regionally distributed VM-Series firewalls.
Use Google Cloud’s internal TCP/UDP load balancers to distribute traffic to the VM-Series firewalls.
Apply Google Cloud network tags to VPC custom routes and compute instances to prevent cross region traffic flows.
Modify network tags on compute instances to redirect outbound traffic to a different VM-Series firewall.
Do not forget to do the trivia to have the badge complete. And let the game begin
