Trupti Ambulkar

Yeah, first of all, thanks for asking me this question and giving me the opportunity to introduce myself. So my name is, and I have completed my bachelor's degree in computer engineering. Currently, I'm working as a senior cloud operations engineer with expertise in both streams. I'm AWS solution architect professional certified and Terraform Associate, HashiCorp certified. I've been with this industry for more than 7 years. And if I'm starting from my internship, it could be around 8 years. Moving forward, according to my BlissCline Technologies roles and responsibilities. At BlissCline Technology, we work in a shared model. A shared model means we have multiple clients to work with simultaneously. I have 4 to 5 clients to work with simultaneously, and my primary roles and responsibilities are to communicate with the clients, engage them, make them understand what they want to implement, and what their use case is. After understanding the use cases, I provide them with a solution. Once the solution has been approved by the client, my responsibility is to ensure that all the solutions are implemented in the respective accounts. As I mentioned earlier, I'm working on multiple projects. During the implementation of this kind of infrastructure, I have exposure to create multiple AWS services like EC2, RDS, VPC, subnets, EKS, and many more services, both manually and by leveraging the tool of infrastructure as a code, which is Terraform. So I have hands-on experience with both skills, manually and using Terraform. Going ahead, this is a mid-scale company. I'm also responsible for cost optimization. I handle related stuff, such as permissions to users and the creation of rules and other security aspects. The security aspects involve using CIS reports, trusted advisor reports, and AWS inspector service reports to ensure that the AWS environment is properly secured. Besides this, one of my clients has a big architecture, with 100 plus client accounts managed by Terraform with the help of AWS Control Tower. And they have multiple vendors to deal with, as the infrastructure is already huge. My primary responsibility here is to ensure that all the troubleshooting is done with me, and I am responsible for all the troubleshooting calls as well. That's it from my side. Thank you very much.

How do you learn a disaster recovery from for cloud infrastructure spanning multiple regions in AWS engine? Okay, so this question is related to disaster recovery. It completely depends on the client's requirement. What is the time they provide for disaster recovery and until what time the data should be available during the disaster plan. So, this is called the RTO and the RPO, and this is completely based on client requirements. If we are using a scenario like active-active-active-passive in this disaster recovery plan. I have created disaster recovery plans for the AWS services like EC2, RDS, EKS, EFS, and many more. And I have created these in the AWS infrastructure. My client's primary region is Mumbai, and the disaster recovery region is Hyderabad. Let's say I'm giving an example of RDS. So, for that purpose, we have created the Aurora Doctor architecture. We are using Postgres RDS, and their primary node is in the Mumbai region. We have made a read replica of that RDS in the Hyderabad region. Once the primary region went down, that is in my case, Mumbai, we run the Lambda script. We have created one Lambda script. Once the Lambda hits, it automatically promotes the Hyderabad read replica to the primary instance. Once Mumbai is up, we make sure the Hyderabad region's primary instance replicates to Mumbai, and then we can make Mumbai region primary in the switchback plan. Vice versa, we are doing so. This is one part of the AWS service I'm explaining here. Going ahead, I have created EC2 VPC architecture for disaster recovery. One of my clients' requirements is to make sure all the infrastructure present in Mumbai replicates to Hyderabad. I have written the Terraform code as per the disaster recovery setup. And through backup services, I have created an AMI and copied it to the Hyderabad region. Through a single click of the Terraform code, I have put the latest AMI of that particular EC2 instance and launched a full Doctor setup in the Hyderabad region within 10 minutes of downtime.

To optimize other resource consumptions, I would use the method of monitoring and adjusting resources. So, I'm primarily working on the AWS, so I'm going with that. To reduce any resource consumption for that, we need to make sure to enable the monitoring on those resources. Let's say I'm talking about the EC2 instances. I do have 10 EC2 instances. I'm enabling the monitoring on those instances, which will monitor the CPU and memory utilization. If the CPU and memory utilization is not used as expected, so we can downsize the instance size. This is a one-off solution to reduce the consumption also. The second method is to use spot instances or auto scaling. I'm going with the auto scaling. If you need a specific instance, if you are using an e-commerce website and your requests are used, so auto scaling will automatically create the instances. If the pressure is reduced, so it will automatically reduce the instances. So auto scaling can be used here. Also, we can use auto scaling to reduce the consumption as well as the cost. Spot instances are some instances which have a cost that is minimal, and they will get automatically terminated when the pressure is reduced. We can use the spot instance dashboard to get the spot instances by using auto scaling. The spot instance dashboard is good for combining spot instances with auto scaling. Thank you very much.

Containerization with enhanced application deployment in a cloud environment. Containerization with the application deployment, for that, I'm using a CICD pipeline, which is integrated with Jenkins. So, primarily, it enhances application deployment in a cloud environment. How does containerization with Docker enhance application deployment? So, Docker is composed of multiple apps. Docker is good for creating multiple applications. It supports a lot of spins. Docker, combined with Kubernetes, is something that can handle the scaling and auto-rolling updates. And the combination of Docker and Kubernetes is good enough to make sure containerization works well for deployment. Currently, I'm using a CICD setup with Jenkins, and all Docker images are stored in the AWS services of the ECR service.

Can you suggest a strategy to migrate on premises application to AWS using Docker containers. So, see, I to be really honest, I'm never worked with the migration services. And, in my organization, we do have separate migration team for those tasks, migration and the RDSO database things. We do have separate things. So this is not something which I the does previously. But, I will guess something. Strategy to migrate on prem application to the AWS. You can see I know I am aware about, let's say, to connect on prem to AWS, we can use a direct connect service in the AWS. Something which is related to the Docker containers, I'm not pretty sure.

How do you manage state in a distributed application using Kubernetes for orchestration? How do you manage state in a distributed application using Kubernetes for orchestration. Okay. To manage any state, we can use the combination of Kubernetes with Terraform. Terraform is good enough to manage the state files, and Terraform also has options to maintain their state file to a particular location. So let's say Terraform has three locations: Kubernetes, RDS, and local/remote. I think to manage it in Kubernetes for orchestration, we can use Terraform.

In this Dockerfile snap, review the command and identify what potential issue may arise when building the image. Explain how you would resolve it. Run apt get up to apt get install. First observation from my side is in a second, run apticateupdate and apticate install hyphen y git. So, apticate don't have option of hyphen v. Instead, yam should have. Okay? And the second, so it will give an error is like, hyphen y option is not valid. And my second observation here is the, last two lines. Run Mac directory hyphen code and, change hyphen, slash code and git clone on a particular repo. So git clone, git clone came in a first line, and their repo directory come in the next line. So it may be like the, git clone will not found a specific repo. So it will use an error, will be like, repository is not defined, and, git URL is not defined, not specified, likewise.

Given the data from Snap that initializes a new AWS CCT image, I identified an issue with the variable interpolation and how it could affect the deployment. So, given the data from Snap, I didn't mention what was wrong with the variable. Variable interpolation was wrong and how it could affect the infrastructure deployment. Okay. See, var.environment is what the variable is defined, and you want to know what's wrong with the variable interpolation. So, in a tag, 'name' equals '2'. Okay? It will use in a single-quoted instance, like 'instance-hyphen' and then the dollar sign and the variable dot environment. See, if you put anything in a single-quoted string, it will print as it is. If you want a variable in the instance, a combination of both, so it should be, again, a double bracket at the end and get a value. Likewise, something. But if you put anything in a single-quoted string, it will print as it is. So I don't think the value will print. Also, the variable dot environment is not defined in the current code. I'm reviewing again.

Is there anything to write it down? I don't think so. So, okay, so to define a multi-tier application, okay. So, firstly, if you go with a multi-tier application, there are two approaches to deal with. One is we can deal with the model. Another approach is to deal with the workspace. So, according to the question, we have to create a model to deploy a multi-tier web application. So, it's simply create the syntax will be "module". First, you can write the module and define the AWS resources you want to create for that particular module. And the name of that particular module. And inside that, we can add whatever resources you have created for that particular module. Let's say you have created two EC2 instances. So, you can create a variable for everything and add it to the instance type. So, instance type equals to instead of hardcoding, you can add the variable like "var.instance_type". Any instance type variable, you can put all the values. And whenever you want to get this model's details, and in that case, you just have to put, like, "module.your_model_local_name". And with specific path, obviously, let's say if we are maintaining it outside, then go with the specific path. So, likewise, "module.your_model_local_name" or "your_values". Likewise, we can deal with the application. So, basically, a module is something like this only. And for a multi-tier web application, it's called a multi-tier web application. It's something the resources you require is the C2, which is your server. Then, there should be a load balancer. There should be route security settings. There should be RDS settings. So, you have to create everything via modules and call those models in the declaration part whenever it is required.

If you're required to build a CICD pipeline, which tools in the Kubernetes ecosystem could you incorporate? Would you incorporate? If required to build a CICD pipeline, which tool in the equivalent ecosystem would you incorporate? So, for a CICD pipeline, there are multiple actualities I found. It is a theoretical question. So, in a CICD pipeline, there are multiple services to implement. Let's say, primarily, we are using or, in general, it is going with the Jenkins. Okay. Jenkins, with CICD pipelines. Nowadays, we have core pipeline services in AWS also. Apart from this, nowadays, a new service is found for a CICD pipeline, which is called Argo CD. So, the primary difference between the core pipeline or a Jenkins, let's consider Jenkins and the Argo CD setup. So, the Jenkins, to build a CICD pipeline with Jenkins, is something the Jenkins server we have to maintain outside the Kubernetes and provide connectivity between the cluster and the Jenkins specifically. But what happens in Argo CD is, like, Argo CD, we have to deploy the application inside the Kubernetes clusters only. And in the application file, you have to provide your centralized repository information and your Kubernetes cluster information. So, there are no manual things here, and no need to grab keys or put them somewhere. Whenever the user or a developer pushes their code into the centralized repository, Argo says you automatically fetch all the data to the Kubernetes cluster.

I'm not proficient with Azure. But if I get a chance to work with the Azure cloud, I will definitely learn. Currently, I'm professionalized as an AWS person, so I will let you know about the monitoring tools. So if you go with any cloud, something which has been there is called logging. This is how it works. I'm not pretty sure. But the GCP is something I'm aware of. Logging captures whatever the logs are present, so they are captured. In AWS, CloudWatch is the monitoring tool, okay, where we can set a metric, add a log, add a log table there. Also, we can set alarms by using metrics. So all the monitoring in AWS happens via the CloudWatch service. I'm not good in Azure right away, so I'm not pretty sure about the Azure exact monitoring tool. But we can use third-party tools as well currently. In my current organization, we are using New Relic. We also use that kind of third-party tool.