Deploy and Manage Cloud

Environments with Google Cloud:

Challenge Lab
Task 1: Migrate a stand-alone PostgreSQL database to a
Cloud SQL for PostgreSQL instance
sudo apt install postgresql-13-pglogical

sudo su - postgres -c "gsutil cp gs://cloud-training/gsp918/pg_hba_append.conf ."

sudo su - postgres -c "gsutil cp gs://cloud-training/gsp918/postgresql_append.conf ."
sudo su - postgres -c "cat pg_hba_append.conf >> /etc/postgresql/13/main/pg_hba.conf"
sudo su - postgres -c "cat postgresql_append.conf >>
/etc/postgresql/13/main/postgresql.conf"
sudo systemctl restart postgresql@13-main

sudo su - postgres
psql

\c postgres;
CREATE EXTENSION pglogical;
\c orders;
CREATE EXTENSION pglogical;
\c gmemegen_db;
CREATE EXTENSION pglogical;

CREATE USER [MIGRATION ADMINE] PASSWORD 'DMS_1s_cool!';

ALTER DATABASE orders OWNER TO [MIGRATION ADMINE];
ALTER ROLE [MIGRATION ADMINE] WITH REPLICATION;

\c postgres;
GRANT USAGE ON SCHEMA pglogical TO [MIGRATION ADMINE];
GRANT ALL ON SCHEMA pglogical TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.tables TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.depend TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.local_node TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.local_sync_status TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.node TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.node_interface TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.queue TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.replication_set TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.replication_set_seq TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.replication_set_table TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.sequence_state TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.subscription TO [MIGRATION ADMINE];

\c orders;
GRANT USAGE ON SCHEMA pglogical TO [MIGRATION ADMINE];
GRANT ALL ON SCHEMA pglogical TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.tables TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.depend TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.local_node TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.local_sync_status TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.node TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.node_interface TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.queue TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.replication_set TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.replication_set_seq TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.replication_set_table TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.sequence_state TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.subscription TO [MIGRATION ADMINE];

GRANT USAGE ON SCHEMA public TO [MIGRATION ADMINE];

GRANT ALL ON SCHEMA public TO [MIGRATION ADMINE];
GRANT SELECT ON public.distribution_centers TO [MIGRATION ADMINE];
GRANT SELECT ON public.inventory_items TO [MIGRATION ADMINE];
GRANT SELECT ON public.order_items TO [MIGRATION ADMINE];
GRANT SELECT ON public.products TO [MIGRATION ADMINE];
GRANT SELECT ON public.users TO [MIGRATION ADMINE];

\c gmemegen_db;
GRANT USAGE ON SCHEMA pglogical TO [MIGRATION ADMINE];
GRANT ALL ON SCHEMA pglogical TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.tables TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.depend TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.local_node TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.local_sync_status TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.node TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.node_interface TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.queue TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.replication_set TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.replication_set_seq TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.replication_set_table TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.sequence_state TO [MIGRATION ADMINE];
GRANT SELECT ON pglogical.subscription TO [MIGRATION ADMINE];
GRANT USAGE ON SCHEMA public TO [MIGRATION ADMINE];
GRANT ALL ON SCHEMA public TO [MIGRATION ADMINE];
GRANT SELECT ON public.meme TO [MIGRATION ADMINE];

\c orders;
\dt
ALTER TABLE public.distribution_centers OWNER TO [MIGRATION ADMINE];
ALTER TABLE public.inventory_items OWNER TO [MIGRATION ADMINE];
ALTER TABLE public.order_items OWNER TO [MIGRATION ADMINE];
ALTER TABLE public.products OWNER TO [MIGRATION ADMINE];
ALTER TABLE public.users OWNER TO [MIGRATION ADMINE];
\dt

ALTER TABLE public.inventory_items ADD PRIMARY KEY(id);

\q
exit

Task 2: Update permissions and add IAM roles to users

For Task 2 follow Video Instructions.

Task 3: Create networks and firewalls

export VPC_NAME=

export SUBNET_A=

export REGION_A=

export SUBNET_B=

export REGION_B=

export FIREWALL_RULE_NAME_1=

export FIREWALL_RULE_NAME_2=

export FIREWALL_RULE_NAME_3=
gcloud compute networks create $VPC_NAME --project=$DEVSHELL_PROJECT_ID
--subnet-mode=custom --mtu=1460 --bgp-routing-mode=regional && gcloud compute
networks subnets create $SUBNET_A --project=$DEVSHELL_PROJECT_ID
--range=10.10.10.0/24 --stack-type=IPV4_ONLY --network=$VPC_NAME
--region=$REGION_A && gcloud compute networks subnets create $SUBNET_B
--project=$DEVSHELL_PROJECT_ID --range=10.10.20.0/24 --stack-type=IPV4_ONLY
--network=$VPC_NAME --region=$REGION_B

gcloud compute --project=$DEVSHELL_PROJECT_ID firewall-rules create

$FIREWALL_RULE_NAME_1 --direction=INGRESS --priority=65535
--network=$VPC_NAME --action=ALLOW --rules=tcp:22 --source-ranges=0.0.0.0/0

gcloud compute --project=$DEVSHELL_PROJECT_ID firewall-rules create

$FIREWALL_RULE_NAME_2 --direction=INGRESS --priority=65535
--network=$VPC_NAME --action=ALLOW --rules=tcp:3389 --source-ranges=0.0.0.0/0

gcloud compute --project=$DEVSHELL_PROJECT_ID firewall-rules create

$FIREWALL_RULE_NAME_3 --direction=INGRESS --priority=65535
--network=$VPC_NAME --action=ALLOW --rules=icmp --source-ranges=0.0.0.0/0

Task 4: Troubleshoot and fix a broken GKE cluster

In your inclusion filter

resource.type=[inclusion filter];
severity=ERROR