Finał 2020

Głównym autorem zadań finałowych jest Michał Smereczyński przy wsparciu Emila Wasilewskiego

Scenariusz Data

Stage 1

  1. Create a virtual network in Azure. Name it VNETdata (50 points)
  2. Create a Ubuntu OS (18.04 LTS) VM in Azure, sized to Standard_B2s with Public IP Address attached to the VM’s NIC. Name it VMdata (50 points)
  3. Ensure that the incoming traffic to the VM (on public IP) is prohibited (not open for anyone) – use Network Security Group (NSG) to prohibit traffic. (10 points)
  4. Shut down the VM (10 points)
  5. Create an Azure Storage Account with Canonical File System (Azure Data Lake Gen 2) (50 points)
  6. Upload this file to the Azure Data Lake Storage gen 2: https://www.stats.govt.nz/assets/Uploads/Business-price-indexes/Business-price-indexes-June-2020-quarter/Download-data/business-price-indexes-june-2020-quarter-csv-corrected.csv (10 points)

Useful docs: https://docs.microsoft.com/en-us/azure/

Stage 2

  1. Power-up the VM You created in previous stage (10 points)
  2. Open incoming port 22 to the VM for your outgoing public IP address using NSG. (10 points)
  3. Install Docker CE on the VM (10 points)
  4. Run Dremio as a daemon using Docker on Your Ubuntu 18.04 LTS VM running in Azure (https://hub.docker.com/r/dremio/dremio-oss/) (50 points)
    1. Dremio need to use persistent storage when running in Docker (25 points)
    2. Dremio need to be running as user without administrative privileges when running in Docker (25 points)
    3. Dremio need to be started after VM restart automatically (25 points)
  5. Open the incoming port 9047 in NSG to open Web access to Dremio (10 points)
  6. Ensure that Dremio is up and running. Create Admin Account. (10 points)
  7. Additional points will be added to the team that will install NGINX Reverse Proxy and configure it for using Dremio web panel on port 80 with success on querying Azure Data Lake Gen2 (hint: check web sockets connectivity!)
    1. Install NGINX web proxy to serve Dremio web panel om port 80 (25 points)
    2. Close the incoming port 9047 and open port 80 on NSG (10 points)
  8. Configure Dremio to connect to Azure Data Lake Storage Gen 2 you created in Stage 1 (25 points)
  9. Query CSV file you uploaded in Stage 1 to Azure Data Lake Storage Gen 2 in Stage 1 for all rows and create a screenshot from this operation. (25 points)
  10. Attach it to the task reported as done and provide login as password to Dremio account in a secure way. (25 points)

Scenariusz Web

Stage 1

  1. Create two virtual networks in Azure. One in West Europe and second in North Europe. Name it VNET1 and VNET2 (10 points)
  2. Create 2 Ubuntu OS (18.04 LTS) VMs in Azure, sized to Standard_B1ls without Public IP Addresses in West Europe region. VMs need to be in an Availability Set. Name it VM1 and VM2. Availability Set name – ASwest (75 points)
  3. Create 2 Ubuntu OS (18.04 LTS) VMs in Azures sized to Standard_B1ls without Public IP Addresses in North Europe region. VMs need to be in an Availability Set. Name it VM3 and VM4. Availability Set name – ASnorth (75 points)
  4. Create a public Azure Load Balancer (Basic tier) in West Europe region and place it on front of two VMs you already created in the same region. Name it ALBwest .
  5. Create a public Azure Load Balancer (Basic tier) in North Europe region and place it on front of two VMs you already created in the same region. Name it ALBwest.
  6. Create the Azure Traffic Manager profile to ensure a disaster recovery for Weest Europe-placed VMs in North Europe region with automatic failover in case of West Europe-placed VMs unavailability.
  7. Ensure that the incoming traffic to the VMs (on the Load Balancers public IPs) is prohibited (not open for anyone) – use LB rules to prohibit traffic. (10 points)
  8. Shut down the VMs (10 points)

Usefull docs: https://docs.microsoft.com/en-us/azure/

Stage 2

  1. Power-up the VMs You created in previous stage (10 points)
  2. Create a NAT rules on Azure Load Balancers to have a possibility to login to VMs’ using SSH (20 points)
  3. Install Docker CE on all 4 VMs (10 points)
  4. Run .Net 5 sample app as a daemon using Docker on Your Ubuntu 18.04 LTS VM running in Azure (https://hub.docker.com/_/microsoft-dotnet-samples) (50 points)
    1. .Net 5 sample app need to be running as user without administrative privileges when running in Docker (25 points)
    2. .Net 5 sample app need to be started after VM restart automatically (25 points)
  5. Install NGINX reverse proxy to ensure .Net 5 sample app to be served on port 80 on every VM you created before (25 points)
  6. Open the port 80 on Azure Load Balancers and configure Azure Traffic Manager properly to ensure local High Availability for .Net 5 sample app and reginal Disaster Recovery for it. (20 points)
  7. Remove the NAT rules on Azure Load Balancers to have a possibility to login to VMs’ using SSH (10 points)
  8. Document the failover process with screenshots and description in english, saving it in MD format on GitHub (50 points)

Zadania finałowe

Task One (50 points)

As an extension to the Web scenario, add a third endpoint to the Traffic Manager, to serve a content in a case of failure of both regions in Europe. You have an East US 2 region available and static HTML file which must be served when Europe is down. You can’t use Virtual Machines.

HTML file content:

<p>Sorry we have an issue in Europe. We will back soon.</p>
<p>Your wonderful Team number XX</p>

Task Two (150 points)

short note:
Managed Identity for VMData is enabled. VM have Virtual Machine Contributor rights on Resource Group level where it is deployed.

VMdata VM have rights to manage other machines as well as itself. Using Azure CLI, prepare a shell script that will deallocate a machine on which it is running. As a confirmation of done, please commit your script to the GH repository.

Useful docs: https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/