This is the SRE technical challenge for Pear Deck. Read this README.md for instructions on guidelines and the task to solve.
At GoGuardian, our Pear Deck engineering team values the ability to think through a project methodically, solve problems creatively, balance simplicity with innovation, write clear code that is easy to read and understand, follow sustainable standards and accepted best practices, make well reasoned decisions, and learn and grow through your work.
We've developed this code challenge to allow you, as a candidate, to showcase these abilities through executing a standard piece of work that touches on all of the core competencies of a Site Reliability Engineer.
- Please read the exercise in full before planning and beginning your work
- You are welcome to reach out to ask any questions, gain clarification, or gather requirements at any time
- We ask that you execute the challenge in
Terraform
,Helm
, andgit
as it most closely reflects the work you will do on the Pear Deck SRE team at GoGuardian. If you choose to use any scripting/programming languages to glue everything together, feel free to use what you are most comfortable with, though keep in mind that we often usePython
for a lot of our own glue code. - Your work metholodogy is shown through your commit history, so please consider this in your work
- Comments and documentation to mark your decisions, explain your solutions, and show your reasoning are expected.
- You will have one week from the time you receive the challenge to complete and return your work.
- We ask that you try to spend three hours or less on your solution within that week.
- Please return your solution as a zipfile or tarball of your git repo according to the instructions of the recruiter
- After you deliver your work, one of our engineers will review your work
- Should you pass and move onto team interviews with our engineering team, there will likely be questions or discussions relating to this work, so please be prepared to help explain/teach your work!
- First and foremost, your ability to develop a working solution using the tech stack specified in the rules
- Your execution of coding best practices and readability of your code
- Source control and work methodology is important so please use git, use meaningful commit messages and organize your work accordingly
- There is not one correct solution and so your solution will be unique. We will be paying attention to how you decide to solve the challenge, so please ensure that it reflects your strengths
- Explaining your thinking, decision points, and solution are critical. Comments and documentation will be reviewed and should provide context and clarity around your completed code.
You will be provided with a static Google JSON authentication key for using gcloud
and Terraform commands. No need for shared Terraform state - please commit your state file alongside your Terraform code if you opt to use Terraform.
Please note that the JSON key is scoped only to your Kubernetes namespace - so any cluster-level listing operations will fail.
Your task is to:
- Serve a basic HTTP response with a load balancer. Use a
LoadBalancer
service for this purpose. Usestrm/helloworld-http
(https://hub.docker.com/r/strm/helloworld-http) as your HTTP server - no need to modify the image or anything.- You might need to debug any problems that occur while trying to have this serve traffic. Document any fixes required in either a separate text file or alongside your code.
- If you are unable to pinpoint the issue, not a problem - we can chat about how you would go about debugging the issue.
- You might need to debug any problems that occur while trying to have this serve traffic. Document any fixes required in either a separate text file or alongside your code.
- Ensure that the
Deployment
is secure with a custom service account with no Kubernetes permissions. - Set up a
CronJob
that outputs "Hello World" every thirty minutes. - Create a GCS bucket,
peardeck-sre-challenge-<first_name><last_name>
(either with Terraform or GKE Config Connector.) For example, if your name is John Doe, create a GCS bucketpeardeck-sre-challenge-johndoe
.- You will need to provide an annotation,
cnrm.cloud.google.com/project-id: "pd-us-app-dev-sre-challenge"
if you use config connector.
- You will need to provide an annotation,
Optional tasks:
- Document exactly what else you'd add to best monitor the service. Even though the HTTP server is a toy service, explain what sort of basic things you'd want to monitor as if it was a production service. (No need to implement an actual solution here.)
- Imagine that the service is stateful: what considerations would you keep in mind while designing out the service? Document what these considerations would be and what informed your decision. (No need to implement an actual solution here.)
- Helm 3.x
- Terraform 1.x
- Google Kubernetes Engine (assume that GKE Config Connector is enabled)
- The
helm/
folder contains a skeleton Helm chart. - The
terraform/
folder contains a blank Terraform workspace to use.
- Ensure you have
git
installed on your computer - Ensure that you have the Terraform,
kubectl
,helm
, andgcloud
CLIs installed. - Follow instructions below to authenticate against the Kubernetes cluster:
- Run
gcloud auth activate-service-account --key-file=/path/to/keyfile.json --project=pd-us-app-dev-sre-challenge
- Run
gcloud container clusters get-credentials pd-us-sre-challenge-cluster --project pd-us-app-dev-sre-challenge --zone us-central1-a
- Run
kubectl config set-context --current --namespace=candidate-<first_name><last_name>
(first_name
andlast_name
are both lowercase) - Run
kubectl get pods
to verify connectivity
- Run