Someone reached out to me and asked how you get experience with public cloud. That’s an excellent question so I thought I would give some perspective on it. There are three ways that immediately come to mind:
- Studying for a certification
- Playing around with different services in public cloud
- Getting involved in projects at work
Public cloud is a little like walking into a gigantic supermarket. You are looking for something very specific, maybe just a carton of milk, but if you have never been to this supermarket it could take you hours to find the milk. Maybe the milk is named something else in this store. To understand a specific cloud such as AWS, Azure, or GCP, you must first build up a basic understanding of what services they offer and how to use them. I normally prefer to do this by studying for a certification, such as the AWS Solutions Architect Associate, but there are also more introductory certifications such as the Cloud Practitioner or Azure Fundamentals. You can be super experienced and highly trained in a domain, such as servers or networking, but you must first learn to speak their language and understand their services. It definitely helps to study using certification material whether you intend to take the certification or not. This would be my first step when getting experience with public cloud.
As part of your studies, you will hopefully engage in some labs. It also makes sense to build some of your own labs. Maybe more realistic scenarios. Here are some examples that come to mind:
Three tier app – Build a classic three tier app with a web front end, an application, and a database. This doesn’t have to be a complex setup. The goal is not to build the new amazon.com website. Let’s use AWS as an example since that is the one I know best. How would you register your website? Do you do it with Route53 or another registrar? Did you know that you can host a simple website on S3? What are the limitations of doing so? You have a domain that you have registered. How can you use Route53 to forward traffic to your web instance? What are the different type of records available? How can you monitor availability?
Your site is becoming popular! How do you scale? Can you use auto scaling? How do you combine this with load balancers? What do you need to update in DNS when you start using load balancers? What will the source IP of packets be when you use a LB? Can you get information about the client somehow? Where do you terminate TLS? How do you manage certificates?
As you can see, even such a simple use case can learn you a lot about using cloud services. Could you perhaps replace your DB with one of the native services? How would you do that? What about using PaaS, such as Elastic Beanstalk?
VPN scenarios – If you work with public cloud, you will do some form of VPN. That’s pretty much a guarantee. You will most likely need a VPN from your on-premises environment. How do you set that up? Is both policy- and route-based VPNs supported or only route-based? How many routes do they support? Is IKEv2 supported or only IKEv1? Setting up VPNs almost always involves a bit of trial and error, especially when interfacing with public cloud as they tend to do things a bit differently than your typical site to site VPN.
Networking scenarios – Some people claim networking is simple in the cloud. This usually means one of two things:
- They run only a small setup in the cloud or with a very basic design
- They don’t know what they are talking about
People with networking skills in public cloud are still very rare. You can really get a leg up if you can provide those skills. There are many scenarios you could build such as building different VPCs, setting up peering between them, making sure you understand SGs and NACLs, getting experience with Transit Gateway, route tables and how to provide inspection services. Try setting things up in different ways and find the pain points of different designs.
Most of the cloud providers provide some kind of free tier. This means you can do a lot of labbing as long as you stay within the free tier. This normally means using only very basic compute instances etc. which is fine for a small lab. There are also some learning providers giving you access to a cloud playground.
If you now have some experience, through studying and labbing, this means that you are more employable but also that you can confidently raise your hand at work that you want to get involved with the cloud stuff that is going on. In any organization of size there will be some form of cloud initiative almost guaranteed and I’m sure they wouldn’t turn down another resource. It will seem a bit scary at first but you need to put your name in the hat if you want to level up your skills. You could first review the current design to understand it and perhaps come up with ways that it could be improved.
Personally, I’ve found that the quickest way to becoming proficient at something is the combination of learning on your own and getting involved with it at work. Looking forward to seeing some of your suggestions in the comments. Happy learning!
You nailed it Daniel 👏
Great little read Daniel! I’d like to get going with a 3 Tier model as you have suggested but being a Networking and F5 guy I’m not so confident with the apps Tier and DB Tier. Any suggestions on where to start with this for a very simple set up to play with (mainly to expose the networking, load-balancing and Security for me more so than the apps)
Amazing guide. Thanks a lot