Assess your skill level

Write performance tests, using tools such as Gatling and Apache JMeter, to ensure that the system meets required performance thresholds and service level agreements (SLAs).

Resize a Kubernetes cluster, taking into account performance test results, thresholds, and SLAs.

Run Linux performance monitoring utilities, such as top.

Designing and implementing a CI/CD process for a cloud-based deployment running in production.

Using a cloud CI/CD tool, such as Tekton, Google Cloud Build, Codefresh, AWS CloudFormation, or Jenkins, to implement a CI/CD process for a cloud-based deployment running in production.

Integrating GitOps into a CI/CD process.

Write Dockerfiles.

Create Docker images, and push them to a private Docker registry.

Pull and run images from a private Docker registry.

The concepts of Docker layers, and building images based on other Docker images using the FROM instruction.

The difference between the COPY and ADD instructions in a Dockerfile.

Use a Git repository collaboration framework, such as GitHub, GitLab, or Bitbucket Server.

Perform common Git operations, such as cloning and forking repositories, branching, committing changes, submitting pull requests, merging, viewing logs, and so forth.

AM policy agents.

Configuring AM policies.

Synchronizing and reconciling identity data using IDM.

Managing cloud databases.

Connecting Ping Identity Platform components to cloud databases.

Attended ForgeRock University training courses.

Deployed the Ping Identity Platform in production, and kept the deployment highly available.

Configured DS replication.

Passed the ForgeRock Certified Access Management and ForgeRock Certified Identity Management exams (highly recommended).

Use the graphical user interface for Google Cloud, AWS, or Azure to navigate, browse, create, and remove Kubernetes clusters.

Use the cloud provider’s tools to monitor a Kubernetes cluster.

Use the command user interface for Google Cloud, AWS, or Azure.

Administer cloud storage.

Read the cluster creation shell scripts in the forgeops repository to see how the CDM cluster is configured.

Create and manage a Kubernetes cluster using an infrastructure-as-code tool such as Terraform, AWS CloudFormation, or Pulumi.

Configure multi-zone and multi-region Kubernetes clusters.

Configure cloud-provider identity and access management (IAM).

Configure virtual private clouds (VPCs) and VPC networking.

Manage keys in the cloud using a service such as Google Key Management Service (KMS), Amazon KMS, or Azure Key Vault.

Configure and manage DNS domains on Google Cloud, AWS, or Azure.

Troubleshoot a deployment running in the cloud using the cloud provider’s tools, such as Google Stackdriver, Amazon CloudWatch, or Azure Monitor.

Integrate a deployment with certificate management tools, such as cert-manager and Let’s Encrypt.

Integrate a deployment with monitoring and alerting tools, such as Prometheus and Alertmanager.

Google Certified Associate Cloud Engineer Certification.

AWS professional-level or associate-level certifications (multiple).

Azure Administrator.

Automate QA testing using a test automation framework.

Design a chaos engineering test for a cloud-based deployment running in production.

Use chaos engineering testing tools, such as Chaos Monkey.

Use the kubectl command to determine the status of all the pods in a namespace, and to determine whether pods are operational.

Use the kubectl describe pod command to perform basic troubleshooting on pods that are not operational.

Use the kubectl command to obtain information about namespaces, secrets, deployments, and stateful sets.

Use the kubectl command to manage persistent volumes and persistent volume claims.

Configured role-based access to cloud resources.

Configured Kubernetes objects, such as deployments and stateful sets.

Configured Kubernetes ingresses.

Configured Kubernetes resources using Kustomize.

Passed the Cloud Native Certified Kubernetes Administrator exam (highly recommended).

Schedule backups of Kubernetes persistent volumes on volume snapshots.

Restore Kubernetes persistent volumes from volume snapshots.

Volume snapshots on Google Kubernetes Engine (GKE), Amazon Elastic Kubernetes Service (EKS), or Azure Kubernetes Service (AKS)

A third-party Kubernetes backup and restore product, such as Velero, Kasten K10, TrilioVault, Commvault, or Portworx PX-Backup.

A production deployment in the cloud.

A production deployment of Ping Identity Platform.

Harden a Ping Identity Platform deployment.

Configure TLS, including mutual TLS, for a multi-tiered cloud deployment.

Configure cloud identity and access management and role-based access control for a production deployment.

Configure encryption for a cloud deployment.

Configure Kubernetes network security policies.

Configure private Kubernetes networks, deploying bastion servers as needed.

Undertake threat modeling exercises.

Scan Docker images to ensure container security.

Configure and use private Docker container registries.

Manage multi-zone and multi-region deployments.

Implement DS backup and restore in order to recover from a database failure.

Manage cloud disk availability issues.

Analyze monitoring output and alerts, and respond should a failure occur.

Obtain logs from all the software components in my deployment.

Follow the cloud provider’s recommendations for patching and upgrading software in my deployment.

Implement an upgrade scheme, such as blue/green or rolling upgrades, in my deployment.

Create a Site Reliability Runbook for the deployment, documenting all the procedures to be followed and other relevant information.

Follow all the procedures in the project’s Site Reliability Runbook, and revise the runbook if it becomes out-of-date.