Updates from March, 2022 Toggle Comment Threads | Keyboard Shortcuts

  • ThomasPowell 11:25 pm on March 28, 2022 Permalink | Reply
    Tags: , AWS Certified Solutions Architect Professional, sap-c01   

    How I Passed the AWS Certified Solutions Architect Professional (SAP-C01) Exam 

    Table of Contents
    AWS Certified Solutions Architect Professional badge

    Foundational Certifications

    I first passed the Associate Level Exams, using Linux Academy/aCloudGuru and Digital Cloud Training (found the practice exams on Udemy and more on the main site)

    AWS Certified Solutions Architect Professional vs Associate

    While the AWS Certified Solutions Architect – Associate requires knowledge of Kinesis products to some degree, it’s about as far from the core network/security/database/storage/compute services as you get in the Associate exam, and you can definitely get by without knowing Kinesis things very well and still pass.

    The AWS Certified Solutions Architect – Professional, on the other hand, requires detailed knowledge of migration, costing, and organization architecture in order to pass. You’ll need to know Direct Connect and other services that you won’t be able to use on a personal AWS account level, and how to architect for them.

    Wait. You Took HOW Long?

    Almost exactly a year. I actually postponed for a month or else it would have been closer to 11 months. However, I ran into a bit of fatigue over having so many new things lobbed at me in the courses and lost a bit of motivation in the early months, causing me to have to refresh some of my SAA-C02 knowledge as well.

    With the fairly low amount of daily exposure I get to AWS services, it probably should have taken 6 months. If you’re actively using most of the services and/or have participated in a recent AWS migration, you might be able to get it done in under 3 months. A lot of my mental blocks were around migrations, AWS Organizations, multi account, and Direct Connect because I had no real exposure to those in the real world.

    Main Learning Track for the AWS Certified Solutions Architect Professional

    I initially took Adrian Cantrill’s Linux Academy course for my AWS Certified Solutions Architect Associate training, so when his course at learn.cantrill.io was recommended to me for the AWS Certified Solutions Architect Professional training, I knew that I needed to subscribe.

    His course covers the Associate level fundamentals in depth in addition layering on the Professional level details, so you understand better why on top of what. His lab exercises walk through various aspects of pretty much the same example, so that you can take a journey through one “organization”s usage of AWS as you follow along and implement it.

    You don’t absolutely have to follow along in your own AWS console, but the more time you spend clicking around in the console, the more you’re going to be able to visualize things in time for the exam. Take the quizzes along the way until you are 100% at them… they are basic knowledge that you must have down.

    Once you finish the course, repeat the 25 question exams until you’re 100% on each, reviewing and noting your weak spots and looking up the details on things you miss.

    Reinforcing Course and Exams

    I bought Neal Davis’ Digital Cloud Training course and practice exams through Udemy (Udemy app works a little more uniformly between devices than web-based). I took each one of the practice exams and reviewed the incorrect answers on each turn. After the first two exams, I listened to the course, which is way more concise and hits upon some of the highlights that are key to the exam. I also grabbed the Tutorials Dojo Udemy practice exams and used my existing aCloudGuru subscription for additional practice.

    Score progression for the AWS Certified Solutions Architect Professional practice tests. cantrill.io ones I repeated until 100%

    Over all that excessive practice, I realized that about I was missing about 10-12 percent of the questions just by not noticing a nuance to one of two usually similar answers. If you’re not spending an average of 2 minutes (probably even 3 on the longer ones), you’re potentially making careless errors.

    The key benefit of the variety of practice exams for me was having a lot of practice seeing “gotcha” patterns in the questions and answers, which you could also accomplish by breaking down every practice question carefully. The AWS Certified Solutions Architect Professional passing score is a 75% so a lot of those “near misses” could have been passing with a little more awareness of pitfalls and better attention to detail.

    Practice Tests Ranking

    1. Cantrill.IO – these are untimed and you get immediate feedback (at least on the 25 question mini-exams) this is really good for going through your first couple passes and taking notes on what you’re deficient in.
    2. Digital Cloud Training (Neal Davis) – the Udemy version of these exams were 6 25 question timed exams, and you can filter on incorrect answers to read through explanations.
    3. Tutorials Dojo (on Udemy) – 4 full-length practice exams, with same opportunity to review as Neal Davis’ exams.
    4. aCloudGuru – The questions are good for exposure to less frequently covered services, but the review interface for your tests is not that great and your progress and history is device specific.

    Practice Helps Visualization – the Key to “Muscle Memory”

    One excellent usage for aCloudGuru is their Cloud Sandbox environments (Digital Cloud Training has them as well). With an AWS cloud sandbox, you can practice building a lot of the things you need to know within a time-limited environment that tears down itself, preventing you from forgetting about it and getting a perpetual bill. There are a few things that you might need to practice that will be blocked by the cloud sandbox policy, but you can actually get most of the way through the creation interface and see what’s available on a lot of those things without actually creating the resources (which is where you *will* get denied).

    One thing that you can’t experience in a cloud sandbox is AWS Organizations. However, you can mostly practice SCPs and Organizations without creating objects that will trigger billing: Just practice policies and organization but create minimal resources (like S3 objects).

    You don’t absolutely have to have a lot of practical experience in AWS for the exam, but you’ll spend a lot more time memorizing definitions and concepts if you can’t visualize working through them in the AWS Console, so any practical exposure you can get really helps.

    Taking the Test

    I took the test remotely, which had gone well for the previous three exams. However, this exam will definitely require more of the allotted time than the Associate exams. Be sure to spend 3 straight hours in the space you plan to use without getting up before exam day. I had a fan blowing near me and it got me a bit too cold and then the coffee that I had that morning made sitting still for the longer exam a little more challenging.

     

  • ThomasPowell 7:34 am on November 30, 2021 Permalink | Reply  

    Commodore Maze Generator on AWS Lambda via API Gateway 

    Table of Contents

    The Commodore Maze Generator Program

    I needed something “useful” to output from my Commodore VICE Lambda Custom Runtime that also didn’t require much input (if any) from the requester. Otherwise, I’d have to sanitize the input that is being passed to a shell script and potentially validate it if I didn’t want unpredictable behavior. I settled on a Commodore 128 version of the Commodore Maze Generator (the fast and slow will be unnecessary once we launch from the Lambda with the -warp option on VICE, but I never changed the program so it’s left in here. The fast and slow and everything before line 50 is Commodore 128 BASIC 7.0-specific, but the Commodore 64 version just requires substitution of POKE commands instead. (See vice-lambda repo on GitHub for latest version)

    5 fast
10 scnclr
20 color 0,2
30 color 4,2
40 color 5,1
50 for y=1 to 25
60 for x=1 to 40
70 print chr$(205.5+rnd(1));
80 next x
90 next y
95 slow
100 goto 100

    Making sure that the Lambda returns an image for Lambda

    I want to be able to use Lambda Proxy Integration when setting up the API Gateway, so I need to return a format that maps the information properly. The response JSON needs to have:

    • isBase64Encoded set to true (necessary for the translation of the PNG back from base64)
    • headers with "Content-type" and "content-disposition" set (image/png and inline for this example)
    • statusCode of 200 (right now, if we have an error it’s either not caught or happens at the Lambda invocation level)
    • body containing the base64 data. Note the -w 0 argument to turn off line breaks when wrapping… Lambda Proxy Integration doesn’t handle that well.
    function handler() {
  cd vice
  SEED=$((0 - `od -An -N2 -i /dev/random`))
  ./x128 -silent -sound -keybuf "
  3 i=rnd($SEED)
  `cat ../maze.bas`
  run
  " -warp -limitcycles 20000000 -exitscreenshotvicii /tmp/$1.png 2>&1 >/dev/null
  cd ..

  RESPONSE="{\"isBase64Encoded\": true, \"headers\": {\"Content-type\": \"image/png\", \"content-disposition\":\"inline\"}, \"statusCode\":200, \"body\":\"`base64 -w 0 /tmp/$1.png`\"}"

  echo $RESPONSE
}

    Also note that we’re passing in a SEED value because, otherwise, the Commodore 128 will generate the same maze every time.

    Repackage the Lambda and upload as in the Commodore VICE Lambda Custom Runtime blog post.

    Setting up the API Gateway

    Go to API Gateway in the AWS Console and select [Create API]

    APIs Create API

    Choose [Build] under “REST API” (we won’t be using OIDC/OAuth2/CORS…)

    REST API -> Build

    Choose REST, New API, and name your API:

    REST, New API, API Name

    Create a GET Method and check the checkmark

    Create Method
    API Method verb selection -> GET
    Check the checkmark to commit
    • Choose “Lambda Function” for your Integration Type
    • Check “Use Lambda Proxy Integration”
    • Type the name of the Lambda that you’ve calling and select it and [Save] and confirm that you want to add role/permission for the Lambda.
    GET API configuration

    Deploy the API

    Back on your API view, select the [Actions] dropdown and [Deploy API]

    API Actions "Deploy API"

    Just create a new dev stage… we’re not going to “production” with this experiment

    Create new dev stage

    and [Deploy]

    It’s broken

    If you click the Invoke URL presented, you will get a broken image

    Invoke URL
    Broken image from the API

    Since we’re only sending back PNG files, we can just tell the API that */* is a Binary Media Type by going to Settings on the left sidebar for the API and [(+) Add Binary Media Type]

    Add Binary Media Type

    Be sure to save the settings, redeploy the API and be sure to use the Invoke URL for the correct API! (I had two identical and was “fixing” the wrong one… hence the different API URL snapshots)

    Commodore Maze Generator PNG 1

    If you refresh, you should get a new maze from the Commodore maze generator program:

    Commodore Maze Generator run 2

    Some Troubleshooting

    • Be sure to save your settings
    • Test your API call to Lambda in the Method Execution view (Resources -> GET -> Test [lightning bolt])
    • Be sure to redeploy your API after settings change.
     

  • ThomasPowell 9:24 pm on November 18, 2021 Permalink | Reply
    Tags: amazon linux, , , ,   

    Commodore 128 (VICE) Custom Runtime on AWS Lambda 

    Table of Contents

    Why a Commodore 128 Custom Runtime??

    The first reason is wanted to do a Commodore 128 Custom Runtime on AWS Lambda is because it’s an absolutely ridiculous thing to do. The Commodore 128 runs at 1 MHz (2 MHz in “fast” mode) natively on the 8502 processor vs. multi-GHz scale.

    Another reason is because I’ve had challenges with the slight differences with Amazon Linux vs. Ubuntu for EC2 instance. This seemed like a good way to exercise working through those differences.

    The last reason is that I wanted a platform that would require me to dig a little deeper into how things are managed for a custom Lambda. The only directory that’s writable is /tmp. There are specific conventions used to honor the function.handler format. The responses (if you don’t have a supported runtime) are handled through callback URLs.

    Compiling VICE

    It’s a bit of an adventure getting VICE running on Amazon Linux. Ubuntu provides a package for VICE (of course, you’re on your own for the ROMs themselves.) With Amazon Linux, you’ll need to download the tarball and compile. Here’s my video recreating that process through to getting the Lambda running:

    Compile VICE and Building the Custom Runtime

    The steps… fire up an Amazon Linux EC2 instance and:

    • sudo yum update
    • sudo yum install links -y
    • links https://vice-emu.sourceforge.io and download the vice-3.5.tar.gz
    • tar zxvf vice-3.5.tar.gz from the home directory
    • sudo yum install -y gcc gcc-c++ flex bison dos2unix libpng-devel.x86_64
    • links https://www.floodgap.com/retrotech/xa/ and download xa-2.3.11.tar.gz or whatever version is available
    • tar zxvf xa-2.3.11.tar.gz
    • cd xa-2.3.11 and make
    • Add xa to the path with PATH=~/xa-2.3.11:$PATH
    • cd ~
    • cd vice-3.5 and ./configure --disable-pdf-docs --enable-headlessui --without-pulse --without-alsa and make

    You should be able to cd ~/vice-3.5/data/C128 and run:

    ../src/x128 -silent -sound -ntsc -keybuf "10 graphic 1
20 scnclr
30 circle 1,100,100,20
run
" -warp -limitcycles 8000000 -exitscreenshotvicii image.png

    and be able to scp the image.png and open it and see a screenshot something like (bump cycles to 10,000,000 if necessary): (Edit: use -warp not +warp to enable warp mode)

    Testing x128 for Custom Runtime
    C128 Circle

    Packaging the Necessary Pieces

    Make a vice-package directory or similar and grab the contents of vice-3.5/data/C128 (some files can be excluded, such as build files if you want to trim the package down) and the vice-3.5/src/x128 file and tar the vice-package directory (tar cvf vice-package.tar vice-package/*) and scp it down to your local computer.

    Get the Sample Lambda for Custom Runtime

    Go to Lambda -> Functions -> Create Function -> Author from Scratch and select the “Provide your own bootstrap on Amazon Linux 2” option:

    Custom Runtime provide your own bootstrap
    Custom Runtime template

    Copy the bootstrap.sample to the root of the lambda package you are going to create and name it bootstrap and the hello.sh.sample as function or whatever the first part of your function.handler name is (see the Runtime settings below the code window):

    Runtime settings where your function.handler is named.

    Constructing the bootstrap

    There are a couple of environment variables (XDG_CACHE_HOME and XDG_CONFIG_HOME) that have to be set to /tmp so that VICE can write to them. Be sure the handler in Runtime settings matches <script_name>.<bash_function_name> or else Lambda won’t be able to find it to invoke (actually the bootstrap below won’t… you can skip using $_HANDLER and hard code, but then the AWS console won’t help you for function configuration.) I disabled the -e option because we’re actually going to exit VICE ungracefully on purpose for simplicity. Be aware that this is the ON ERROR RESUME NEXT or “try with empty catch block” in that your code will ignore all the other potential failures along the way.

    #!/bin/sh
# set -euo pipefail
# we're going to exit VICE on clock cycles so -e option would fail in this case
set -uo pipefail

# otherwise vice tries to write to the 'home' directory that isn't a [writeable] thing in Lambda
export XDG_CACHE_HOME=/tmp
export XDG_CONFIG_HOME=/tmp

# Handler format: <script_name>.<bash_function_name>
#
# The script file <script_name>.sh  must be located at the root of your
# function's deployment package, alongside this bootstrap executable.
source $(dirname "$0")/"$(echo $_HANDLER | cut -d. -f1).sh"

while true
do
    # Request the next event from the Lambda runtime
    HEADERS="$(mktemp)"
    EVENT_DATA=$(curl -v -sS -LD "$HEADERS" -X GET "http://${AWS_LAMBDA_RUNTIME_API}/2018-06-01/runtime/invocation/next")
    INVOCATION_ID=$(grep -Fi Lambda-Runtime-Aws-Request-Id "$HEADERS" | tr -d '[:space:]' | cut -d: -f2)

    # Execute the handler function from the script
    RESPONSE=$($(echo "$_HANDLER" | cut -d. -f2) $INVOCATION_ID "$EVENT_DATA")

    # Send the response to Lambda runtime
    curl -v -sS -X POST "http://${AWS_LAMBDA_RUNTIME_API}/2018-06-01/runtime/invocation/$INVOCATION_ID/response" -d "$RESPONSE"
done

    Constructing the handler

    The handler for this setup needs to only output what is intended as a response. I’m redirecting stderr and stdout to /dev/null because there are some messages that pop-up in the current state of the emulator. I am also using the -silent option to suppress all the errors about missing disk drive and other device ROMs that I don’t care about for this case.

    function handler () {
  EVENT_DATA=$2

  cd vice-package

  ./x128 -silent -sound -ntsc -keybuf "10 graphic 1
    20 scnclr
    30 circle 1,100,100,20
    run
  " +warp -limitcycles 8000000 -exitscreenshotvicii /tmp/$1.png 2>&1 >/dev/null
  cd ..


  RESPONSE="{\"isBase64Encoded\": true, \"headers\": {\"Content-type\": \"image/png\", \"content-disposition\":\"attachment; filename=$1.png\"}, \"statusCode\":200, \"body\":\"`base64 /tmp/$1.png`\"}"

  echo $RESPONSE
}

    The response

    The above response is intended to output JSON in preparation for API Gateway Lambda integration. statusCode is required, and to convert the image back to an image isBase64Encoded and the headers Content-type is needed. The content-disposition is to tell it to download. All this gets POSTed back by the bootstrap script to the invocation response callback. The body is the base64 encoded png file, but in the current invocation in Amazon Linux, I’m getting newlines in the output, so that’s a problem to debug before attaching to API Gateway.

    One more missing piece

    We also need to pull libpng from our EC2 instance and place in the root of the lambda function at the same level as the bootstrap file. Just scp [email protected]:/usr/lib64/libpng\* . for that.

    Structure of the zip file and Deploy

    zip up the following pieces into your lambda.zip (zip file name doesn’t really matter, just the organization of the contents):

    • bootstrap
    • function.sh
    • libpng*
    • vice-package/*

    Once uploaded, you should be able to [Test] the function and check the logs. Add a set -x to your bootstrap if things aren’t behaving. You may need to chmod +x your bootstrap if you haven’t tried to run it locally for testing.

     

← Older posts

c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel
%d bloggers like this: