Návrh Školení

1. Introduction to OpenStack

  • History of the cloud and OpenStack
  • Cloud features
  • Cloud models
    • private, public, hybrid
    • on-premise, IaaS, PaaS, SaaS
  • Public and private cloud deployments based on OpenStack
  • Open source and commercial OpenStack distributions
  • OpenStack deployment models
  • OpenStack ecosystem
    • Modules
    • Underlying tools
    • Integrations
  • OpenStack lifecycle
  • OpenStack certification
  • OpenStack lab (VM) for this course

2. Hands-on OpenStack administration workshop 

  • Getting to know OpenStack 
    • OpenStack components (Keystone, Glance, Nova, Neutron, Cinder, Swift, Heat)
    • Interaction with OpenStack cloud
    • OpenStack daemons and API communication flow
  • Keystone - Identity management service
    • Keystone architecture
    • Authentication and available backends
    • Token types and token management
    • Authorization in OpenStack - roles and oslo.policy
    • Keystone resources - domains, projects, users
    • Openrc and clouds.yaml - CLI clients configuration
    • OpenStack service catalog
    • Adding new OpenStack service
    • Quota system in OpenStack
  • Glance - Image service
    • Images adjusted to the cloud
    • Image features (properties, metadata, format, container)
    • Uploading and downloading image
    • Sharing images
    • Glance image stores
    • Protected images
    • Manage quotas for image service
    • Verification of Glance services
  • Neutron - Networking
    • Architecture and Neutron services
    • The ML2 plugin
    • Networking in compute node - analysis
    • Networking concepts and tools used by Neutron
    • Basic Neutron network resource types
    • Manage tenant networks, subnets, 
    • Manage security groups and rules
    • East-West routing
    • Network namespaces
    • Manage external/provider networks
    • North-South routing
    • Floating IPs management
    • Role-based access control in Neutron
    • Manage network quotas
    • Internals of SDN and NFV (iptables, ip route, OVS)
    • Basic network troubleshooting (namespaces, tcpdump, etc.)
    • Networking quotas
    • Verification of Neutron services
  • Nova - Compute service
    • Interfaces to hypervisors
    • Keypair management
    • Flavour management
    • Flavors and CPU topology
    • Instance parameters
    • Creating an instance
    • Verification of spawned instances
    • Snapshotting
    • Instance management
    • Resizing instances
    • Assigning floating IPs
    • Interactive console and console log
    • Security groups assignment
    • Internals of security groups and port-security features (iptables)
    • Internals of L3 routers
    • Compute quotas
    • Getting statistics from Nova
    • Placement API and Nova Cells v2
    • Placement API and instance scheduling
    • Placement API client commands
    • Verification of Nova services
  • Cinder - Block Storage
    • Volume parameters
    • Creating volume
    • Manage volume
    • Attaching volume to Nova instance
    • Managing volume snapshots
    • Managing volume backups
    • Internals of snapshots and backups in Cinder
    • Transferring volumes between projects
    • Restoring backups
    • Managing volume quotas
    • Adding new storage backend
    • QoS in Cinder
    • LVM, storage array and Ceph storage backends
    • Ceph in OpenStack
    • Integrating Ceph and Cinder
    • Good practices for Ceph deployments
    • Verification of Cinder services
  • Barbican - Key Management Service
    • Barbican architecture
    • Storing passphrases
    • Generating and storing symmetric encryption keys
    • Volume encryption mechanisms
    • Configuring Cinder storage type for volume encryption
    • Limitations of volume encryption
    • Storing X.509 certificate bundles
  • Swift - Object Storage
    • Swift components and processes
    • Managing containers and objects
    • Managing access control lists
    • Setting up object expiration
    • The Ring and storage policies
    • Monitoring available storage space
    • Setting up quotas
    • Verification of Swift services
  • Heat - Orchestration
    • Heat Orchestration Template and its components
    • Creating Heat stack
    • Verification of Heat stack
    • Updating Heat stack
    • Verification of Heat services
  • Basic troubleshooting
    • Analyzing log files
    • Centralized logging
    • Debugging OpenStack client queries
    • Managing OpenStack database
    • Extracting information from service databases
    • Backing up OpenStack
    • Analyzing compute node status
    • Analyzing instance status
    • Troubleshooting instances at the compute node (libvirt)
    • Analyzing AMQP broker (RabbitMQ)
    • Troubleshooting RabbitMQ
    • Metadata services
    • General way of diagnosing OpenStack issues
    • Troubleshooting network problems
    • Troubleshooting network performance
    • Instance backup and recovery

2. Advanced Topics

  • Octavia - Load Balancing-as-a-service
    • Architecture
    • Objects and request flow
    • Octavia flavors
    • Octavia Availability Zones
    • Creating the HTTP load balancer
    • Creating the TCP load balancer
    • Creating HTTPS passthrough load balancer
    • Listeners, Pools and Health Monitors
    • Layer 7 load balancing in Octavia
    • Building Amphora image
    • LB Failover
    • Networking and Monitoring details
    • Troubleshooting Octavia
  • Hardware considerations and capacity planning
    • Compute hardware
    • Network design
    • Storage design
    • Flavour sizing
    • Resource overcommitment
  • Highly Available control plane
    • HA in OpenStack services
    • HA database
    • HA message queue
    • Active-Active vs Active-Passive deployments
    • Multi-region deployments
  • Cloud partitioning and scheduler filters
    • Why and how implement cloud partitions (host-aggregates)
    • Nova scheduler filters
    • Dive into filter's code
  • Workload migration
    • Cold and live migration
    • Live migration tweaking
    • Migration excercises and troubleshooting
  • Policies and authorization in OpenStack
    • Oslo.policy
    • Creating a new meaningful role with policy files
    • Verifying API access for the specific user
  • In-depth OpenStack networking (SDN) (2-3h)
    • Types of network (local, flat, vlan, vxlan, gre)
    • Detailed netowork flow and architecture in various neutron deployments
      • East-West traffic in tenant networks
      • North-South traffic in tenant networks
      • Traffic in provider-only deployments
    • Neutron plugins
      • Linux Bridge
      • Open vSwitch
    • OVS troubleshooting and excercises
    • Troubleshooting security groups (iptables, tcpdump)
    • Port-security adjustments and vIP management
    • Distributed Virtual Routers
    • LBaaS + Octavia project
    • VPNaaS
  • OpenStack monitoring and telemetry
    • Ceilometer service
    • External monitoring
  • Advances cloud/hypervisor features
    • CPU pinning / NUMA architecture
    • SR-IOV
  • Cloud-init and image customization
    • Metadata Service
    • Getting information from metadata service
  • Block storage backends
    • LVM
    • Ceph RBD
    • Physical appliances
    • Storage network considerations
  • Upgrading OpenStack
    • Upgrade strategies and procedures
    • Zero-downtime upgrade
  • Bare-metal provisioning with OpenStack
    • Ironic module
    • Undercloud and overcloud concepts
  • Various excercises on troubleshooting OpenStack cluster
  • Example examination tasks
  • Future of OpenStack

Požadavky

  • Základní Linux administrativní dovednosti
  • Základní znalosti sítí
  • Základní znalost paradigmatu cloud computingu
 35 hodiny

Počet účastníků



Price per participant

Reference (4)

Související kurzy

Linux for Network Engineers

14 hodiny

ONAP for Network Orchestration and Automation

28 hodiny

ONAP for Automating Telecommunication Systems and Operations

21 hodiny

OpenStack Architecture and Troubleshooting

14 hodiny

OpenStack Bootcamp

28 hodiny

OpenStack and NFV (with OVN and OpenFlow)

21 hodiny

OpenStack Security

14 hodiny

Software-Defined Networking

28 hodiny

Mirantis OpenStack for Kubernetes

14 hodiny

Preparation for Certified OpenStack Administrator (COA) exam

21 hodiny

OpenStack for Telecom

14 hodiny

Create OpenStack cloud infrastructure

14 hodiny

OpenStack Administration

14 hodiny

OpenStack Architecture Design

14 hodiny

Související kategorie