お問い合わせを送信いただきありがとうございます!当社のスタッフがすぐにご連絡いたします。
予約を送信いただきありがとうございます!当社のスタッフがすぐにご連絡いたします。
コース概要
1. Introduction to OpenStack
- History of the cloud and OpenStack
- Cloud features
- Cloud models
- private, public, hybrid
- on-premise, IaaS, PaaS, SaaS
- Public and private cloud deployments based on OpenStack
- Open source and commercial OpenStack distributions
- OpenStack deployment models
- OpenStack ecosystem
- Modules
- Underlying tools
- Integrations
- OpenStack lifecycle
- OpenStack certification
- OpenStack lab (VM) for this course
2. Hands-on OpenStack administration workshop
- Getting to know OpenStack
- OpenStack components (Keystone, Glance, Nova, Neutron, Cinder, Swift, Heat)
- Interaction with OpenStack cloud
- OpenStack daemons and API communication flow
- Keystone - Identity management service
- Keystone architecture
- Authentication and available backends
- Token types and token management
- Authorization in OpenStack - roles and oslo.policy
- Keystone resources - domains, projects, users
- Openrc and clouds.yaml - CLI clients configuration
- OpenStack service catalog
- Adding new OpenStack service
- Quota system in OpenStack
- Glance - Image service
- Images adjusted to the cloud
- Image features (properties, metadata, format, container)
- Uploading and downloading image
- Sharing images
- Glance image stores
- Protected images
- Manage quotas for image service
- Verification of Glance services
- Neutron - Networking
- Architecture and Neutron services
- The ML2 plugin
- Networking in compute node - analysis
- Networking concepts and tools used by Neutron
- Basic Neutron network resource types
- Manage tenant networks, subnets,
- Manage security groups and rules
- East-West routing
- Network namespaces
- Manage external/provider networks
- North-South routing
- Floating IPs management
- Role-based access control in Neutron
- Manage network quotas
- Internals of SDN and NFV (iptables, ip route, OVS)
- Basic network troubleshooting (namespaces, tcpdump, etc.)
- Networking quotas
- Verification of Neutron services
- Nova - Compute service
- Interfaces to hypervisors
- Keypair management
- Flavour management
- Flavors and CPU topology
- Instance parameters
- Creating an instance
- Verification of spawned instances
- Snapshotting
- Instance management
- Resizing instances
- Assigning floating IPs
- Interactive console and console log
- Security groups assignment
- Internals of security groups and port-security features (iptables)
- Internals of L3 routers
- Compute quotas
- Getting statistics from Nova
- Placement API and Nova Cells v2
- Placement API and instance scheduling
- Placement API client commands
- Verification of Nova services
- Cinder - Block Storage
- Volume parameters
- Creating volume
- Manage volume
- Attaching volume to Nova instance
- Managing volume snapshots
- Managing volume backups
- Internals of snapshots and backups in Cinder
- Transferring volumes between projects
- Restoring backups
- Managing volume quotas
- Adding new storage backend
- QoS in Cinder
- LVM, storage array and Ceph storage backends
- Ceph in OpenStack
- Integrating Ceph and Cinder
- Good practices for Ceph deployments
- Verification of Cinder services
- Barbican - Key Management Service
- Barbican architecture
- Storing passphrases
- Generating and storing symmetric encryption keys
- Volume encryption mechanisms
- Configuring Cinder storage type for volume encryption
- Limitations of volume encryption
- Storing X.509 certificate bundles
- Swift - Object Storage
- Swift components and processes
- Managing containers and objects
- Managing access control lists
- Setting up object expiration
- The Ring and storage policies
- Monitoring available storage space
- Setting up quotas
- Verification of Swift services
- Heat - Orchestration
- Heat Orchestration Template and its components
- Creating Heat stack
- Verification of Heat stack
- Updating Heat stack
- Verification of Heat services
- Basic troubleshooting
- Analyzing log files
- Centralized logging
- Debugging OpenStack client queries
- Managing OpenStack database
- Extracting information from service databases
- Backing up OpenStack
- Analyzing compute node status
- Analyzing instance status
- Troubleshooting instances at the compute node (libvirt)
- Analyzing AMQP broker (RabbitMQ)
- Troubleshooting RabbitMQ
- Metadata services
- General way of diagnosing OpenStack issues
- Troubleshooting network problems
- Troubleshooting network performance
- Instance backup and recovery
2. Advanced Topics
- Octavia - Load Balancing-as-a-service
- Architecture
- Objects and request flow
- Octavia flavors
- Octavia Availability Zones
- Creating the HTTP load balancer
- Creating the TCP load balancer
- Creating HTTPS passthrough load balancer
- Listeners, Pools and Health Monitors
- Layer 7 load balancing in Octavia
- Building Amphora image
- LB Failover
- Networking and Monitoring details
- Troubleshooting Octavia
- Hardware considerations and capacity planning
- Compute hardware
- Network design
- Storage design
- Flavour sizing
- Resource overcommitment
- Highly Available control plane
- HA in OpenStack services
- HA database
- HA message queue
- Active-Active vs Active-Passive deployments
- Multi-region deployments
- Cloud partitioning and scheduler filters
- Why and how implement cloud partitions (host-aggregates)
- Nova scheduler filters
- Dive into filter's code
- Workload migration
- Cold and live migration
- Live migration tweaking
- Migration excercises and troubleshooting
- Policies and authorization in OpenStack
- Oslo.policy
- Creating a new meaningful role with policy files
- Verifying API access for the specific user
- In-depth OpenStack networking (SDN) (2-3h)
- Types of network (local, flat, vlan, vxlan, gre)
- Detailed netowork flow and architecture in various neutron deployments
- East-West traffic in tenant networks
- North-South traffic in tenant networks
- Traffic in provider-only deployments
- Neutron plugins
- Linux Bridge
- Open vSwitch
- OVS troubleshooting and excercises
- Troubleshooting security groups (iptables, tcpdump)
- Port-security adjustments and vIP management
- Distributed Virtual Routers
- LBaaS + Octavia project
- VPNaaS
- OpenStack monitoring and telemetry
- Ceilometer service
- External monitoring
- Advances cloud/hypervisor features
- CPU pinning / NUMA architecture
- SR-IOV
- Cloud-init and image customization
- Metadata Service
- Getting information from metadata service
- Block storage backends
- LVM
- Ceph RBD
- Physical appliances
- Storage network considerations
- Upgrading OpenStack
- Upgrade strategies and procedures
- Zero-downtime upgrade
- Bare-metal provisioning with OpenStack
- Ironic module
- Undercloud and overcloud concepts
- Various excercises on troubleshooting OpenStack cluster
- Example examination tasks
- Future of OpenStack
要求
- Basic Linux administration skills
- Basic networking knowledge
- Basic knowledge of cloud computing paradigm
35 時間
お客様の声 (3)
The trainer was extremely knowledgable and helpful. While walking through the exercises, I wasn't rushed and was allowed to make mistakes (to a point) and then help was given to correct to them where needed.
Tim Wilkes - Gamma
コース - OpenStack Security
コミュニケーション、経験からの知識、問題解決、
Marcin Walewski - Intel Technology Poland Sp. z o.o.
コース - OpenStack Bootcamp
機械翻訳
To get a better understanding about OpenStack.
