Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
1. Introduction to OpenStack - 2h
● History of the cloud and OpenStack
● Cloud features
● Cloud models
○ private, public, hybrid
○ on-premise, IaaS, PaaS, SaaS
● Public and private cloud deployments based on OpenStack
● Open source and commercial OpenStack distributions
● OpenStack deployment models
● OpenStack ecosystem
○ Modules
○ Underlying tools
○ Integrations
● OpenStack lifecycle
● OpenStack certification
● OpenStack lab (VM) for this course
2. Hands-on OpenStack administration workshop
● Getting to know OpenStack ~0.5h
○ OpenStack components (Keystone, Glance, Nova, Neutron, Cinder, Swift,
Heat)
○ Interaction with OpenStack cloud
○ OpenStack daemons and API communication flow
● Keystone - Identity management service ~1h
○ Keystone architecture
○ Authentication and available backends
○ Token types and token management
○ Authorization in OpenStack - roles and oslo.policy
○ Keystone resources - domains, projects, users
○ Openrc and clouds.yaml - CLI clients configuration
○ OpenStack service catalog
○ Adding new OpenStack service
○ Quota system in OpenStack
● Glance - Image service ~1.5h
○ Images adjusted to the cloud
○ Image features (properties, metadata, format, container)
○ Uploading and downloading image
○ Sharing images
○ Glance image stores
○ Protected images
○ Manage quotas for image service
○ Verification of Glance services
● Neutron - Networking ~2-3h
○ Architecture and Neutron services
○ The ML2 plugin
○ Networking in compute node - analysis
○ Networking concepts and tools used by Neutron
○ Basic Neutron network resource types
○ Manage tenant networks, subnets,
○ Manage security groups and rules
○ East-West routing
○ Network namespaces
○ Manage external/provider networks
○ North-South routing
○ Floating IPs management
○ Manage network quotas
○ Basic network troubleshooting (namespaces, tcpdump, etc.)
○ Networking quotas
○ Verification of Neutron services
● Nova - Compute service ~2-3h
○ Interfaces to hypervisors
○ Keypair management
○ Flavour management
○ Flavors and CPU topology
○ Instance parameters
○ Creating an instance
○ Verification of spawned instances
○ Snapshotting
○ Instance management
○ Resizing instances
○ Assigning floating IPs
○ Interactive console and console log
○ Security groups assignment
○ Compute quotas
○ Getting statistics from Nova
○ Placement API and Nova Cells v2
○ Placement API and instance scheduling
○ Placement API client commands
○ Verification of Nova services
● Cinder - Block Storage ~2-3h
○ Volume parameters
○ Creating volume
○ Manage volume
○ Attaching volume to Nova instance
○ Managing volume snapshots
○ Managing volume backups
○ Internals of snapshots and backups in Cinder
○ Transferring volumes between projects
○ Restoring backups
○ Managing volume quotas
○ Adding new storage backend
○ QoS (limits) in Cinder
○ LVM, storage array and Ceph storage backends
○ Ceph in OpenStack
○ Integrating Ceph and Cinder
○ Good practices for Ceph deployments
○ Verification of Cinder services
● Barbican - Key Management Service - ~2h
○ Barbican architecture
○ Storing passphrases
○ Generating and storing symmetric encryption keys
○ Volume encryption mechanisms
○ Configuring Cinder storage type for volume encryption
○ Limitations of volume encryption
○ Storing X.509 certificate bundles
● Swift - Object Storage (quick screening for the COA exam) <1h
○ Swift components and processes
○ Managing containers and objects
○ Managing access control lists
○ Setting up object expiration
○ The Ring and storage policies
○ Monitoring available storage space
○ Setting up quotas
○ Verification of Swift services
● Octavia - Load Balancing-as-a-service ~2-3h
○ Architecture
○ Objects and request flow
○ Octavia flavors
○ Octavia Availability Zones
○ Creating the HTTP load balancer
○ Creating the TCP load balancer
○ Creating HTTPS passthrough load balancer
○ Listeners, Pools and Health Monitors
○ Layer 7 load balancing in Octavia
○ Building Amphora image
○ LB Failover
○ Networking and Monitoring details
○ Troubleshooting Octavia
● Heat - Orchestration ~1-2h
○ Heat Orchestration Template and its components
○ Creating Heat stack
○ Verification of Heat stack
○ Updating Heat stack
○ Verification of Heat services
● Basic troubleshooting ~2h
○ Analyzing log files
○ Centralized logging
○ Debugging OpenStack client queries
○ Managing OpenStack database
○ Backing up OpenStack
○ Analyzing compute node status
○ Analyzing instance status
○ Analyzing AMQP broker (RabbitMQ)
○ Metadata services
○ General way of diagnosing OpenStack issues
○ Troubleshooting network problems
○ Troubleshooting network performance
○ Instance backup and recovery
3. Advanced Topics
● Hardware considerations and capacity planning ~2h
○ Compute hardware
○ Network design
○ Storage design
○ Flavour sizing
○ Resource overcommitment
● Role system - authorization in OpenStack ~2h
○ Creating new role as member role extension
○ policy.yaml - API calls authorization
● Highly Available control plane ~1h
○ HA in OpenStack services
○ HA database
○ HA message queue
● Cloud partitioning and scheduler filters ~1h
○ Why and how implement cloud partitions (host-aggregates)
○ Nova scheduler filters
● Workload migration ~1h
○ Cold and live migration
○ Live migration tweaking
● OpenStack monitoring and telemetry <1h
○ Ceilometer service
○ External monitoring
● Advanced cloud/hypervisor features <1h
○ CPU pinning / NUMA architecture
○ SR-IOV
● Cloud-init and image customization <1h
○ Metadata Service
● Block storage backends <1h
○ LVM
○ Ceph RBD
○ Physical appliances
○ Storage network considerations
● Upgrading OpenStack <1h
○ Upgrade strategies and procedures
○ Zero-downtime upgrade
● Bare-metal provisioning with OpenStack <1h
○ Ironic module
○ Undercloud and overcloud concepts
● Future of OpenStack
4. Deep-dive into Neutron and OVN backend - ~6-8h
● OVN architecture
● OVN components
● ML2 - OVN vs OvS driver
● Top-down OVN networking
○ OpenStack logic (Neutron database)
○ Northbound database
○ Southbound database
○ Logical datapath pipelines
○ Logical flows
○ OpenFlow flows
● Neutron network and OVN logical switch
○ Logical ports and their types
○ Switching flows
● Neutron router and OVN logical router
○ NAT types
○ Routing flows
● Neutron subnet and native DHCP
○ DHCP flows
● Security groups in OVN
○ ACLs and Port Groups
○ Security group flows
○ Port security in OVN
● Summary of OVN Northbound tables
● Information flow in OVN
○ Neutron DB, OVN NB and SB DB, OpenFlow at OvS
● Logical flow tracing
○ Defining microflows
○ L2 tracing
○ L3 tracing
○ DHCP tracing
● Physical flows - OpenFlow
○ Physical live-cycle of VM-originated packet
● Physical tracing
○ Tracing for hypothetical packets
○ Tracing for real packets
● Displaying Open vSwitch database and resources
35 Hours
Delivery Options
Private Group Training
Our identity is rooted in delivering exactly what our clients need.
- Pre-course call with your trainer
- Customisation of the learning experience to achieve your goals -
- Bespoke outlines
- Practical hands-on exercises containing data / scenarios recognisable to the learners
- Training scheduled on a date of your choice
- Delivered online, onsite/classroom or hybrid by experts sharing real world experience
Private Group Prices RRP from €11400 online delivery, based on a group of 2 delegates, €3600 per additional delegate (excludes any certification / exam costs). We recommend a maximum group size of 12 for most learning events.
Contact us for an exact quote and to hear our latest promotions
Public Training
Please see our public courses
Testimonials (4)
The trainer was extremely knowledgable and helpful. While walking through the exercises, I wasn't rushed and was allowed to make mistakes (to a point) and then help was given to correct to them where needed.
Tim Wilkes - Gamma
Course - OpenStack Security
communication, knowledge from experience, solve problems,
Marcin Walewski - Intel Technology Poland Sp. z o.o.
Course - OpenStack Bootcamp
The varied topics
Daniel Lindh - Tele 2 Sverige AB
Course - OpenStack for Telecom
To get a better understanding about OpenStack.
