OpenStack Objectives V1 - OPCEL ( OpenStack Professionals Certification Exam by LPI-Japan )

From OpenStack技術者認定試験(OpenStack Professional Certification Exam)
Jump to: navigation, search


Introduction

Introduction Text

Version Information

These objectives are version 1.0.0 DRAFT.

The version 1.x objectives can be found here.


Translations of Objectives

The following translations of the objectives are available on this wiki:


Minimally Qualified Candidate

This is a description of an OpenStack professional that is just barely qualified to perform each of the roles covered in the OpenStack certification exam. This hypothetical person is called the Minimally Qualified Candidate (MQC). Standards for the certification exam should be set so that this person (and anyone more able) would pass but anyone less able would not pass.

This exam covers the combination of both of the follow roles of OpenStack use; the operator and the administrator.

OpenStack Operator

An OpenStack Certified Operator has the technical ability to use an existing OpenStack installation for the deployment of computing instances, applications and services. This includes knowledge of all OpenStack services that are directly visible to an OpenStack end-user and use of the regular OpenStack tools. The certification holder can also:

  • register and customize new images
  • provision additional block and object storage
  • query telemetry information for reporting

OpenStack Administrator

An OpenStack Certified Administrator has the technical ability to perform administrative tasks on an existing OpenStack installation and can also build an OpenStack installation of the core services. The certification holder can also:

  • manage users, tenants and other system resources
  • create and use new VM images
  • manage object and block storage options
  • customize the dashboard

Objectives

Topic 250: OpenStack Architecture and Deployment

250.1 Cloud Computing Concepts (weight: 3)

Weight 3
Description Candidates should understand the concept of cloud computing, including common patterns and architectures as well as their features and implications.

Key Knowledge Areas:

  • Operator and Administrator aspects:
    • Understand the general concepts of cloud computing (eg. IaaS, PaaS, SaaS), including the characteristics of IaaS clouds and public, private and hybrid clouds.
    • Determine whether cloud computing is appropriate and advantageous for a specific task.
    • Understand the services of an IaaS cloud and how they can be combined to support an application.
    • Understand the implications of IaaS to an application, including aspects of scalability and high availability.
    • Understand non-functional requirements of IaaS clouds as well as Service Level Agreements (SLA) for cloud computing.


250.2 OpenStack Architecture and Design (weight: 5)

Weight 5
Description Candidates should have a detailed understanding of the functionality and roles of all OpenStack core components. Furthermore, candidates should understand the integration of OpenStack components and supporting services. In addition, candidates should be aware of the functionality of integrated and in development components as well as how OpenStack can support existing applications.

Key Knowledge Areas:

  • Operator aspects:
    • Understand the OpenStack services available to a customer including their functionality and their use in the context of user-specific tasks and applications.
  • Administrator aspects:
    • Understand the architecture of the core components of an OpenStack cloud (i.e. Keystone, Horizon, Glance, Cinder, Swift, Neutron, Nova, Ironic, Ceilometer and Heat) as well as their functionality and integration points.
    • Be aware of the functionality of additional OpenStack IaaS components (i.e. Barbican, Designate, Magnum and Manila).
    • Be aware of the functionality of additional OpenStack SaaS components (i.e. Trove, Sahara, Murano and Zaqar).
    • Understand the role of supporting services in an OpenStack cloud (i.e. database and message queue services as well as shared storage, network file systems and virtualization).


250.3 OpenStack Installation and Deployment (weight: 5)

Weight 5
Description Candidates should have an understanding of the procedures and tools used to deploy OpenStack. This includes the use of major OpenStack distributions, manual installation of OpenStack components for production use as well as installation tools used for test environments.

Key Knowledge Areas:

  • Operator aspects:
    • Install OpenStack client applications.
  • Administrator aspects:
    • Understand the advantages and disadvantages about manually installing OpenStack.
    • Be aware of the general procedure to manually deploy OpenStack.
    • Use RDO or DevStack to deploy a development and testing OpenStack cloud.
    • Configure logging of OpenStack components.
    • Understand the key features and deployment methods of major OpenStack Distributions
      • Red Hat Enterprise Linux OpenStack Platform 6 (Foreman, Puppet)
      • Ubuntu OpenStack (Landscape, MAAS, JuJu)
      • SUSE OpenStack Cloud 5 (Crowbar, Chef)
      • Rackspace Private Cloud (Ansible)


The following is a partial list of the used files, terms and utilities:

  • packstack
  • stack.sh
  • localrc
  • local.conf
  • pip
  • cinder-manage
  • glance-manage
  • keystone-manage
  • neutron-db-manage
  • nova-manage


Topic 251: Integral Management Services

251.1 Identity Service, Authentication and Authorization (Keystone) (weight: 6)

Weight 6
Description Candidates should have a profound understanding of the identity, authentication and privilege system of OpenStack. This includes the use of the OpenStack identity service in conjunction with other OpenStack components as well as the administration and maintenance of Keystone and the management of privileges, credentials, policies and the service catalog.

Key Knowledge Areas:

  • Operator aspects:
    • Understand the concepts of domains, tenants/projects, users, roles, tokens, permissions, credentials and authentication.
    • Create and manage tenants/projects and users within an existing domain.
    • Authenticate with OpenStack using command line tools and Horizon.
    • Query the service catalog.
  • Administrator aspects:
    • Understand the architecture and components of Keystone (keystone, keystone-pki).
    • Manage domains, tenants/projects, users, roles, tokens, permissions, credentials and authentication.
    • Manage the service catalog, including services and endpoints.
    • Understand Regions.
    • Manage quotas for tenants.
    • Manage security roles and create and maintain policy files for all OpenStack components and services.

The following is a partial list of the used files, terms and utilities:

  • openstack user
  • openstack project
  • openstack domain
  • openstack catalog
  • openstack endpoint
  • openstack service
  • openstack quota
  • openstack limits
  • openstack usage
  • openstack role
  • /etc/keystone/keystone.conf
  • /etc/keystone/logging.conf
  • /etc/*/policy.json


251.2 Dashboard (Horizon) and RESTful APIs (weight: 2)

Weight 2
Description Candidates should be able to manage OpenStack through the Horizon dashboard and the RESTful APIs. This includes the use of generic tools as well as OpenStack command line tools particularly for the initial step of authentication with OpenStack. Furthermore, candidates be able to perform basic branding and customization of Horizon.

Key Knowledge Areas:

  • Operator aspects:
    • Understand the capabilities of Horizon and the OpenStack RESTful APIs.
    • Log into Horizon and manage OpenStack resources.
    • Use command line tools to interact with the OpenStack RESTful APIs.
  • Administrator aspects:
    • Understand the architecture and components of Horizon and the OpenStack RESTful APIs.
    • Customize and brand Horizon.
    • Configure database caching.
    • Enable and disable password injection.

The following is a partial list of the used files, terms and utilities:

  • curl
  • local_settings.py
  • openstack token
  • openstack, keystone, nova


251.3 Telemetry (Ceilometer) (weight: 3)

Weight 3
Description Candidates should be able to configure and use the basic telemetry functionality of Ceilometer. This includes the ability to collect and use resource usage statistics for reporting and orchestration purposes as well as configuring alarms for monitoring purposes.

Key Knowledge Areas:

  • Operator aspects:
    • Understand data collection (i.e. notifications, polling and sample gathering).
    • Understand measurable properties, including their types, units, origins and the interpretation of the collected data.
    • Query Ceilometer for telemetry data.
    • Configure alarms.
  • Administrator aspects:
    • Understand the architecture and components of Ceilometer (ceilometer-agent-compute, ceilometer-agent-central, ceilometer-agent-ipmi, ceilometer-agent-notification, ceilometer-collector, ceilometer-alarm-evaluator, ceilometer-alarm-notifier, ceilometer-api, ceilometer-polling).

The following is a partial list of the used files, terms and utilities:

  • ceilometer
  • ceilometer-dbsync
  • /etc/ceilometer/ceilometer.conf


251.4 Orchestration (Heat) (weight: 3)

Weight 3
Description Candidates should be able to create basic OpenStack applications using Heat and HOT templates. This includes creating HOT templates and familiarity with AWS CloudFormation templates.

Key Knowledge Areas:

  • Operator aspects:
    • Create simple Heat Orchestration Templates (HOT) to implement auto-scaling and network configuration.
    • Be aware of AWS CloudFormation (CFN) templates.
    • Use trusts to authenticate orchestration users.
  • Administrator aspects:
    • Understand the architecture and components of Heat (heat-api, heat-api-cfn, heat-engine).

The following is a partial list of the used files, terms and utilities:

  • heat
  • heat-manage
  • heat-keystone-setup
  • heat-keystone-setup-domain
  • /etc/heat/heat.conf


Topic 252: Images and Data Storage

252.1 Image Service (Glance) (weight: 5)

Weight 5
Description Candidates should be able to query Glance for available images and use these images to start compute instances. Furthermore, candidates should be able to perform basic administration and maintenance of Glance.

Key Knowledge Areas:

  • Operator aspects:
    • Understand the role of machine images for the deployment of computing instances.
    • Upload and register new machine images and manage metadata.
    • Use machine images to create and launch new computing instances.
  • Administrator aspects:
    • Understand the architecture and components of Glance (glance-api, glance-registry, glance storage adapter).
    • Configure and use local storage for Glance and be aware of storage backends other than the local file system.
    • Manage machine image caches.

The following is a partial list of the used files, terms and utilities:

  • openstack image
  • glance
  • openstack server (image-specific aspects)
  • nova (image-specific aspects)
  • glance-cache-cleaner
  • glance-cache-manage
  • glance-cache-prefetcher
  • glance-cache-pruner
  • glance-scrubber
  • /etc/glance/glance-api.conf
  • /etc/glance/glance-cache.conf
  • /etc/glance/glance-registry.conf
  • /etc/glance/glance-scrubber.conf
  • /etc/glance/schema-image.json
  • /var/lib/glance/


252.2 Image Creation (weight: 4)

Weight 4
Description Candidates should be able to handle existing virtual machine images. This includes the creation of new images, the customization of images and the preparation of images for their use in OpenStack compute instances.

Key Knowledge Areas:

  • Operator aspects:
    • Access and modify the contents of existing machine images to include additional software and configuration changes.
    • Understand disk image and container formats and convert machine images from one format to another.
  • Administrator aspects:
    • Create new images from scratch and from snapshots of running instances.
    • Modify all aspects of existing machine images.
    • Perform file injection.
    • Configure automatic configuration and formatting of additional ephemeral storage.
    • Seal images.

The following is a partial list of the used files, terms and utilities:

  • guestfish
  • guestmount, guestumount
  • libguestfs tools (virt-*)
  • cloud-init
  • cloudbase-init
  • qemu-img
  • losetup
  • kpartx
  • disk-image-create
  • LVM utilities
  • qemu-nbd
  • loopback-mount
  • /etc/cloud/cloud.cfg
  • /etc/udev/


252.3 Block Storage (Cinder) (weight: 5)

Weight 5
Description Candidates should be able to provide persistent storage to compute instances and use this storage within compute instances. Furthermore, candidates should be able to perform basic administration and maintenance of Cinder.

Key Knowledge Areas:

  • Operator aspects:
    • Understand OpenStack storage, including ephemeral and persistent storage.
    • Create new and manage existing block storage volumes and attach them to computing instances.
    • Manage partitions, LVM and file systems in order to use block storage within computing instances.
    • Use persistent storage for the root file system of computing instances.
    • Create and manage snapshots of block devices.
    • Backup and restore volumes and metadata.
    • Use consistency groups.
  • Administrator aspects:
    • Understand the architecture and components of Cinder (cinder-api, cinder-scheduler, cinder-volume, cinder-backup).
    • Use LVM as the storage backend and be aware of other storage backends (eg. NFS, iSCSI, Ceph).
    • Migrate storage volumes between storage nodes.
    • Configure consistency group functionality.
    • Adjust the number of available Block Storage API services.

The following is a partial list of the used files, terms and utilities:

  • openstack backup
  • openstack snapshot
  • openstack volume
  • cinder
  • openstack server (storage-specific aspects)
  • nova (storage-specific aspects)
  • /etc/cinder/cinder.conf


252.4 Object Storage (Swift) (weight: 5)

Weight 5
Description Candidates should be able to use Swift to store and manage objects. Furthermore, candidates should be able to perform basic administration and maintenance of Swift.

Key Knowledge Areas:

  • Operator aspects:
    • Understand Swift object storage, naming, operations and access.
    • Upload, download and manage objects in Swift.
  • Administrator aspects:
    • Understand the architecture and components of Swift (swift-proxy-server, swift-account-server, swift-container-server, swift-object-servers, housekeeping processes).
    • Understand rings, zones, partitions and mappings.
    • Understand accounts and containers.
    • Create and manage ring builder files.
    • Add and remove storage servers and rebalance the ring.

The following is a partial list of the used files, terms and utilities:

  • openstack container
  • openstack object
  • swift
  • swift-account-reaper
  • swift-ring-builder
  • /etc/swift/account-server.conf
  • /etc/swift/container-server.conf
  • /etc/swift/object-server.conf
  • /etc/swift/proxy-server.conf
  • /etc/swift/swift.conf


Topic 253: Networking and Computing

253.1 Networking Service (Neutron) (weight: 6)

Weight 6
Description Candidates should be familiar with the OpenStack networking architecture and Neutron. They should be able to create and manage networks to interconnect instances and external networks. This includes the assignment of fixed and floating IP addresses, as well as the configuration of DHCP, metering, security and load balancing. Furthermore, candidates should be able to perform basic administration and maintenance of Neutron.

Key Knowledge Areas:

  • Operator aspects:
    • Understand general OpenStack network architecture as well as connecting compute instances.
    • Create and manage user networks, subnets, routers and ports.
    • Understand floating and fixed IP addresses and assign IP addresses to compute instances.
    • Configure compute instances using DHCP.
    • Configure and manage security groups.
    • Configure and manage Firewall-as-a-Service (FWaaS) and Load-Balancing-as-a-Service (LBaaS).
  • Administrator aspects:
    • Understand the architecture and components of Neutron (neutron-server) as well as important Neutron plug-ins and agents (i.e. neutron-dhcp-agent, neutron-l3-agent, neutron-metering-agent).
    • Create and manage provider networks.
    • Manage floating IP addresses.
    • Query information about ports specific to tenants or IP addresses.
    • Configure L3 metering.
    • Enable FWaaS and LBaaS.
    • Understand key features of Open vSwitch and its integration with Neutron.
    • Be aware of OpenDaylight.

The following is a partial list of the used files, terms and utilities:

  • openstack network
  • openstack ip
  • openstack security group
  • neutron
  • neutron-openvswitch-agent
  • neutron-ovs-cleanup
  • /etc/neutron/neutron.conf
  • /etc/neutron/dhcp_agent.ini
  • /etc/neutron/metering_agent.ini
  • /etc/neutron/l3_agent.ini


253.2 Compute Service (Nova) (weight: 6)

Weight 6
Description Candidates should be able to completely manage the lifecycle of Nova compute instances. This includes using flavors, segmentation and accessing running compute instances. Furthermore, a candidate should be able to repair and migrate compute instances and perform basic administration and maintenance of Nova.

Key Knowledge Areas:

  • Operator aspects:
    • Understand the concepts of compute instances, cells, availability zones, security zones, and ephemeral and persistent storage.
    • Query Nova for compute instance flavors, instance images and availability zones.
    • Configure and manage security zones.
    • Create and add SSH keys to Nova.
    • Create and launch new compute instances and gather information on running instances.
    • Access running compute instances using SSH, VNC and SPICE.
    • Repair and rebuild broken compute instances.
  • Administrator aspects:
    • Understand the architecture and components of Nova (nova-api, nova-cert, nova-compute, nova-conductor, nova-scheduler, nova-api-metadata, nova-cells, nova-consoleauth, nova-novncproxy, nova-spicehtml5proxy, nova-xvpnvncproxy).
    • Configure instance flavors.
    • Use KVM as the hypervisor and be aware of other hypervisors.
    • Configure rescue images for compute instances.
    • Understand ephemeral and persistent storage as well as the implications of local and shared storage.
    • Configure and use live migration with and without shared storage.
    • Evacuate Nova nodes and restore compute instances from failed Nova nodes.

The following is a partial list of the used files, terms and utilities:

  • openstack server
  • openstack flavor
  • openstack keypair
  • openstack compute
  • openstack console
  • openstack aggregate
  • openstack availability zone
  • openstack host
  • openstack security group
  • openstack hypervisor
  • nova-console
  • nova
  • /etc/nova/nova.conf


253.3 Bare Metal Provisioning (Ironic) (weight: 2)

Weight 2
Description Candidates should be able to provision bare metal nodes using Ironic. This includes the configuration knowledge of Nova and Neutron that is required to facilitate Ironic deployments. Furthermore, candidates should understand the supporting network services required by Ironic.

Key Knowledge Areas:

  • Operator aspects:
    • Understand the concept of bare metal provisioning.
    • Prepare machine images for bare metal deployment and add them to Glance.
    • Choose flavors and inspect the hardware of bare metal nodes.
    • Boot bare metal nodes, including disk configuration.
  • Administrator aspects:
    • Understand the architecture and components of Ironic (ironic-api, ironic-conductor, ironic-python-agent, drivers) and its interaction with other OpenStack components (i.e. Neutron, Nova and Glance).
    • Understand network services supporting Ironic (i.e. PXE, DHCP, NBP, TFTP and IPMI).
    • Understand the concept and the general configuration of Ironic drivers.
    • Configure bare metal nodes to support PXE boot and IPMI and prepare bare metal nodes for deployment.
    • Configure Nova and Neutron to support bare metal deployment.
    • Create flavors for hardware nodes, including UEFI and local boot properties.

The following is a partial list of the used files, terms and utilities:

  • ironic
  • ironic-python-agent
  • /etc/ironic/ironic.conf