Day 1


1. OpenStack Architecture Overview

• Alta3 Proof of Concept Deployment
  • Nodes
  • Controller Node
  • Neutron Node (Networking Node)
  • Compute Nodes (Compute)
  • Storage Node
  • OpenStack Deployment Recommendations
• Big Picture
  • OpenStack Big Picture
  • IaaS (Infrastructure as a Service)
  • PaaS (Platform as a Service)
  • SaaS (Software as a Service)
  • OpenStack XaaS
• OpenStack Foundation
  • OpenStack Foundation, Design Summits, and Releases
• Versions
  • OpenStack Versions

2. Horizon

• Overview
  • OpenStack Services in Detail
  • Horizon
• Dashboard
  • Horizon Dashboard
  • Overview of Domain, Project (Tenant), and User
  • Admin > System > Hypervisors
  • Project > Compute > Overview
  • Identity > Projects
  • Instances

3. Managing Guest VMs

• Python Clients
  • IaaS – Horizon & CLI
  • CLI uses OpenStack python-clients
  • The OpenStack python-openstackclient (OSC)
  • Using the CLI python-openstackclient
  • Finding a python-openstackclient command at the Linux CLI
  • Common CLI python-openstackclient commands to know…
• Lab Access
  • Labs @ https://alta3.com/labs/openstack/
  • Connecting to your remote desktop lab environment
  • Inside your remote desktop lab environment
  • How to drive your remote desktop

Day 2

4. Hypervisors

• Overview
  • The Virtual Machine Stack
  • The Old Way without Virtualization
  • Virtualization
  • A Snowflake Computer on Bare Metal
  • A Virtualized System installed on a Bare Metal Hypervisor
  • The Top Half of the Hypervisor
  • The “Bottom Half” of the Hypervisor
  • Why is the Hypervisor shown as an upper and lower portions?
• Images
  • “Imaging” the Operating System
  • Imaging our Machine
• Migration
  • “Migrating” the Virtual Machine
• Compute
  • “Compute”
  • Compute Space Example
  • Compute Space Example
  • Assemble the Node
  • Install the Hypervisor
  • The Compute Space
  • Resulting Compute Space with just 2 Intel Xeon E5-2699 v3 CPUs
  • Intel’s Most Powerful Processor (July 20, 2015)
  • Compute Space Example
• Compute Cloud
  • A “360-Core” Cloud
  • Clouds not Cloud
  • Remember we talked about “Migrating?
  • Migrating
  • Instantiation
  • Oversubscribing 16:1 is the OpenStack Default!
• Virtualization Types
  • Virtualization Techniques
  • x86 CPU Privilege Level – No virtualization
  • Popek and Goldberg Virtualization Requirements (1974)
  • Binary Translation – VMware 1998 x86 Solution
  • Para Virtualization
  • Kernel-Only Instructions (No Virtualization)
  • Hardware Assisted Virtualization

5. Keystone

• Overview
  • Keystone
  • Tokens – what they are and why you need them
  • Token Types – UUID tokens (old) vs PKI tokens (new)
  • Projects, Roles, Users & Groups
  • How Domains work with Projects, Roles, Users & Groups
  • OpenStack Shell Command Permissions
  • Keystone Authentication Message Flow
  • How to use curl with the Keystone Identity API
• Permissions
  • Keystone Access – Token and Service Catalog

6. Nova

• nova-api
  • Nova API
• nova-scheduler
  • Nova Scheduler
• Nova Architecture
  • Nova Cert
  • Nova Compute
  • Nova Hypervisor Support
  • Nova Console
  • Nova Conductor
  • Nova Compute Interfaces
  • Nova Components
  • Nova Review
• Management
  • Nova-ap CU

Day 3

7. SDN

• Stack
  • Network Functions Virtualization (NFV)
  • Network Functions Virtualization (NFV)
• Overview
  • Virtualize the Middleboxes
  • Goal: All routers share the same picture
  • Goal: All routers share the same picture
  • Goal: “Network Omniscience”
  • Goal: “Networking Becomes Software Defined”
  • The Current State of Networking
  • The Current State of Networking
  • SDN Déjà vu?
  • If H.248 behaved like SDN (OpenFlow)
  • Defining Software “Abstraction”
  • Abstracting the Network
  • SDN in a Nutshell
  • SDN in a Nutshell
  • Isolating Networks
  • Yet Another Abstraction: Network Slicing
  • SDN Architecture
• OpenFlow
  • Merchant Silicon Example
  • Requirement: Non blocking at 10 Gbps
  • OpenFlow
  • OpenFlow Example
  • OpenFlow Example
  • Forwarding an Audio Packet
  • Destination MAC Address
  • Type Field means “An IP header is next”
  • IP Source Address Validity Check
  • IP Destination Address
  • IP Destination Address
  • Deep Packet Inspection (DPI) “Crossing the Line”
  • The “Really Bad” Stuff is Always BELOW the Line
    Fabrics are Really Fast

8. Data Center Fabric

• Overview
  • Classic Hierarchical Network Design
  • Classic Hierarchical Network Design
  • TRILL
  • Path #1
  • Path #2
  • Path #3
  • Path #4
  • Interfacing NFV with the Fabric
• NFV Integration
  • vSwitch
  • Namespace and the “veth”
  • Heat Makes Clouds Rise
  • vSwitch vs Hardware Switch
  • Virtual Router

9. OpenStack Networking

• Neutron
  • Why Traditional Networking is Inefficient
  • Network Virtualization
  • Agents and Plugins
  • Agents
  • Neutron Configuration
• Architecture
  • Nova Networking – Flat Mode (Generation 1)
  • Nova Networking – Flat Mode + DHCP (Generation 2)
  • Nova Networking – Multi-Host Mode (Generation 3)
  • VLAN
  • VXLAN Packet Headers
  • GRE Packet Headers
  • Compute Node Network OVS Integration
  • Compute Node Network OVS Integration
  • Neutron Networking (Generation 4)
  • East West Traffic in Neutron Networking without Distributed Virtual Router
  • Neutron Networking Distributed Virtual Router (Generation 5)
  • East West Traffic with Distributed Virtual Router
  • East West Traffic with Distributed Virtual Router
  • North South SNAT Traffic with Distributed Virtual Router
  • North South Floating IP Traffic with Distributed Virtual Router
  • Neutron Big Picture with Open vSwitch
• Network Namespace
  • Heat Makes Clouds Rise
• OpenvSwitch
  
  • Traditional VM Ethernet Processing
  • Intel VMDq (Virtual Machine Device Queues)
  • Intel SR-IOV (Single Root IO Virtualization)
• Wiring an OpenStack Node
  
  • How do I Physically wire an OpenStack Node?
  • Step one: Physical Wiring
  • Step Two: Bonding (1 of 2)
  • Step 2 Bonding (2 of 2)
  •  Step 3 VLAN (1 of 4)
  • Step 3: VLAN (2 of 4)
  • Step 3: VLAN (3 of 4)
  • Step 3: VLAN (4 of 4)
  • Step 4: Network Function Virtualization
  • Step 5: Tie it all together in a single diagram
• OpenStack Network Function Virtualization
  
  • Network Function Virtualization
  • 8 Network Function Virtualization Components
  • Why Two Bridges?
  • Simple NFV (Network Function Virtualization) Example
  • OVS-based openstack “wiring”
• Provider vs Tenant Networks
  
  • Provider vs. Tenant Networks
  • Tenant Networking Exam
  • Tenant Network Example (1 of 5)
  • Tenant Network Example (2 of 5)
  • Tenant Network Example (4 of 5)
  • Tenant Network Example (5 of 5)
  • Provider Networks
  • NFV Provider Network “wiring”
  • OVS-based openstack “wiring”
  • Connecting directly to the Provider Network
  • Configuring Neutron
  • Configuring Neutron
  • Creating an OpenStack Provider Network from Neutron to NFV
  • The neutron command structure
  • The ml2_conf.ini file
  • openvswitch_agent.ini file
  • Attaching OpenStack to Network Function Virtualization
  • Neutron Plugins

Day 4

10. Glance

• Architecture
  • Glance
  • Basic Architecture
  • Glance Command Line
  • Container Format
  • Disk Format
  • Common Image Properties
• Image
  • Metadata Definition Catalog (Juno tries to herd the cats)

11. Swift

• Overview
  • Swift
  • Block vs Object Storage
  • Object Storage Examples
  • Defining an Object
  • HTTP RESTful API
• Working with Swift
  • Analyzing the Swift URL
  • Data Types
  • Comparing Storage Types: Object, File, Block
  • Consistency vs Availability Example
  • Saving a Swift Object
  • Immutable Cluster Sizing
  • Calculating part_power
  • The Swift Proxy
  • Multiple Swift Proxies and Load Balancing
  • Swift Enhanced Consistent Hashing Ring
  • Durability with MD5 Metadata
  • Durability with Replication
  • Swift Background Auditor
  • Background Replicator
  • Enhanced Consistent Hashing Ring
  • Comparing Swift and Ceph
  • Swift Regions

12. Ceph

• Overview
  • Storage Node – Ceph
  • Ceph Advantages
  • RADOS
  • Ceph Architecture
  • Building Ceph Storage Nodes
• OSD
  • OSD (Object Storage Daemons)
  • Building Ceph Cluster for Geographic Disparity
  • Configuration to Prepare and Mount the Storage Devices to be Used with Ceph
  • Prepare and Mount the Storage Devices to be Used with Ceph
• CRUSH
  • Introduction to the CRUSH Map
  • The Ceph Monitors
  • CRUSH Advantages over Other Forms of Data Mapping
  • CRUSH Rules
• Replication
  • Data Storage and OSD Replication
  • Data Storage and OSD Replication
• Durability
  • Handing OSD Failures or other Topography Changes
  • How to Recover from a Ceph SSH Configuration Error
  • Ceph – Troubleshooting the Logs
  • Crush Map from Ceph Lab
  • Storage Node Log: cat /var/log/ceph/cat ceph-osd.0.log
  • Ceph Log /var/log/ceph/ceph.audit.log
  • Ceph Log /var/log/ceph/ceph.audit.log
  • Watch Cluster Activity in Real-time with ceph -w
  • Erasure Coding Defined
• Deployment
  • Performance Rules of thumb
  • Ceph Deployment

13. Cinder

• Overview
  • Cinder
  • Block – File – Object
  • The Linux Posix Filesystem Hierarchy
  • Cinder Components
  • Cinder Volume
  • Cinder Snapshot
  • Cinder Backend
  • Cinder Driver
  • Cinder Volume Type
  • Cinder Processes (1 of 2)
  • Cinder Processes (2 of 2)
  • iSCSI
  • NFS
  • Volume Attach Workflow
  • Volume Attach Workflow

Day 5


14. Ceilometer

• Overview
  • Ceilometer – Telemetry
  • Metering Primer
  • Metering
  • Metering: Network
• Architecture
  • Notification
  • Polling – Agent
  • Data Collector
  • Ceilometer Architecture
  • OpenStack Telemetry: It is more than just Ceilometer!

15. AMQP

• Overview
  • How AMQP Fits with Similar Messaging Protocols.
  • AMQP in a Nutshell
• Message Delivery Options
  • Direct Exchange
  • Fanout
  • Topic Exchange
• Subscribe and Publish
  • Subscribe and Publish
  • Subscribe and Publish Message Flow
  • Embedding RPC in RabbitMQ Messages
  • Nova Messaging Service AMQP example
• MQ Alternatives
  • RabbitMQ and zeroMQ

16. Other Services

• NTP
  
  • Network Time Protocol (NTP)
• Trove
  
  • Trove Database Manager
  • Trove - Database Service
  • Trove - Database Service
  • Trove Architecture
• OSLO
  
  • OSLO - OpenStack Common Libraries
• MySQL
  
  • Central DB - These Databases Define Your Cloud! (A unified DB)
• Tempest
  • Introduction to Tempest
  • Introduction to Tempest
  • Tempest Capabilities
  • Python Version ssd

17. Git Essentials

• Setting up the repository
  
  • Why OpenStack users should know Git and GitHub
  • Git repo-to-repo collaboration
  • Git usage: git clone <repo> <directory>
  • Git usage: git init --bare <directory>
  • Git usage: git config --global
• Saving changes
  
  • Git usage: git add <file>
  • Git usage: git commit -m “<message>”
  • Git usage: git push <remote> <branch>
  • Git saves files not deltas
  • Git usage: git status
  • Git usage: git log --oneline
  • Git usage: git checkout <commit || master>
• Collaboration
  
  • Git usage: git remote <add || rm> <name> <url>
  • Git usage: git branch <branch>
  • Git usage: git pull --rebase <remote>
  • GitHub is git + social

18. Cloud Automation

• Overview
  
  • You’ve got VMs! Now what?
  • Configuration Management
  • Automation
  • Puppet
  • Chef
  • Ansible
  • Ansible Hosts
  • Ansible Hosts
  • Ansible Playbook - YAML (Yet Another Markup Language)
  • Ansible Playbook - Running
  • Ansible Playbook - Running (2)
  • Ansible Playbook
• Heat
  
  • Heat - Orchestration
  • Heat Architecture
  • Heat Orchestration Template Structure
  • Template Syntax
• Ironic
  
  • OpenStack Ironic
  • OpenStack Ironic

19. HA

• OpenStack Vulnerability
  
  • Vulnerability Assessment: #1 Databases (STATEFUL)
  • Vulnerability Assessment: #2 Networking
  • Vulnerability Assessment: #3 Stateful Services
  • Vulnerability Assessment: #4 The Stateless Services (Everything Else)
• Planning
  
  • HA Design Follows RPO and RTO
  • Stateful vs Stateless
  • Failover, Fallback, and Switchover
  • Active/Passive vs Active/Active
  • HA Options by Vendor
• Methods
  
  • Keepalived and HAProxy (keep alive’ dee)
  • VRRP Virtual Router Redundancy Protocol - RFC 3768
  • Native Cluster
  • Pacemaker
  • Totem
  • Resource Agents
  • Corosync
  • Distributed Replicated Block Device (DRBD)
  • Galera - Write Set Replication (WSREP)
  • Galera - Deadlock
  • MySQL Cluster Replication: Multi-master and Circular Replication
  • RabbitMQ HA
  • MySQL HA using Pacemaker, Corosync, and DRBD
  • HA for MySQL
• Planning
  
  • Hypervisor Evacuation

20. Cloud Security

• Overview
  
  • Keystone Identity Manager (1 of 2)
  • Keystone Identity Manager (2 of 2)
  • Keystone Authentication
  • Securing APIs
  • Security groups: iptables and Linux bridges

21. OpenStack Labs

1. Using vim
2. OS python-clients and CLI help
3. OpenStack API Endpoints
4. Verifying OpenStack Services
5. Exploring Horizon
6. Project and Quota in Horizon
7. Adding Users to a Project in Horizon
8. Launching Instances as a User
9. Managing Projects using Horizon
10. Managing Projects at the CLI
11. Host Aggregate and Availability Zones
12. User, Roles, and Permissions
13. Roles, Permissions, and Groups
14. Administering OpenStack with Domains
15. Keystone (identity) credentials
16. CLI OpenStack RC files
17. Linux Variables
18. Managing flavors at the CLI
19. Launching Instances from the CLI
20. Controlling Customer VMs with admin
21. Building Keystone’s Service Catalog
22. Provision Virtual Networks
23. Security Groups
24. Floating IP Addresses
25. Neutron Networking with Horizon
26. Floating and Fixed IPs
27. Logs
28. Glance
29. Manage Cinder Storage using Horizon
30. Manage Cinder Storage using the CLI
31. Launching Instances with Key Pairs
32. Launching Instances with Ansible

Homework – Practice for the COA Exam
Homework – Build your own OpenStack