Prepare better with the best interview questions and answers, and walk away with top interview tips. These interview questions and answers will boost your core interview skills and help you perform better. Be smarter with every interview.
OpenStack is a cloud operating system which is used to manage large pools of compute, storage, and networking resources through a web interface dashboard. It uses Open Source Software for creating private and public clouds.
Keystone: Provides authorization and authentication for users
Tenant - Refers to a group of Users.
Role - Authorization level of the user as to what exactly the user can do.
Various Hypervisors supported by OpenStack are
OpenStack provides two classes of block storage,
The basic functions of Identity Service is
The networking options used in OpenStack are
It is the OpenStack Block storage device for providing volumes to Nova Virtual Machines and Ironic Bare Metal Hosts etc..
It enables to scale an OpenStack Compute cloud in a more simplistic way where the hosts in an OpenStack Compute cloud are partitioned into group called cells. This supports very large deployment .nova-cells service handles communication between cells.
In OpenStack, networking is done in following ways
Volume transfer from one owner to another- cinder transfer*.
Managing floating IP addresses - nova floating-ip-*
Bare-metal driver for OpenStack Compute manages provisioning of physical hardware by using common cloud APIs and tools. This is primarily used for single tenant clouds such as a high-performance computing cluster.
The following commands can be used to manage bare-metal nodes.
Adds a network interface to a bare-metal node.
Lists network interfaces associated with a bare-metal node.
Removes a network interface from a bare-metal node.
Creates a bare-metal node.
Removes a bare-metal node and any associated interfaces.
Lists available bare-metal nodes.
Shows information about a bare-metal node.
Token is an alpha-numeric string which allows access to a certain set of services depending upon the access level of the user.Tokens are used to authenticate and authorize interactions with the various OpenStack APIs. There are many flavors of Tokens which represents various authorization scopes and sources of identity. Each level of authorization scope is useful for certain types of operations in certain OpenStack services, and are not interchangeable. Various Types of Tokens are Unscoped,Domain-scoped,UUID and Fernet.The token type issued by keystone is configurable through the /etc/keystone/keystone.conf file.
Flavors defines the available hardware (compute , memory and storage capacity ) configuration of a nova compute instance . It also defines the size of a virtual server which could be launched.
Below is an example of a flavor which is used for setting network traffic bandwidth limit :
$ openstack flavor set FLAVOR-NAME \ --property quota:vif_outbound_average=32768 \ --property quota:vif_inbound_average=32768 \
Nova is the OpenStack project which is used to provision compute instances . Nova supports creating virtual machines, baremetal servers and system containers. It runs as a set of daemons on top of existing Linux servers to provide that service.
It requires the below additional OpenStack services for basic functioning:
Tools for using Nova:
Alarms provides user-oriented Monitoring-as-a-Service for general purpose awareness of the resources running on OpenStack. Alarms also helps to automatically scale in or out a group of instances through the Orchestration module.
There are 3 Alarm States: Ok, Alarm and Insufficient Data
Following order should be followed to restart the nova services on Openstack controller node,
service nova-api restart
service nova-cert restart
service nova-conductor restart
service nova-consoleauth restart
service nova-scheduler restart
Quotas are used for preventing system resources from being exhausted. They are used to set Operational limits. Quotas can be managed using Dashboards and CLI for OpenStack Compute /Block /Networking service.
Secret Management is a set of technologies which are used to protect key materials within a software system. It involves deployment of Hardware Security Modules which are physically hardened against tampering. Recommended method to securerly store and manage secrets is by using Barbican.
The OpenStack Orchestration service is a tool for orchestrating clouds, automatically configuring and deploying resources in stacks. These deployments are simple and are defined with templates. Templates describe tasks in terms of resources, parameters, inputs, constraints, and dependencies. It also runs Heat Orchestration Template (HOT) templates that are written in YAML. Orchestration service can be accessed through a CLI and RESTful queries and provides both an OpenStack-native REST API and a CloudFormation-compatible Query API. The Orchestration service is also integrated with the OpenStack dashboard to perform stack functions through a web interface.
OpenStack Python SDK is used for writing and managing python scripts in OpenStack cloud.It implements Python bindings to OpenStack API , which enables to perform automation tasks . All OpenStack command lines are implemented using Python SDK.
Keystone is one of the widely used Identity Service in OpenStack and executes the complete OpenStack Identity API. It is responsible for user management and service catalog which tracks users and their permissions while Service Catalog offers a list of services available with their API.