Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
1. Introduction to OpenStack for Government
- History of the cloud and OpenStack for government
- Cloud features relevant to public sector operations
- Cloud models suitable for government
- Private, public, hybrid clouds
- On-premise, IaaS, PaaS, SaaS solutions
- Public and private cloud deployments based on OpenStack for government
- Open source and commercial OpenStack distributions for government use
- OpenStack deployment models aligned with public sector requirements
- OpenStack ecosystem tailored for government
- Modules designed for government workflows
- Underlying tools supporting governance and accountability
- Integrations with existing government systems
- Lifecycle management of OpenStack for government
- OpenStack certification processes for government compliance
- OpenStack lab (VM) configured for this course for government
2. Hands-on OpenStack Administration Workshop for Government
- Familiarizing with OpenStack
- Key components of OpenStack (Keystone, Glance, Nova, Neutron, Cinder, Swift, Heat)
- Interaction with the OpenStack cloud environment
- Understanding OpenStack daemons and API communication flow
- Keystone - Identity Management Service
- Keystone architecture for secure identity management
- Authentication methods and available backends
- Token types and token management practices
- Authorization in OpenStack using roles and oslo.policy
- Managing Keystone resources - domains, projects, users
- Configuration of CLI clients with openrc and clouds.yaml
- OpenStack service catalog for government
- Adding new OpenStack services to the catalog
- Quota system management in OpenStack for government
- Glance - Image Service
- Images optimized for cloud environments
- Image features (properties, metadata, format, container)
- Uploading and downloading images securely
- Sharing images across government departments
- Glance image stores for government use
- Protected images for enhanced security
- Managing quotas for the image service
- Verification of Glance services in a government setting
- Neutron - Networking
- Architecture and Neutron services tailored for government
- The ML2 plugin for efficient network management
- Analysis of networking in compute nodes
- Networking concepts and tools used by Neutron
- Basic Neutron network resource types
- Managing tenant networks, subnets
- Managing security groups and rules for government compliance
- East-West routing in government networks
- Network namespaces for isolated operations
- Managing external/provider networks for government
- North-South routing in government environments
- Floating IP management for government services
- Role-based access control in Neutron for government
- Managing network quotas for government use
- Internals of SDN and NFV (iptables, ip route, OVS)
- Basic network troubleshooting techniques (namespaces, tcpdump, etc.)
- Networking quotas in a government context
- Verification of Neutron services for government
- Nova - Compute Service
- Interfaces to hypervisors for government use
- Keypair management for secure access
- Flavor management for diverse workloads
- Flavors and CPU topology optimization
- Instance parameters for efficient resource allocation
- Creating an instance in a government environment
- Verification of spawned instances for compliance
- Snapshotting for data protection
- Instance management for government operations
- Resizing instances to meet changing demands
- Assigning floating IPs for public access
- Interactive console and console log for monitoring
- Security groups assignment for enhanced security
- Internals of security groups and port-security features (iptables)
- Internals of L3 routers for government networks
- Compute quotas for resource management
- Getting statistics from Nova for performance analysis
- Placement API and Nova Cells v2 for efficient scheduling
- Placement API and instance scheduling optimization
- Placement API client commands for government use
- Verification of Nova services in a government setting
- Cinder - Block Storage
- Volume parameters for government storage needs
- Creating and managing volumes
- Attaching volume to Nova instance for government use
- Managing volume snapshots for data integrity
- Managing volume backups for disaster recovery
- Internals of snapshots and backups in Cinder for government
- Transferring volumes between projects for collaboration
- Restoring backups quickly and efficiently
- Managing volume quotas for resource allocation
- Adding new storage backend options for government
- QoS in Cinder for performance tuning
- LVM, storage array, and Ceph storage backends for government
- Ceph integration with Cinder for enhanced storage solutions
- Good practices for Ceph deployments in government
- Verification of Cinder services for government use
- Barbican - Key Management Service
- Barbican architecture for secure key management
- Storing passphrases securely
- Generating and storing symmetric encryption keys for government
- Volume encryption mechanisms for data protection
- Configuring Cinder storage type for volume encryption in government environments
- Limitations of volume encryption to consider
- Storing X.509 certificate bundles for secure communications
- Swift - Object Storage
- Swift components and processes for government use
- Managing containers and objects in a government setting
- Managing access control lists for secure data sharing
- Setting up object expiration policies
- The Ring and storage policies for efficient management
- Monitoring available storage space for resource planning
- Setting up quotas for controlled usage
- Verification of Swift services in a government environment
- Heat - Orchestration
- Heat Orchestration Template and its components for government
- Creating Heat stack for automated deployment
- Verification of Heat stack for compliance
- Updating Heat stack to reflect changes
- Verification of Heat services in a government setting
- Basic Troubleshooting
- Analyzing log files for issue resolution
- Centralized logging for comprehensive monitoring
- Debugging OpenStack client queries for accurate diagnostics
- Managing the OpenStack database for data integrity
- Extracting information from service databases for analysis
- Backing up OpenStack for disaster recovery
- Analyzing compute node status for performance tuning
- Analyzing instance status for operational efficiency
- Troubleshooting instances at the compute node (libvirt)
- Analyzing AMQP broker (RabbitMQ) for message integrity
- Troubleshooting RabbitMQ for reliability
- Metadata services for enhanced data management
- General approach to diagnosing OpenStack issues in government
- Troubleshooting network problems for connectivity
- Troubleshooting network performance for optimal speed
- Instance backup and recovery for business continuity
2. Advanced Topics for Government
- Octavia - Load Balancing-as-a-Service
- Architecture designed for government use
- Objects and request flow in a government setting
- Octavia flavors for customized solutions
- Octavia Availability Zones for high availability
- Creating the HTTP load balancer for government services
- Creating the TCP load balancer for secure connections
- Creating HTTPS passthrough load balancer for encrypted traffic
- Listeners, Pools, and Health Monitors for robust monitoring
- Layer 7 load balancing in Octavia for advanced routing
- Building Amphora image for government use
- LB Failover strategies for reliability
- Networking and Monitoring details for comprehensive oversight
- Troubleshooting Octavia in a government environment
- Hardware Considerations and Capacity Planning
- Compute hardware for government operations
- Network design for secure communication
- Storage design for data integrity
- Flavor sizing for optimal resource allocation
- Resource overcommitment strategies for efficiency
- Highly Available Control Plane
- HA in OpenStack services for government
- HA database solutions for data reliability
- HA message queue for seamless communication
- Active-Active vs Active-Passive deployments for high availability
- Multi-region deployments for disaster recovery
- Cloud Partitioning and Scheduler Filters
- Why and how to implement cloud partitions (host-aggregates) in government
- Nova scheduler filters for resource optimization
- Dive into filter's code for advanced customization
- Workload Migration
- Cold and live migration techniques for government use
- Live migration tweaking for performance optimization
- Migration exercises and troubleshooting for government environments
- Policies and Authorization in OpenStack for Government
- Oslo.policy for policy management
- Creating a new meaningful role with policy files
- Verifying API access for specific users
- In-depth OpenStack Networking (SDN) (2-3h)
- Types of network (local, flat, vlan, vxlan, gre) for government
- Detailed network flow and architecture in various Neutron deployments
- East-West traffic in tenant networks for internal communication
- North-South traffic in tenant networks for external access
- Traffic in provider-only deployments for dedicated services
- Neutron plugins for government use
- Linux Bridge for simple networking
- Open vSwitch for advanced network management
- OVS troubleshooting and exercises for government
- Troubleshooting security groups (iptables, tcpdump) for enhanced security
- Port-security adjustments and vIP management for secure operations
- Distributed Virtual Routers for efficient routing
- LBaaS + Octavia project for load balancing
- VPNaaS for secure connections
- OpenStack Monitoring and Telemetry
- Ceilometer service for comprehensive monitoring
- External monitoring solutions for government use
- Advanced Cloud/Hypervisor Features
- CPU pinning / NUMA architecture for performance optimization
- SR-IOV for direct hardware access
- Cloud-init and Image Customization
- Metadata Service for dynamic configuration
- Getting information from metadata service for government use
- Block Storage Backends
- LVM for flexible storage management
- Ceph RBD for scalable storage solutions
- Physical appliances for dedicated storage
- Storage network considerations for government environments
- Upgrading OpenStack
- Upgrade strategies and procedures for government
- Zero-downtime upgrade for continuous operations
- Bare-metal Provisioning with OpenStack
- Ironic module for physical server management
- Undercloud and overcloud concepts for hybrid environments
- Various exercises on troubleshooting OpenStack cluster for government
- Example examination tasks for government certification
- Future of OpenStack in the public sector
Requirements
- Foundational skills in Linux administration for government
- Essential understanding of networking principles
- Basic familiarity with the cloud computing model
35 Hours
Testimonials (3)
The trainer was extremely knowledgable and helpful. While walking through the exercises, I wasn't rushed and was allowed to make mistakes (to a point) and then help was given to correct to them where needed.
Tim Wilkes - Gamma
Course - OpenStack Security
communication, knowledge from experience, solve problems,
Marcin Walewski - Intel Technology Poland Sp. z o.o.
Course - OpenStack Bootcamp
To get a better understanding about OpenStack.
