OpenStack Interview Questions and Answers

OpenStack is a cloud operating system. Openstack is a collection or set of open source software modules that provides a framework to create and manage both public cloud and private cloud infrastructure. It controls large pools of compute, storage, and networking resources throughout a datacenter, all managed through a dashboard that gives administrators control while empowering their users to provision resources through a web interface. Backed by some of the biggest companies in software development and hosting, as well as thousands of individual community members, many think that OpenStack is the future of cloud computing.

It was developed as an open source platform for developing, building, and deploying IaaS private cloud platforms. It is powerful and can be administered through command line, RESTful web services and APIs, as well as web-based dashboard controls. OpenStack has already gained a foothold in organizations already used to maximizing the power and control Linux and UNIX platforms give them. OpenStack skills are in high demand. However, as with many emerging technologies, experience in this field is scarce.
It is a scalable, and flexible set of utilities; provides clients with value, efficiency, and agility
Open-source: the technology is supported by a large community of developers, of which Morphlabs is a leading member.

OpenStack has a modular architecture with various code names for its components:

• Nova (Compute): This is the primary computing engine behind OpenStack. This allows deploying and managing virtual machines and other instances to handle computing tasks.
• Swift (Object Storage): The storage system for objects and files is referred to as Swift.
• Cinder (Block Storage): Cinder is also one of the storage modules of Open stack; Think of it as an external hard drive or like a USB device.
• Glance (Image Service): In simple words glance is the Image Registry, it stores and Manage our guest (VM) images, Disk Images, snap shots etc.
• Neutron (Networking): It is a component that provides image services or virtual copies of the hard disks.
• Horizon (Dashboard): Horizon is the Dashboard to open stack, your eyes and ears. It provides a web based user interface to OpenStack services including Nova, Swift, and Keystone etc.
• Ceilometer (Telemetry): Ceilometer provides telemetry services, which allow the cloud to provide billing services to individual users of the cloud.
• Heat (Orchestration): Heat is the orchestration component of OpenStack. It creates a human and machine-accessible service for managing the entire lifecycle of infrastructure and applications within Openstack clouds.

The OpenStack Python SDK by OpenStack supports the construction of developer tools that communicate with OpenStack suite of APIs. Use the OpenStack Python Software Development Kit (SDK) to write Python automation scripts that create and manage resources in your OpenStack cloud. The SDK implements Python bindings to the OpenStack API, which enables you to perform automation tasks in Python by making calls on Python objects rather than making REST calls directly. All OpenStack command-line tools are implemented using the Python SDK. Some of these APIs include: OpenStack BlockStore, OpenStack Cluster, OpenStack Database, OpenStack Compute, and OpenStack Identity, among others.

The API Server provides an interface for the outside world to interact with the cloud infrastructure.

Orchestration is an orchestration engine that provides the possibility to launch multiple composite cloud applications based on templates in the form of text files that can be treated like code.

Alarms provide user-oriented Monitoring-as-a-Service for resources running on OpenStack. This type of monitoring ensures you can automatically scale in or out a group of instances through the Orchestration module, but you can also use alarms for general-purpose awareness of your cloud resources’ health

The sanitization process removes information from the media such that the information cannot be retrieved or reconstructed. Sanitization techniques, including clearing, purging, cryptographic erase, and destruction, prevent the disclosure of information to unauthorized individuals when such media is reused or released for disposal.

Cells functionality enables you to scale an OpenStack Compute cloud in a more simplistic way. When this functionality is enabled, the hosts in an OpenStack Compute cloud are partitioned into group called cells. Cells are configured as trees.

Token is a type of authentication like password-based validation. It is generated when the user inserts the credential and authenticate as a keystone user then Tokens can be used to access OpenStack services without any revalidation.

In virtualization technology, hypervisor is a software program that manages multiple operating systems (or multiple instances of the same operating system) on a single computer system. OpenStack Compute supports many hypervisors, which might make it difficult for you to choose one. Most installations use only one hypervisor. However, you can use ComputeFilter and ImagePropertiesFilter to schedule different hypervisors within the same installation.

The following hypervisors are supported:

• KVM: Kernel-based Virtual Machine
• LXC (Linux Containers (through libvirt)): It is used to run Linux-based virtual machines.
• QEMU (Quick EMUlator): It is used for development purposes.
• UML (User Mode Linux): It is used for development purposes.
• VMware vSphere 5.1.0
• Xen (using libvirt)
• XenServer
• XCP
• Hyper-V
• Virtuozzo 7.0.0 and newer

The OpenStack Identity service provides a single point of integration for managing authentication, authorization, and a catalog of services. The Identity service is typically the first service a user interacts with. Once authenticated, an end user can use their identity to access other OpenStack services.

Service Catalog: It provides a catalog of available services with their API endpoints

User Management: It tracks the users and their permissions

Users: It is a digital representation of a person, service or system who uses OpenStack cloud services

Roles: A role includes a set of rights and privileges. A role determines what operations a user is permitted to perform in a given tenant

Tenants: A container used to group or isolate resource or identity objects. Depending on service operator a tenant may map to a customer, account, organization or project.

• REST-based API
• Instance life cycle management
• Management of compute resources
• Networking and Authorization
• Asynchronous eventually consistent communication
• Hypervisor agnostic: support for Xen, XenServer/XCP, KVM, UML, VMware vSphere

The OpenStack Block Storage service provides persistent block storage resources that OpenStack Compute instances can consume. This includes secondary attached storage similar to the Amazon Elastic Block Storage (EBS) offering.
The Block Storage service provides:

Cinder-API: A WSGI app that authenticates and routes requests throughout the Block Storage service.

Cinder-scheduler: Schedules and routes requests to the appropriate volume service. Depending upon your configuration.

Cinder-volume: Manages Block Storage devices, specifically the back-end devices themselves.

Cinder-backup: Provides a means to back up a Block Storage volume to OpenStack Object Storage (swift).

To unpause an instance: $ nova unpause INSTANCE_NAME
To pause an instance: $ nova pause INSTANCE_NAME

To create a cloud computing environment, an organization typically builds off of its existing virtualized infrastructure, using a well-established hypervisor such as VMware vSphere, Microsoft Hyper-V or KVM. But cloud computing goes beyond just virtualization. A public or private cloud also provides a high level of provisioning and lifecycle automation, user self-service, cost reporting and billing, orchestration and other features.

OpenStack communicates among themselves using the message queue via AMQP.

OpenStack provides two classes of block storage:

Volume Storage: It is persistent and not dependent on any particular instance. Volumes are created by users and within Quota

Ephemeral Storage: It is associated with a single instance. They effectively disappear when a virtual machine is terminated.

OpenStack is an open source software. The cloud is all about providing computing for end users in a remote environment, where the actual software runs as a service on reliable and scalable servers rather than on each end-user’s computer. Cloud computing can refer to a lot of different things, but typically the industry talks about running different items “as a service”—software, platforms, and infrastructure. OpenStack falls into the latter category and is considered Infrastructure as a Service (IaaS). Providing infrastructure means that OpenStack makes it easy for users to quickly add new instance, upon which other cloud components can run. Typically, the infrastructure then runs a “platform” upon which a developer can create software applications that are delivered to the end users.(opensource)

• OpenStack is a free, open source software platform for private clouds, typically used to deliver Infrastructure as a Service (IaaS).
• OpenStack is extremely flexible.
• Reduced Cost
• AWS Compatibility
• Massive Industry Support
• Best Security provided
• New product and service launches.
• Orchestration

Flat Network r: It is used to fetch IP addresses from the subnet for VM instances, and then injected into the image on launch.

Flat DHCP Network: It is much similar to the first one and used to fetch IP addresses from the subnet for VM instances but IP addresses to VM are assigned via DHCP (Dynamic Host Configuration Protocol).

VLAN Network: VLAN provides more secure and separate network to VMs. It has a physical switch to offer separate virtual network and separate IP range and bridge for each tenant. It is more preferable choice

Horizon is the web based dashboard can be used to manage /administer OpenStack services.

• It gives access to control bare metal driver, through which user can control physical hardware resources on the same network.
• Bare metal node is comprised of two separate components
• Bare metal node Operating System: It is a base software, which runs on each node in the cluster.
• Bare metal node Orchestrator: It’s a management software, which acts as a dispatcher to all nodes in the cluster.

Data residency: Concerns over who owns data in the cloud and whether the cloud operator can be ultimately trusted as a custodian of this data have been significant issues in the past.

Data disposal: Best practices suggest that the operator sanitize cloud system media (digital and non-digital) prior to disposal, release out of organization control or release for reuse.

Data not securely erased: This may be remediated with database and/or system configuration for auto vacuuming and periodic free-space wiping.
Instance memory scrubbing, Cinder volume data, Image service delay delete feature, Compute instance ephemeral storage, Bare metal server sanitization

If a server is having hardware issues, it is a good idea to make sure the Object Storage services are not running. This will allow Object Storage to work around the failure while you troubleshoot OpenStack.

If the server just needs a reboot, or a small amount of work that should only last a couple of hours, then it is probably best to let Object Storage work around the failure and get the machine fixed and back online. When the machine comes back online, replication will make sure that anything that is missing during the downtime will get updated. If you cannot replace the drive immediately, then it is best to leave it unmounted, and remove the drive from the ring. This will allow all the replicas that were on that drive to be replicated elsewhere until the drive is replaced. Once the drive is replaced, it can be re-added to the ring.

Some of the most important considerations addressed by the OpenStack community include:

• Identity
• Management
• Secure communications
• API endpoints
• Dashboard
• Compliance
• Compute
• Networking
• Monitoring and logging
• Block and object storage
• Shared file systems
• Message queuing
• Data processing
• Tenant data privacy
• Instance security management

Storage locations for VM images:

• OpenStack Object Storage
• Filesystem
• S3
• HTTP
• RBD or Rados Block Device
• GridFS

The user CRUD filter enables users to use a HTTP PATCH to change their own password

• ssh-keygen
• cd .ssh
• nova keypair-add –pub_key id_rsa.pub mykey

$ Nova floating-ip-pool-list

For instance, analyzing the access logs of Identity service or its replacement authentication system would alert us to failed logins, frequency, origin IP, whether the events are restricted to select accounts and other pertinent information. Log analysis supports detection.

• Check the ID of the instance to be migrated
• Check the information associated with the instance
• Select the compute node the instance will be migrated to.
• Check that Host has enough resources for migration
• Migrate the instance using the $ nova live-migration SERVER HOST_NAME command.

You may be an OpenStack user right now and not even know it. As more and more companies begin to adopt OpenStack as a part of their cloud toolkit, the universe of applications running on an OpenStack backend is ever-expanding.

Virtualization is a technology which allows us to create virtual instances of real world counterpart. For example, a real physical machine would be created into virtual machines. Virtual machines are just a virtual implementation of your real machines. Virtualization offers redundancy and high availability built into the infrastructure, but is time consuming to add capacity to increase performance output. The main purpose of Virtualization is create multiple simulated environments from 1 physical hardware system.

The OpenStack project is focused on developing an ecosystem that allows customers to deploy applications in a software-defined datacenter. OpenStack is NOT a hypervisor. OpenStack provides a clean end user provisioning engine that takes the systems administrator out of the picture in regards to creating new virtual machines. These infrastructure resources, services, and applications are sourced from clouds, which are pools of virtual resources orchestrated by management and automation software so they can be accessed by users on-demand through self-service portals supported by automatic scaling and dynamic resource allocation. The main purpose of cloud computing Pool and automate virtual resources for on-demand use.