OpenStack Interview Questions
Recommended by 0 users
OpenStack Interview Questions
Q. What you mean by tenant and role regarding Openstack ?
In OpenStack, the authorization level of the user is called role and the group of users is called tenant.
Q. What types of storage OpenStack Compute provides?
OpenStack provides two classes of block storage,
- Volume Storage: It is persistent and not dependent on any particular instance. Volumes are created by users and within Quota
- Ephemeral Storage: It is associated with a single instance.They effectively disappear when a virtual machine is terminated.
Q. Define OpenStack?
OpenStack is a set of software tools for building and managing cloud computing platforms for public and private clouds.
Q. Give an overview of OpenStack Services?
OpenStack offers services like
- Glance: Manages images in different formats
- Ceilometer: Openstack for billing
- Cinder: Provides persistent block storage
- Neutron: Enables users to create and attach interfaces to networks
- Nova: Provides instances on user’s demand
- Swift: Storage platform integrated directly into applications
- Heat: Allows automated infrastructure deployment
- Keystone: Provides authorization and authentication for users
Q. What are the basic functions of Identity Service in OpenStack?
The basic functions of Identity Service is
• Service Catalog: It provides a catalog of available services with their API endpoints
• User Management: It tracks the users and their permissions
Q. Explain modular architecture of OpenStack?
The three components that make modular architecture for OpenStack are
• OpenStack Compute: For managing large networks of the virtual machine
• Image Service: The delivery service provides discovery and registration for virtual disk images
• OpenStack Object Storage: A storage system that provides support for both block storage and object storage
Q. Explain what hypervisor is and what type of hypervisor does OpenStack supports?
In virtualization technology, hypervisor is a software program that manages multiple operating systems (or multiple instances of the same operating system) on a single computer system.
The types of hypervisor that OpenStack supports are :
• Xen and HyperV
Q. What is the meaning of term “Cinder” in OpenStack service?
Cinder is used for handling persistent storage in OpenStack.The one that is utilized by default is LVM, called Cinder-Volumes.
Q. What is the command used for unpause and pause an instance?
- To unpause an instance – $ nova unpause INSTANCE_NAME
- To pause an instance – $ nova pause INSTANCE_NAME
Q. Explain how you can transfer volume from one owner to another in OpenStack?
You can transfer a volume from one owner to another by using the command cinder transfer*.
Q. What are the main components of identity user management?
- Users: It is a digital representation of a person, service or system who uses OpenStack cloud services
- Roles: A role includes a set of rights and privileges. A role determines what operations a user is permitted to perform in a given tenant
- Tenants: A container used to group or isolate resource or identity objects. Depending on service operator a tenant may map to a customer, account, organization or project
Q. Mention what is the command to remove network interface from bare-metal node?
To remove network interface from bare-metal node command used is bare-metal – interface remove.
Q. Explain what is the function of Cinder Scheduler?
Cinder Scheduler or routing volume create requests to the appropriate volume service
List out the storage locations for VM images in OpenStack?
- OpenStack Object Storage
- RBD or Rados Block Device
Q. Explain about OpenStack Python SDK?
For writing python scripts and managing in Openstack cloud, SDK (Software Development Kit) is used. The SDK implements Python binding to the OpenStack API, which enables you to achieve automation tasks in Python by making calls on Python objects instead of making REST calls directly.
Q. Explain what is Token in OpenStack?
Token is an alpha-numeric string which allows access to a certain set of services depending upon the access level of the user
Q. Explain what is Cells in OpenStack?
Cells functionality enables you to scale an OpenStack Compute cloud in a more simplistic way. When this functionality is enabled, the hosts in an OpenStack Compute cloud are partitioned into group called cells. Cells are configured as trees.
Q. For networking, what hardware is used in OpenStack?
In OpenStack, networking is done in following ways
• Vendor Plugins
Q. Mention what are the networking options used in OpenStack?
The networking options used in OpenStack are
• VLAN Network Manager: Compute creates a VLAN and bridge; DHCP server is started for each VLAN to pass out IP addresses to VM instances.
• Flat DHCP Network Manager: IP addresses for VM instances are fetched from the subnet specified by the network administrator
• Flat Network Manager: IP addresses for VM instances are fetched from the subnet, and then injected into the image on launch
Q. What is the command to manage floating IP addresses in OpenStack?
Q. What is the meaning of term “flavor” in OpenStack?
A flavour is an available hardware configuration for a server, which defines the size of a virtual server that can be launched.
Q. What is bare-metal node and what does it comprised of?
- It gives access to control bare metal driver, through which user can control physical hardware resources on the same network.
- Bare metal node is comprised of two separate components
- Bare metal node Operating System: It is a base software, which runs on each node in the cluster.
- Bare metal node Orchestrator: It’s a management software, which acts as a dispatcher to all nodes in the cluster.
Q. What is the command used to list IP address information?
$ nova floating-ip-pool-list
Q. What are functions of “Nova” ?
- Instance life cycle management
- Management of compute resources
- Networking and Authorization
- REST-based API
- Asynchronous eventually consistent communication
- Hypervisor agnostic : support for Xen, XenServer/XCP, KVM, UML, VMware vSphere and Hyper-V
Q. What are components of OpenStack Compute ?
Nova Cloud Fabric is composed of the following major components:
- API Server (nova-api)
- Message Queue (rabbit-mq server)
- Compute Workers (nova-compute)
- Network Controller (nova-network)
- Volume Worker (nova-volume)
- Scheduler (nova-scheduler)
Q. What is job of api-server ?
The API Server provides an interface for the outside world to interact with the cloud infrastructure.
Q. What is Rabbit MQ Server ?
OpenStack communicates among themselves using the message queue via AMQP.
Q. What are functions and features of Swift ?
- Storage of large sized objects
- Storage of large number of objects
- Data Redundancy
- Archival capabilities – Work with large datasets
- Data container for virtual machines and cloud apps
- Media Streaming capabilities
- Secure storage of objects
- Extreme scalability
- Backup and archival
Q. What do you understand by Horizon ?
Horizon the web based dashboard can be used to manage /administer OpenStack services.
Q. What are commands to generate Keypairs ?
nova keypair-add –pub_key id_rsa.pub mykey
Q. How you can view the rules ?
Rules can be viewed with the command:
$ nova secgroup-list-rules myservers
Q. Give an example where logs help in OpenStack security ?
For instance, analyzing the access logs of Identity service or its replacement authentication system would alert us to failed logins, frequency, origin IP, whether the events are restricted to select accounts and other pertinent information. Log analysis supports detection.
Q. Why Compliance is required in OpenStack ?
Compliance means adhering to regulations, specifications, standards and laws.
An OpenStack deployment may require compliance activities for many purposes, such as regulatory and legal requirements, customer need, privacy considerations, and security best practices. The Compliance function is important for the business and its customers.
Q. What are Data privacy concerns in OpenStack, how those can be remediated?
Data residency-Concerns over who owns data in the cloud and whether the cloud operator can be ultimately trusted as a custodian of this data have been significant issues in the past.
Data disposal – Best practices suggest that the operator sanitize cloud system media (digital and non-digital) prior to disposal, release out of organization control or release for reuse.
Data not securely erased- This may be remediated with database and/or system configuration for auto vacuuming and periodic free-space wiping.
Instance memory scrubbing, Cinder volume data, Image service delay delete feature
Q. What is sanitization process ?
The sanitization process removes information from the media such that the information cannot be retrieved or reconstructed. Sanitization techniques, including clearing, purging, cryptographic erase, and destruction, prevent the disclosure of information to unauthorized individuals when such media is reused or released for disposal.
Q. How to create a normal user in OpenStack ?
sudo nova-manage user create user-name
Q. How you assign a project to a user ?
sudo nova-manage project add –project=project_name
Q. How you can remove a rule from security group ?
nova secgroup-delete-rule webserver tcp 443 443 0.0.0.0/0
Q. How to display images using Nova client ?
Q. How to see a list of roles and the associated IDs in our environment ?
Q. What is job of user CRUD ?
The user CRUD filter enables users to use a HTTP PATCH to change their own password
Q. Where caching configuration is stored ?
The majority of the caching configuration options are set in the [cache] section of the keystone.conf file.
Q. What is Alarm in OpenStack ?
Alarms provide user-oriented Monitoring-as-a-Service for resources running on OpenStack. This type of monitoring ensures you can automatically scale in or out a group of instances through the Orchestration module, but you can also use alarms for general-purpose awareness of your cloud resources’ health.
Q. How to migrate running instances from one OpenStack Compute server to another OpenStack Compute server ?
Check the ID of the instance to be migrated
Check the information associated with the instance
Select the compute node the instance will be migrated to.
Check that Host has enough resources for migration
Migrate the instance using the $ nova live-migration SERVER HOST_NAME command.
Q. How you can change behavior of DHCP server ?
The behavior of dnsmasq can be customized by creating a dnsmasq configuration file
Q. What is Orchestration ?
Orchestration is an orchestration engine that provides the possibility to launch multiple composite cloud applications based on templates in the form of text files that can be treated like code
Q. What is use of account reaper ?
In the background, the account reaper removes data from the deleted accounts.
Q. What you will do in case of drive failure ?
In the event that a drive has failed, the first step is to make sure the drive is unmounted. This will make it easier for Object Storage to work around the failure until it has been resolved. If the drive is going to be replaced immediately, then it is just best to replace the drive, format it, remount it, and let replication fill it up.
Q. What you will do in case of server failure ?
If a server is having hardware issues, it is a good idea to make sure the Object Storage services are not running. This will allow Object Storage to work around the failure while you troubleshoot.
If the server just needs a reboot, or a small amount of work that should only last a couple of hours, then it is probably best to let Object Storage work around the failure and get the machine fixed and back online. When the machine comes back online, replication will make sure that anything that is missing during the downtime will get updated.
If you cannot replace the drive immediately, then it is best to leave it unmounted, and remove the drive from the ring. This will allow all the replicas that were on that drive to be replicated elsewhere until the drive is replaced. Once the drive is replaced, it can be re-added to the ring.
Q. How you will install DHCP agent ?
# apt-get install neutron-dhcp-agent
Q. Who is OpenStack for?
OpenStack is for service providers, enterprises, government agencies and academic institutions that want to build public or private clouds. Industries range from IT & telco to SaaS and eCommerce to finance and healthcare. You can read more about how organizations are becoming agile, reducing costs and avoiding vendor lock-in with OpenStack.
Q. What does it mean for the cloud ecosystem?
Wide adoption of an open-source, open-standards cloud should be huge for everyone. It means customers won’t have to fear lock-in and technology companies can participate in a growing market that spans cloud providers. Companies are already using OpenStack to provide public clouds, support, training and system integration services and hardware and software products.
A great analogy comes from the early days of the Internet: the transition away from fractured, proprietary flavors of UNIX toward open-source Linux. An open cloud stands to provide the same benefits for large-scale cloud computing that the Linux standard provided inside the server.
Q. Mention what are the three components that make modular architecture of OpenStack?
The three components that make modular architecture for OpenStack are:
OpenStack Compute: For managing large networks of the virtual machine
OpenStack Object Storage: A storage system that provides support for both block storage and object storage
Image Service: The delivery service provides discovery and registration for virtual disk images