OpenStack Interview Questions and Answers

Nowadays most of the firms are trying to migrate their IT infrastructure and Telecom Infra into private cloud i.e OpenStack. If you are planning to give interviews on Openstack admin profile, then the below list of interview questions might help you to crack the interview.

1. Describe OpenStack?

Ans:

Most multinational organizations define OpenStack as the future of Cloud Computing. The Internet and large volumes of data together have instigated the purpose of cloud computing, and OpenStack is one such platform to create and handle massive groups of virtual machines through a Graphical User Interface. It is a set of efficient software tools to manage private and public cloud computing platforms.

Openstack is free, open-source software and works similar to Linux.

2. Explain the benefits of using OpenStack Cloud/

Ans:

Openstack is useful in developing any software-as-a-service (SAAS) applications, for new developments or to improve existing solutions.

• Can serve as a strong foundation to deliver self-service storage to IT users.
• Can deliver on-demand objective or block storage with higher scalability and easy-to-handle storage at lower costs.
• Most enterprises can save bigger on licensing fees by switching virtual machines running on VMware to OpenStack.

3. What are the key components of OpenStack?

Ans:

Horizon: the only GUI in OpenStack; the first component administrators see and get an idea of the current operations in the cloud.

 Nova: chief computing engine to handle multiple virtual machines and computing tasks

Swift: reliable and robust storage system for files and objects helping developers to refer to a unique identifier and Openstack decides where to store the info.

Cinder: similar to traditional computer storage system, it is a block storage system in OpenStack for accessing files at faster speed.

Neutron: ensures efficient connectivity between components during deployment.

Keystone: a central identity list of all OpenStack cloud users and provides various mapping techniques to access methods against Keystone.

Glance: image service provider where images are the virtual copies of hard disks. Allows using the images as templates during deployment of new instances.

Ceilometer: component providing billings services and other telemetry services to cloud users. Maintains an account of component system usage by each user.

Heat (Orchestration Engine): Allows developers to orchestrate/illustrate and store the cloud application requirements and resources needed in a file, thereby maintaining the cloud infrastructure.

4. What storage types are allowed by OpenStack Compute?

Ans:

OpenStack Cloud Operating system supports two types of storage:

Persistent Storage: Persistent and independent of any particular instance, created by users. This further includes three storages:

• Object storage: to access binary objects through the REST API.
• Block storage: offers access-to-block storage devices by affixing volumes their current VM instances.
• Shared File System storage: provides a set of services to manage multiple files together for storage and exchange with multiple users at one time.
  Ephemeral Storage: Referring to a single instance. As the name suggests, these storage options are temporary and short-lived and disappear once the VM is terminated.Interested in a high-paying career in Cloud Computing?

5. Define ‘users,’ ‘role’ and ‘tenant’ in OpenStack?

Ans:

Users can be members of multiple projects

Tenant is a group of users and an alternative term for Project/accounts where projects are organizational units in cloud processing

Role is the position to which a user is mapped (the authorization level). Roles are usually assigned to project-user duos.

6. Define Identity Service in OpenStack?

Ans:

Keystone is the most important and preferred Identity Service in OpenStack and executes the complete OpenStack Identity API. The Keystone Identity Service is responsible for user management and service catalog. In user management, it tracks users and their permissions while Service Catalog offers a list of services available with their API. The former provides authentication credential details of users, tenants and roles.

Internal services like Token and Policy are also part of Keystone Identity

7. Define the Networking Managers in OpenStack Cloud?

Ans:

Flat Network Manager: This places all VMs on a single network utilizing the same subnet and bridge as created by the administrator. Thus, all VMs share the same network that can be interconnected and are known to have Flat Network Manager.

• Flat DHCP Network Manager: Much similar to the above except that the IP addresses to VM are assigned via DHCP (Dynamic Host Configuration Protocol).
• VLAN: Unlike the single network concept, VLAN facilitates more secure and separate network to VMs. It has a physical switch to offer separate virtual network and separate IP range and bridge for each tenant. This is indeed most preferable choice for multi-tenant/project environment.

8. Name the commands used to pause and un-pause(resume) an instance ?

Ans:

9. List the storage locations for VM images in OpenStack ?

Ans:

• OpenStack Object Storage
• Filesystem
• S3
• HTTP
• RBD or Rados Block Device
• GridFSMaster Openstack  from industry experts.

10. What is Token?

Ans:

Token is a type of authentication similar to password-based validation. A token gets generated once the user inserts the credentials and authenticates as a Keystone user. The token can then be used to access OpenStack services without any revalidation. It is interesting to note that a token is active for a limited period and must be renewed after regular intervals.

To create a token, users first need to authenticate their Keystone credentials.

11. What is OpenStack Python SDK?

Ans:

Python SDK (Software Development Kit) helps users to write applications for performing automation tasks in Python by calling Python objects. It provides a platform to work with multiple OpenStack services at one place. It consists of language bindings to access OpenStack clouds, complete API reference, easy interaction with REST API and sample code for initial applications.

12. Describe the function of Filter Scheduler?

Ans:

The Filter Scheduler facilitates filtering and weighting to notify where a new instance can be created. It supports working with Compute Nodes. Filter Scheduler firstly creates an unfiltered dictionary of hosts and then filter them using related properties and makes the final selection of hosts for the number of instances as needed.

13. What are the different endpoint types of OpenStack Cloud Computing Services?

Ans:

The different types of endpoints in the OpenStack Cloud Computing Services are as below –

• Public type endpoint
• Admin type endpoint and
• Internal type endpoint.

14. List down the Networking hardware in OpenStack?

Ans:

• Networks
• Routers
• Subnets
• Ports Vendor Plugins

15. Define Hypervisor ?

Ans:

For all cloud computing paltforms, Hypervisor is a term to define virtual machine monitor (VMM) including hardware, software and firmware components running on a virtual machine. Host machine is the one having hypervisor with one or more virtual machines.

OpenStack Compute allows multiple hypervisors. There are functionalities to choose one among them for a specific purpose.

16. List down the type of Hypervisors supported by OpenStack?

Ans:

• KVM (Kernel-based Virtual machine)
• LXC: Linux Containers having Linux-based VMs
• QEMU: Quick EMUlator used for development purposes
• UML: User Mode Linux used for development purposes
• VMware vSphere: VMware-based Linux and Windows via vCenter server connection.
• Hyper-V: Server virtualization with Microsoft’s Hyper-V

17. Explain in brief the modular architecture of OpenStack?

Ans:

The three important components of OpenStack modular architecture are:

OpenStack Compute: For managing large networks on the virtual machine

Image Service: The delivery service provides discovery and registration for virtual disk images

OpenStack Object Storage: A storage system that provides support for both block storage and object storage

18. What command manages floating IP addresses in OpenStack

Ans:

19. Define bare-metal node ?

Ans:

Bare-metal node grants access to control bare-metal driver that handles the provisioning of OpenStack Compute physical hardware utilizing the standard cloud APIs and tools like Heat. It is generally used for single tenant clouds like high-performance cluster computing. For using the bare-metal driver, a network interface must be created with the bare-metal node inserted into it. Afterwards, users can launch an instance from the node. Users can also list and delete bare-metal nodes by removing the associated network instances

20. List down the components of OpenStack Comput?

Ans:

Nova (Compute) Cloud comprises following components:

• API server
• Message Queue (Rabbit-MQ Server)
• Compute Workers (Nova-Compute)
• Network controller (Nova-Network)
• Volume Worker
• Scheduler

21. What is floating IP ?

Ans:

Floating IP is an IP address which is acts as a public ip address. In localhost, floating ip address are any ip address which you have defined for your infrastructure. But in the real scenario, floating IP address are the real publi ip address which are provided by the ISP (Internet Service Provider)

22.  What is Cinder ?

Ans:

Cinder is a block based storage in which we create the LUNs and use it for the file system storage. First, we will create a LUN, then scan it on the OS. Then, we create the file system on it and mount it. This is how we can use cinder volume for storing the data. Cinder is equivalent to Amazon EBS.

23.  What is Swift ?

Ans:

Swift is the object based storage which by passes the file system structure. We can directly upload and download the different objects on swift storage. It is uses where read are more and write are less to objects. Swift is equivalent to Amazon S3.

24.  What is Nova Scheduler ?

Ans:

Nova scheduler dispatches the request for new virtual machines to the correct compute nodes based on configured weights and filters. Basically, it checks the different compute nodes based on some algorithms which helps it to create virtual machine on which compute node.

25.  What is Neutron ?

Ans:

Neutron is the service which provides the functionality of the network layer. Here, you can create your own isolated network for your own infrastructure. You can create your own network, subnets, route tables and many more.

26. Describe the function of Filter Scheduler.

Ans:

The Filter Scheduler facilitates filtering and weighting to notify where a new instance can be created. It supports working with Compute Nodes. Filter Scheduler firstly creates an unfiltered dictionary of hosts and then filter them using related properties and makes the final selection of hosts for the number of instances as needed.

27. Define the Networking option in OpenStack?

Ans:

•  CapacityFilter: filtering based on volume host’s capacity consumption
•  DifferentBackendFilter: Scheduling volumes to a different back-end
•  DriverFilter: filters based on ‘filter function’ and ‘metrics’
• InstanceLocalityFilter
• JSONFIlter
• RetryFilter: Filter the previously attempted hosts
• SameBackendFilterMost in-depth, industry-led curriculum in Openstack.

28.Explain in brief the modular architecture of OpenStack.

Ans:

The three important components of OpenStack modular architecture are:

OpenStack Compute: For managing large networks on the virtual machine

Image Service: The delivery service provides discovery and registration for virtual disk images

OpenStack Object Storage: A storage system that provides support for both block storage and object storage

29. What are the biggest opportunities for folks who want to create something awesome and outstanding in the OpenStack Network Project?

Ans:

• There will be a big push in Havana for VPN-as-a-Service in several different deployment modes. Also, we’ll extend load balancing. In Grizzly we took the baby steps of getting it out and there’s several vendors who are now trying to leverage that API.  IPv6 support is also going to be big as well. More internet service providers are offering v6 services for business deployments. Ensuring that OpenStack Network Project works for the various deployment modes of IPv6 is going to be important as well.
• We also have excitement around folks who are working on bare metal with OpenStack Networking and on device management in larger scale: If I’m a hardware vendor – how do I integrate my piece of hardware into OpenStack Networking? Also, we are focused on deployer topics such as: How can I provide different level service level offerings?

30.List down the components of OpenStack Compute ?

Ans:

Nova (Compute) Cloud comprises following components:

• API server
• Message Queue (Rabbit-MQ Server)
• Compute Workers (Nova-Compute)
• Network controller (Nova-Network)
• Volume Worker
• Schedule

31.  What Will You Do In Case Of Server Failure?

Ans:

• If a server is having hardware issues, it is a smart thought to ensure the Object Storage services are not running. This will permit Object Storage to work around the disappointment while you investigate.
• If the server simply needs a reboot or a little measure of work that should just last two or three hours, at that point, it is most likely best to let Object Storage work around the disappointment and recover the machine settled and on the web. At the point, when the machine returns online, replication will ensure that anything absent amid the downtime will get refreshed.
• If you can’t supplant the drive instantly, at that point, it is best to abandon it unmounted and expel the drive from the ring. This will permit every one of the limitations that were on that drive to be reproduced somewhere else until the point when the drive is supplanted. Once the drive is supplanted, it can be re-added to the ring.

32. How can you overcome any type of sudden server failure?

Ans:

During the failure of the server or when the server is not seen to be perfectly functioning then the Object Storage services should not be running. Hence, it is best to close them to this problem arises. This is because to know the solution, troubleshooting must be done. Closing the object storage service will allow it to work or function while troubleshooting is still going on. However, often such failure just needs rebooting and hence for this work which doesn’t require much time, the object storage service doesn’t need to be closed. Update to this service will be added once the machine gets online after rebooting. Removing the drive from the ring is the best idea when the driver can’t be replaced. But if it can be replaced, then it can be added back to the ring.

33.  What Is Sanitization Process?

Ans:

The sanitization process removes information from the media such that the information cannot be retrieved or reconstructed. Sanitization techniques, including clearing, purging, cryptographic erase, and destruction, prevent the disclosure of information to unauthorized individuals when such media is reused or released for disposal.

34.  What Is Alarm In Openstack?

Ans:

Alarms provide user-oriented Monitoring-as-a-Service for resources running on OpenStack. This type of monitoring ensures you can automatically scale in or out a group of instances through the Orchestration module, but you can also use alarms for general-purpose awareness of your cloud resources’ health.

35.  What Is Orchestration?

Ans:

Orchestration is an orchestration engine that provides the possibility to launch multiple composite cloud applications based on templates in the form of text files that can be treated like code.

36.  What is CPU Pinning in OpenStack Cloud Computing?

Ans:

The CPU Pinning is defined as the process of reserving the physical core parts of virtual machines specified as per the requirement. It is also called the process of isolating the CPU.

37. What is the role of Integration Bridge(br-int) on the Compute Node ?

Ans:

• The integration bridge (br-int) performs VLAN tagging and untagging for the traffic coming from and to the instance running on the compute node.
• Packets leaving the n/w interface of an instance goes through the linux bridge (qbr) using the virtual interface qvo. The interface qvb is connected to the Linux Bridge & interface qvo is connected to integration bridge (br-int). The qvo port on integration bridge has an internal VLAN tag that gets appended to packet header when a packet reaches to the integration bridge.

38. What is the role of Tunnel Bridge (br-tun) on the compute node?

Ans:

• The tunnel bridge (br-tun) translates the VLAN tagged traffic from integration bridge to the tunnel ids using OpenFlow rules.
• br-tun (tunnel bridge) allows the communication between the instances on different networks. Tunneling helps to encapsulate the traffic travelling over insecure networks, br-tun supports two overlay networks i.e GRE and VXLAN

39.What is the role of external OVS bridge (br-ex)?

Ans:

As the name suggests, this bridge forwards the traffic coming to and from the network to allow external access to instances. br-ex connects to the physical interface like eth2, so that floating IP traffic for tenants networks is received from the physical network and routed to the tenant network ports.

40.Describe Troubleshooting checklist ?

Ans:

• Identify & reproduce the problem 
• What was the user / admin interaction what triggered it 
• Collect information 
• Client tools being used, versions, debug output
• Services being involved, configuration, logs, debug output
• Check environment: networking, OS, dependent services, storage disk space, etc.
• Fix trivial issues ○ Fix it on the spot, experiment with dev/test environment, home lab
• Ask for help
• Use web search, reach out to docs, support, developers 
• Mitigate carefully
• Plan and test the steps of the mitigation procedure (aka “do not break prod”)
• Document everything for future reference

41. How can you transfer volume from one owner to another in OpenStack?

Ans:

We can transfer a volume from one owner to another by using the command

42. What Is The Command Used For Unpause And Pause An Instance?

Ans:

To unpause an instance:

To pause an instance:

43. Explain How You Can Transfer Volume From One Owner To Another In Openstack?

Ans:

You can transfer a volume from one owner to another by using the command cinder transfer

44.What Are The Main Components Of Identity User Management?  

Ans:

Users: It is a digital representation of a person, service or system who uses OpenStack cloud services

Roles: A role includes a set of rights and privileges. A role determines what operations a user is permitted to perform in a given tenant

Tenants: A container used to group or isolate resource or identity objects. Depending on service operator a tenant may map to a customer, account, organization or project.

45.What Are Data Privacy Concerns In Openstack, How Those Can Be Remediated?

Ans:

• Data residency: Concerns over who owns data in the cloud and whether the cloud operator can be ultimately trusted as a custodian of this data have been significant issues in the past.
• Data disposal: Best practices suggest that the operator sanitize cloud system media (digital and non-digital) prior to disposal, release out of organization control or release for reuse.
• Data not securely erased: This may be remediated with database and/or system configuration for auto vacuuming and periodic free-space wiping.

Instance memory scrubbing, Cinder volume data, Image service delay delete feature.

46. How To Create A Normal User In Openstack ?

Ans:

47. How You Assign A Project To A User ?

Ans:

48. How You Can Remove A Rule From Security Group ?

Ans:

49. How To Display Images Using Nova Client ?

Ans:

 50.How To See A List Of Roles And The Associated Ids I n Our Environment ?

Ans:

keystone role-list

51. What Is Job Of User Crud ?

Ans:

The user CRUD filter enables users to use a HTTP PATCH to change their own password.

52.Where Caching Configuration Is Stored ?

Ans:

The majority of the caching configuration options are set in the [cache] section of the keystone.conf file.

53.  What Is Alarm In Openstack ?

Ans:

Alarms provide user-oriented Monitoring-as-a-Service for resources running on OpenStack. This type of monitoring ensures you can automatically scale in or out a group of instances through the Orchestration module, but you can also use alarms for general-purpose awareness of your cloud resources’ health.

54. How To Migrate Running Instances From  One Openstack Compute Server To Another Openstack Compute Server ?

Ans:

Check the ID of the instance to be migrated

• Check the information associated with the instance
• Select the compute node the instance will be migrated to.
• Check that Host has enough resources for migration
• Migrate the instance using the $ nova live-migration SERVER HOST_NAME command.

55. How You Can Change Behavior Of Dhcp  Server ?

Ans:

The behavior of dnsmasq can be customized by creating a dnsmasq configuration file

56. What Is Use Of Account Reaper ?

Ans:

In the background, the account reaper removes data from the deleted accounts.

57. Define Flavor

Ans:

Flavors are virtual hardware templates present in OpenStack, which define the memory sizes of RAM, hard disk, etc. Flavors illustrate a number of parameters like ID, Name, Memory_MB, Disk and others, giving a choice of Virtual Machine to the user just like having a physical server. OpenStack dashboard also allows users to modify a flavor by deleting the existing one and creating a new with the similar name and parameters.

58. How to create a user in OpenStack?

Ans:

59. How to assign a project/tenant to a user?

Ans:

By using the command

60. Can we see the list of roles and associated IDs in OpenStack environment?

Ans:

Yes, by using keystone role-list

61. What is the command used for pause and unpause an instance?

Ans:

To pause an instance, command used is

To unpause an instance, command used is

62.What are services generally run on a controller node?

Ans:

Following services run on a controller node:

• Identity Service ( KeyStone)
• Image Service ( Glance)
• Nova Services like Nova API, Nova Scheduler & Nova DB
• Block & Object Service
• Ceilometer Service
• MariaDB / MySQL and RabbitMQ Service
• Management services of Networking (Neutron) and Networking agents
• Orchestration Service (Heat)

63. What are the services generally run on a Compute Node?

Ans:

Following services run on a compute node,

• Nova-Compute
• Networking Services like OVS

64. What is the default location of VMs on the Compute Nodes?

Ans:

VMs in the Compute node are stored at “/var/lib/nova/instances”

65. What is default location of glance images?

Ans:

As the Glance service runs on a controller node, all the glance images are store under the folder “/var/lib/glance/images” on a controller node.

66. What is OpenStack and explain its uses?

Ans:

The OpenStack is the most popular open source cloud computing platform that provides virtual machine resources and IaaS (Infrastructure as a Service) Services to most of the customers. It captures the market in the future of cloud computing. All the services provided by the OpenStack can be accessed and managed through the GUI based user interface. The several benefits of the OpenStack Cloud Computing are mentioned below –

• OpenStack boosts the business by eliminating the maintenance services.
• Improves agility and high availability.
• Improves Efficiency and provides cloud infrastructure.
• It provides great services for on-demand infrastructure services within no time.
• OpenStack gives the opportunity of building own data center in turn which provides more control over the data being managed and controlled.
• OpenStack enables rapid development.
• OpenStack boosts high scalability and effective resource utilization

67. What are the different key components involved in the OpenStack Cloud Computing platform?

Ans:

The different key components available with the OpenStack Cloud Computing platform are Keystone, Neutron, Nova, Cinder, Horizon, Swift, Heat, Ceilometer and Glance. 

Keystone – It enables the identity service for all the cloud users and different OpenStack cloud services. It is also a way of providing access to the individual cloud users for different services available.

Neutron – It enables the networking functionality to the Virtual Machines. It also Computes nodes and Controller Nodes in its architectural model.

Nova – It controls the Virtual machine instances at the computing level and performs different computing tasks at hypervisor level or compute node level.

Cinder – It enables block storage facility, which is normally integrated with the Chef and Scale IO to enable the block storage service to the Compute nodes and Controller nodes.

Horizon – It enables the GUI (Graphical User Interface) service, based on the GUI Admin mode and performs an entire day to day operations task easily.

Swift – It enables the object storage functionality which provides Glance images on the object storage whereas the external storage Scale IO can be made to work as Object storage and integrated with the Glance Services.

Heat – It enables the orchestration service functionality by using the Heat admin service or functionality and can easily utilize the Virtual Machines as Stack IO as per the requirements in the stack by easily scaling in and Scaling out.

Ceilometer – It enables the billing services and telemetry services.

Glance – It enables Cloud Image services by utilizing glance admin services to upload and download the cloud images.

68. What are the different services run in controller mode of the OpenStack cloud architecture?

Ans:

The different types of services run on the OpenStack Cloud computing controller mode are as below –

• Identity Services such as Keystone.
• Nova Services such as Nova APIs
• Imaging Services such as Glance
• Nova Schedulers
• Nova Database Block and the Object Services
• Ceilometer Services
• MariaDB or MySQL database services and RabbitMQ messaging Services
• Networking Management services such as Neutron
• Networking agents and Orchestration Service such as Heat

69. What are the three different components of the modular OpenStack architecture model?

Ans:

This is the basic OpenStack Interview Questions asked in an interview. Please find below the different tables that are supported by OpenStack. The three different types of modular OpenStack architecture are OpenStack Compute, OpenStack Object Storage and Image Service which are explained as below –

• OpenStack Compute – The OpenStack Compute is used to manage larger networks of the virtual machine instances.
• OpenStack Object Storage – The OpenStack Object Storage is used to provide the support services for both the Object Storage and Block Storage models.
• Image Service– The Image Service is used to discover the delivery services and provides the registration services as well to the Virtual Disk Images.