TelcoCloud Training

Symbiosis Group of institutes in Pune, India is a well-known name for management studies in various disciplines.

Back in 2006 (18 years ago) I 𝗳𝗮𝗶𝗹𝗲𝗱 the MBA interview test of the "Symbiosis Institute of Digital & Telecom Management (SIDTM)". It was known by the name of SITM at that time. Later on, I dropped my plan of doing an MBA.

Today, I say with immense pride that I have been included as an industry expert in their yearly magazine "𝗣𝗿𝗲𝘃𝗶𝘀𝗶𝗼𝗻 𝟮𝟰"

𝘐𝘯 𝘵𝘩𝘦𝘪𝘳 𝘸𝘰𝘳𝘥𝘴 - "As one of the industry experts who contributed to this effort, you have helped us bridge the gap between academic learning and industry experiences. We additionally shared a more detailed version of your insights with our students, who have greatly benefited from that learning. "

Attached below are a few snapshots from the magazine itself.

"𝗗𝗶𝘀𝗰𝗼𝘂𝗻𝘁 𝗰𝗼𝘂𝗽𝗼𝗻 𝗮𝗹𝗲𝗿𝘁"

Announcing discount coupons on the bestselling courses of TelcoCloud i.e. OpenStack & Kubernetes in the context of NFV (TelcoCloud)

Statistics speak for themselves -

8000 enrolments
122 Countries
An excellent rating of 4.67 out of 5

The coupon code 𝗙𝗘𝗕-𝟮𝟬𝟮𝟰 applicable for February & get a 50%-80% discount based on your geography.

Course links here -

https://www.udemy.com/course/openstack-telcocloud-asad/?couponCode=FEB-2024

https://www.udemy.com/course/kubernetes-in-nfv-telcocloud/?couponCode=FEB-2024

Swag time 😎 😎 🤘 🤘

Ericsson India Global Services (EGI) has ranked as one of the ‘𝗧𝗼𝗽 𝟭𝟬𝟬 𝗚𝗿𝗲𝗮𝘁 𝗣𝗹𝗮𝗰𝗲𝘀 𝘁𝗼 𝗪𝗼𝗿𝗸’ for the 9𝘁𝗵 𝘁𝗶𝗺𝗲 in a row. Only a few companies can be truly proud of this stupendous achievement.

"𝗛𝗼𝘄 𝗺𝘂𝗰𝗵 𝗺𝗼𝗻𝘁𝗵𝗹𝘆 𝘀𝗮𝗹𝗮𝗿𝘆 𝗱𝗼 𝗜 𝗻𝗲𝗲𝗱 𝗶𝗻 𝗨𝗦 𝘁𝗼 𝗺𝗮𝗶𝗻𝘁𝗮𝗶𝗻 𝘁𝗵𝗲 𝘀𝗮𝗺𝗲 𝗹𝗶𝗳𝗲𝘀𝘁𝘆𝗹𝗲 𝗮𝘀 𝗜 𝗮𝗺 𝗵𝗮𝘃𝗶𝗻𝗴 𝗶𝗻 𝗜𝗻𝗱𝗶𝗮?"

It can be the US, UK, Dubai, Singapore, or any other city in the world but this is a very common concern among all of us at some point in our careers.

Well, the answer 𝙘𝙖𝙣𝙣𝙤𝙩 be found by simply applying the currency conversion.

There are a lot of factors that affect this calculation.

𝗡𝘂𝗺𝗯𝗲𝗼 - A platform I have been using for many years for this calculation has recently released its cost of living index of 2024.

Their calculation system is very good & they have a comprehensive list of data points that they use in their matrices. Well, no platform can give you the exact figures but I found Numbeo to be quite close to the actual figures when I verified the prices with my real connections living in these countries.

In the 1st figure below, you can see the two main metrics i.e. (Cost of living including Rent + Local Purchasing power). The 1st column (𝙊𝙧𝙖𝙣𝙜𝙚 𝙘𝙤𝙡𝙤𝙧) tells you that Dallas is almost 3.5 times and Singapore is approx 4 times costlier than Bangalore. This includes the relative prices of consumer goods like groceries, restaurants, transportation, utilities, and rented accommodation.

However, the second highlighted column (𝙜𝙧𝙚𝙚𝙣 𝙘𝙤𝙡𝙤𝙧) tells you the relative purchasing power in a given city based on the average net salary. A domestic purchasing power of 108 (Bangalore) means that residents with an average salary can afford, on average, 𝟴% 𝗺𝗼𝗿𝗲 goods and services compared to residents of New York City with an average salary while a value of 82 for London means that residents can afford, 𝟭𝟴% 𝗹𝗲𝘀𝘀 goods and services compared to residents of New York City

New York City is taken as a base reference for the calculation.

The 2nd figure gives you an exact comparison between Bangalore & Dallas which is available as a feature on the website

𝗣𝗦 - This calculation assumes net earnings (after income tax).

Link here - https://www.numbeo.com/cost-of-living/rankings.jsp

Excited to see myself as one of the '𝗙𝗶𝗿𝘀𝘁 𝗛𝘂𝗺𝗮𝗻' on .xyz which is a first-of-its-kind human search engine utilizing natural language.

Try here - https://www.linkedin.com/company/bunch-xyz

"𝗩𝗲𝗻𝗱𝗼𝗿 𝗹𝗼𝗰𝗸-𝗶𝗻 𝗶𝘀 𝙣𝙤𝙩 𝗯𝗮𝗱"

Yes, you heard it right.

In this world of open-source systems, the time has come when there is a requirement for a few vendors who can integrate and manage the hundreds of options available in building a tech solution.

Now, it is high time for system integrators to offer "Integration as a service" for all the solutions available in open-source & then sell the upgrade & support services for more revenue generation.

At least I would love to get locked into any such vendor.

What are your thoughts?

𝗦𝗼𝘂𝗿𝗰𝗲 - CNCF cloud-native landscape.

"𝗦𝘁𝗮𝗿𝘁𝗶𝗻𝗴 𝗻𝗲𝘄 𝘆𝗲𝗮𝗿 𝘄𝗶𝘁𝗵 𝗮 𝗱𝗶𝘀𝗰𝗼𝘂𝗻𝘁 𝗰𝗼𝘂𝗽𝗼𝗻 𝗼𝗻 𝗺𝘆 𝗰𝗼𝘂𝗿𝘀𝗲𝘀"

What can be a better start to a new year than providing a huge discount on the bestselling courses of their category?

Apply coupon 𝗝𝗔𝗡-𝟮𝟬𝟮𝟰 during checkout. This can give you an overall discount of 50% to 80% depending on your geography. Applicable for this month only.

Direct discounted course links are available here -

https://www.udemy.com/course/openstack-telcocloud-asad/?couponCode=JAN-2024

https://www.udemy.com/course/kubernetes-in-nfv-telcocloud/?couponCode=JAN-2024

Finding a JOB is a full-time job.

Many people are living in a dreamland that just by having the right skills Jobs will come to them.

Gaining skills is still the second most difficult thing in your career, Getting a job out of those skills remains first.

You still have few days to digest this fact & start working on it by the new year.

Wishing you all a very good year ahead

"𝗘𝗻𝗱 𝗼𝗳 𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝘀𝗲𝗿𝗶𝗲𝘀"

This marks the end of this series & all the Q&A are included in this article. Kindly bookmark this link for your reference.

This is one of the most demanded stuff in 2023. I am looking forward to contributing more such stuff in the next year.

OpenStack interview Q&A This article contains a series of Q&A for an OpenStack operations engineer, involved in configuring VNFs, performance monitoring, network troubleshooting, and technical support roles. The whole series is divided into four major sections i.

"𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗣𝗼𝘀𝘁-𝟮𝟯"

𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟮𝟯

The most asked question to me is - 𝗗𝗼 𝘆𝗼𝘂 𝗵𝗮𝘃𝗲 𝗮 𝗴𝗲𝗻𝗲𝗿𝗶𝗰 𝘁𝗿𝗼𝘂𝗯𝗹𝗲𝘀𝗵𝗼𝗼𝘁𝗶𝗻𝗴 𝗴𝘂𝗶𝗱𝗲 𝗳𝗼𝗿 𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸?

𝗔𝗻𝘀 - Yes I do 😀 😃

I used this guide during my initial OpenStack days & I found it useful for some cases. However, this doesn't claim to cover all the possible faults & problems.

Written down back in 2019 it might not contain the latest updates but the generic approach toward problem-solving is useful to build your approach.

The document is available through a public link here - https://docs.google.com/presentation/d/e/2PACX-1vSYFGHMy8iIEkhc_2F0V_N8OYGbPWlxGmCZ6WJfXZeCRYh3kl3PBQRNWWgvoWmhGbsae8XM0FzztGzP/pub?start=false&loop=false&delayms=5000&pli=1&slide=id.p2

𝙋𝙎 - I don't know the authors personally 🤗

"𝟲𝟬𝟬𝟬 𝗵𝗮𝗽𝗽𝘆 𝗳𝗮𝗰𝗲𝘀 𝘁𝗶𝗹𝗹 𝗻𝗼𝘄"

Here are some reviews on my bestselling Udemy courses i.e. "𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 & 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀", designed & created for absolute beginners in the TelcoCloud/NFV space.

I am very much happy to see that the average rating on my courses is 4.7 out of 5 which speaks for itself about the quality of the content.

Give yourself a gift of learning before the end of this year & grab the last discount of this year.

Apply coupon 𝗨𝗗𝗘𝗠𝗬-𝗗𝗘𝗖 during checkout. This can give you an overall discount of 50% to 80% depending on your geography. Applicable for this month only.

Direct discounted course links are available here -

https://lnkd.in/dEzqxKdD

https://lnkd.in/dbSwZ4-j

"𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗣𝗼𝘀𝘁-𝟮𝟮"

𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟮𝟮

"𝗣𝗲𝗿𝗳𝗼𝗿𝗺𝗮𝗻𝗰𝗲 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗶𝗻 𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝘃𝗶𝗮 𝗦𝗔𝗥 𝘂𝘁𝗶𝗹𝗶𝘁𝘆"

Although in every OpenStack-based datacenter, some or the other PM tools (Zabbix, Prometheus, etc) are already integrated, in the background all these PM tools are deriving their metrics from the PM counters generated by the Linux Kernel of the compute nodes.

The 𝗦𝗔𝗥 (𝗦𝘆𝘀𝘁𝗲𝗺 𝗔𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗥𝗲𝗽𝗼𝗿𝘁) command in Linux is a powerful tool for monitoring and analyzing system resources & if you can clearly understand the SAR utility then you understand the root of PM, as this can be used even if no PM tool is integrated with your system. Generally, it comes bundled with every Linux distribution like RHEL, CentOS, etc.

SAR commands below will help you to understand the system resource utilization in detail. With the below outputs, you can quickly conclude a resource problem is coming from the application or the infrastructure. Remember that these commands should be fired inside the compute servers as root user. The granularity of the report is generally set as 10 mins but, can also be configurable to other values.

The syntax has the following meanings -
Kindly put the syntax values as per your requirement.

sa05 is 5th day of the month
-s is start time
-e is end time

1. For ex - the following command will give you the "𝗥𝗔𝗠" related metrics (used_mem, free_mem, buffer_mem) on the 10th day of the month between 9-11 AM
sar -r -f /var/log/sa/sa10 -s 09:00:00 -e 11:00:00

2. Similarly, this will give you all the "𝗖𝗣𝗨" metrics like (%CPU remained idle, used by the system, by application, etc)
sar -P ALL -f /var/log/sa/sa10 -s 09:00:00 -e 11:00:00

3. This one will fetch all the "𝗗𝗜𝗦𝗞𝘀 𝗜/𝗢 𝘂𝘀𝗮𝗴𝗲" like (await time, %util, reads/sec, writes/sec)
sar -p -d -f /var/log/sa/sa10 -s 09:00:00 -e 11:00:00

4. This will get the "𝗣𝗮𝗰𝗸𝗲𝘁 𝗱𝗿𝗼𝗽𝘀 & 𝗲𝗿𝗿𝗼𝗿𝘀" for all the interfaces (physical or virtual) in the compute node
sar -f /var/log/sa/sa10 -n EDEV -s 09:00:00 -e 11:00:00

5. This will get the "𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗧𝗿𝗮𝗳𝗳𝗶𝗰" (TX & RX packets/sec, speed in kbps) for all the interfaces (physical or virtual) in the compute node
sar -f /var/log/sa/sa29 -n DEV -s 09:00:00 -e 09:30:00

Now, you can club these commands with other Linux utilities like 'grep', 'cut', 'awk', etc to get the desired output of your choice.

"𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗣𝗼𝘀𝘁-𝟮𝟭"

𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟮𝟭

What are some common problems encountered in Ceph & how they can be resolved?

𝗔𝗻𝘀 - There can be many problems in your CEPH storage system including OSD down, MON down, Storage latency, Disk problems, Low disk space, etc.

Below are some of the problematic scenarios identified via commands & log outputs along with their resolutions. Obviously, they are 𝘯𝘰𝘵 the only problems in Ceph.

"𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗣𝗼𝘀𝘁-𝟮𝟬"

𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟮𝟬

What is Ceph?

𝗔𝗻𝘀 - Whoever has worked in an OpenStack environment, must have worked on Ceph. I mean it is almost impossible to skip Ceph on an openstack-based infrastructure.

It is a scalable, open-source, community focussed software-defined storage platform, extensively used in private cloud datacenters.

The picture below shows -

1. The basic architecture of ceph & its components
i.e. OSDs, MONs (monitors) & MGR (manager)

2. How does the data replication work?
Logically, the same type of data chunks are called pools, pools-->have placement groups (PGs)--> have objects-->PGs are replicated over OSDs (Disk drives) as defined by the replication factor.

(Pools & PGs are defined at the time of deployment)

& there are some other facts about ceph that need to be remembered as follows -

- Ceph is 𝘕𝘖𝘛 a core component of OpenStack.
- Cinder & Swift are storage components of OpenStack.
- Ceph is a highly recommended storage backend by RedHat that can manage both Cinder and Swift.
- Technically, it is possible to install OpenStack '𝘸𝘪𝘵𝘩𝘰𝘶𝘵' ceph.
- Ceph is capable of auto-scaling to the exabyte level
- Ceph can run on commodity hardware (COTS)
- It has 𝘱𝘳𝘰𝘷𝘦𝘯 self-managing & self-healing capabilities
- It has no single point of failure

If you want to dig deep into Ceph then read about the 𝗖𝗥𝗨𝗦𝗛 𝗮𝗹𝗴𝗼𝗿𝗶𝘁𝗵𝗺 which is the actual powerhouse of Ceph.

𝙃𝙞𝙣𝙩 - Search 'Ceph Architecture by Sniper networks' on Youtube. It is the most detailed description of Ceph in a single video of 38 mins.

"𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗣𝗼𝘀𝘁-𝟭𝟵"

𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟭𝟵

Why there are always an odd number (3,5,7) of controllers in any production-grade OpenStack environment?

𝗔𝗻𝘀 - Any highly available (HA) system, whether OpenStack or Kubernetes works on the principle of RAFT consensus algorithm for quorum. It needs a minimum fault tolerance of "one" to maintain high availability in any production-grade system.

How fault tolerance is calculated? See below -

Fault tolerance = (No of control nodes - Quorum)

Where Quorum = (n/2 + 1) Rounded off to the nearest whole number

Quorum is the minimum number of nodes required to commit any changes to the database.

In the picture below you can see that (3,5 & 7) are the best choices for an HA system while (4 & 6) are not the best choices because they give the same fault tolerance that too with an extra node. Similarly (1 & 2) give '𝗡𝗢' fault tolerance and so, are not applicable for providing HA.

More than 7 master nodes will result in an overhead for determining cluster membership and quorum and so, it is not recommended. Depending on your needs, you typically end up with 3 or 5 master nodes.

"𝗖𝗲𝗹𝗲𝗯𝗿𝗮𝘁𝗶𝗻𝗴 𝗧𝗵𝗮𝗻𝗸𝘀𝗴𝗶𝘃𝗶𝗻𝗴 𝗯𝘆 𝗽𝗿𝗼𝘃𝗶𝗱𝗶𝗻𝗴 𝗱𝗶𝘀𝗰𝗼𝘂𝗻𝘁 𝗼𝗻 𝗺𝘆 𝗰𝗼𝘂𝗿𝘀𝗲𝘀"

I am happy to announce more than 50% discount on both of my bestselling Udemy courses i.e. "𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 & 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀", designed & created for absolute beginners in the TelcoCloud/NFV space.

"𝘛𝘩𝘪𝘴 𝘪𝘴 𝘵𝘩𝘦 𝘭𝘢𝘴𝘵 𝘥𝘪𝘴𝘤𝘰𝘶𝘯𝘵 𝘤𝘰𝘶𝘱𝘰𝘯 𝘰𝘧 𝘵𝘩𝘪𝘴 𝘺𝘦𝘢𝘳" & I am glad to share both the courses have maintained a rating of 4.7 out of 5 with excellent reviews & feedback.

Apply coupon 𝗨𝗗𝗘𝗠𝗬-𝗗𝗘𝗖 during checkout. This can give you an overall discount of 50% to 80% depending on your geography. Applicable for this month only.

Direct discounted course links are available here -

https://www.udemy.com/course/openstack-telcocloud-asad/?couponCode=UDEMY-DEC

https://www.udemy.com/course/kubernetes-in-nfv-telcocloud/?couponCode=UDEMY-DEC

"𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗣𝗼𝘀𝘁-𝟭𝟴"

𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟭𝟴

What are the steps involved & time taken in the OpenStack deployment for a production-grade Telco data center?

𝗔𝗻𝘀 - This seems a very basic question but it is very hard to answer. You will 𝘯𝘰𝘵 find this information in any of the official documentation of OpenStack.

Deploying OpenStack in a production environment is not at all an easy task. It requires a lot of planning & ex*****on at various levels. The picture shows the steps involved in the process along with the "𝘦𝘹𝘢𝘤𝘵 𝘵𝘪𝘮𝘪𝘯𝘨𝘴" for each task however, it doesn't include the physical installation of the rack, servers, and network devices.

This setup was a high-availability system deployed by 𝘰𝘯𝘦 𝘰𝘧 𝘮𝘺 𝘵𝘦𝘢𝘮 𝘮𝘦𝘮𝘣𝘦𝘳𝘴 using 𝗧𝗿𝗶𝗽𝗹𝗲𝗢 𝘁𝘆𝗽𝗲 𝗱𝗲𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁 𝗼𝗳 𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗦𝘁𝗲𝗶𝗻 𝘃𝗲𝗿𝘀𝗶𝗼𝗻 with the following details -

- 3 controllers
- 3 Storage nodes
- 12 Compute nodes
- 1 Undercloud/Director machine
- Single rack with 4 Leaf/TOR switches
- CentOS 7-x86 base image and an OpenStack (stein) image for Overcloud installation.

"𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗣𝗼𝘀𝘁-𝟭𝟳"

From today I am starting 𝗦𝗲𝗰𝘁𝗶𝗼𝗻 𝟯 of the OpenStack interview series that will include some miscellaneous topics on Ceph storage, performance & troubleshooting in OpenStack.

At the end of this section, all the Q&A will be consolidated in the same LinkedIn article where Sections 1 & 2 are summarized (I will reshare the article after completion)

𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟭𝟳

A very basic question generally asked in the interviews - "Summarize the VM creation flow in simple terms"

This picture summarizes the steps in a very easy way. I am not sure about the source of the image but I have it from my initial days in OpenStack.

Cloud Security post - 3

"𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝘁 𝗲𝘃𝗲𝗿𝘆 𝗹𝗮𝘆𝗲𝗿 𝗼𝗳 𝗮 𝗖𝗡𝗙"

The security; & threat model for cloud-native telecom applications is a complex web & there cannot be a single solution to this problem

Containerized network functions (CNFs) in a Telco cloud infrastructure are typically secured through a combination of hardware, network, and application-level security measures.

There is a saying in the security world that - The "𝗰𝗹𝗼𝘂𝗱 𝗽𝗿𝗼𝘃𝗶𝗱𝗲𝗿" is responsible for the security “𝗼𝗳” the cloud whereas "𝘆𝗼𝘂" are responsible for the security “𝗶𝗻” the cloud.

This picture summarizes the kind of security measures taken at every layer of the stack in a cloud-based system. This includes some tools, methodologies & best practices at every level.

Cloud Security post - 2

"𝗖𝗹𝗼𝘂𝗱 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗶𝗻 𝗧𝗲𝗹𝗲𝗰𝗼𝗺 "

Here come our guys :-)

𝗧𝗵𝗲 𝗧𝗲𝗹𝗰𝗼 𝗿𝗲𝗴𝘂𝗹𝗮𝘁𝗼𝗿𝘀 - Working groups (by GSMA & 3GPP) specific to telecom security regulations.

- Network Equipment Security Assurance Scheme (NESAS) - It ensures that the product has been developed and tested securely. However, it doesn't ensure threat detection & its management.

- Mobile threat intelligence framework (MOTIF) - Identifying & remediating mobile cyber threats.

All the NEPs (Network equipment providers) like Nokia, Ericsson, Huawei, etc are trying to become NESAS-compliant to guarantee a secure development of the product while the operators (CSPs) to include MOTIF-compliant threat frameworks at the operational level to secure the network.

This is in addition to the compliance at the national & industry levels that is mentioned in this post --> https://www.linkedin.com/feed/update/urn:li:activity:7130789758682742784/

Cloud Security post - 1

"𝗧𝗵𝗲 𝘄𝗵𝗼'𝘀 𝘄𝗵𝗼 𝗼𝗳 𝗰𝗹𝗼𝘂𝗱 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆"

Security is the least talked about and most important topic in the cloud world. The cloud infrastructure as well as the applications are typically secured through a combination of hardware, network, virtualization/CaaS layer, and application-level security measures.

There are many regulators and standard bodies involved in identifying & remediating security vulnerabilities & threats & therefore, a complex web of threat intelligence frameworks exists in today's time.

In this post let us understand who is doing what.

1. 𝗧𝗵𝗲 𝗿𝗲𝗴𝘂𝗹𝗮𝘁𝗼𝗿𝘀 - These are national bodies defining security rules & regulations for their countries.

- Cybersecurity & Infrastructure Security Agency (CISA - child of NSA) in the USA
- European union agency for cybersecurity (ENISA) in the EU
- Cyberspace Administration of China (CAC) in China
- Likewise in other countries (not necessarily in all of them)

2. 𝗧𝗵𝗲 𝗶𝗻𝗱𝘂𝘀𝘁𝗿𝘆 𝘀𝘁𝗮𝗻𝗱𝗮𝗿𝗱𝘀 - are non-profit groups of industry experts that either work independently or along with the govt agencies to improve the security of software applications & their infrastructure.

- Center for Internet Security (CIS) - globally recognized best practices for securing IT systems and data.
- MITRE - globally accessible knowledge base of adversary tactics and techniques based on real-world observations.

There are more than 100 organizations listed in the CNCF security landscape, trying to solve the security problem of today's cloud systems.





See next post about security in Telco

"𝗗𝗶𝘀𝗰𝗼𝘂𝗻𝘁 𝗖𝗼𝘂𝗽𝗼𝗻 𝗔𝗹𝗲𝗿𝘁"

November is a month of fall, and thanksgiving and marks the entry of pink winters in various parts of the world.

To celebrate the spirit of November I am giving discount coupons on both of my Udemy courses i.e. "𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 & 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀", designed & created for absolute beginners in the TelcoCloud/NFV space.

Apply coupon 𝗨𝗗𝗘𝗠𝗬-𝗡𝗢𝗩 during checkout. This can give you an overall discount of 50% to 80% depending on your geography.

Direct discounted links are available here -

https://www.udemy.com/course/openstack-telcocloud-asad/?couponCode=UDEMY-NOV

https://www.udemy.com/course/kubernetes-in-nfv-telcocloud/?couponCode=UDEMY-NOV

"𝗠𝗲𝗻𝘁𝗼𝗿𝘀𝗵𝗶𝗽 𝗳𝗼𝗿 𝗧𝗲𝗹𝗲𝗰𝗼𝗺 𝗽𝗿𝗼𝗳𝗲𝘀𝘀𝗶𝗼𝗻𝗮𝗹𝘀"

In the ever-evolving tech landscape, mentorship from experienced professionals is invaluable, offering insights, real-world solutions, and industry wisdom.

Mentorship bridges the gap between theory and practice, clearing confusion, fostering confidence & a sense of community, and paving the way toward a clear career goal.

These are some testimonials I received during my mentorship sessions.





Connect with me on Topmate
https://topmate.io/telcocloudtrainer

"𝗙𝗿𝗲𝗲 𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 & 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀 𝗰𝗼𝘂𝗿𝘀𝗲𝘀 𝗳𝗼𝗿 𝘀𝘁𝘂𝗱𝗲𝗻𝘁𝘀 & 𝗳𝗿𝗲𝘀𝗵𝗲𝗿𝘀"

I have two bestselling courses on Udemy - "𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 & 𝗞𝘂𝗯𝗲𝗿𝗻𝗲𝘁𝗲𝘀".

I have designed them for absolute beginners in the TelcoCloud/NFV industry.

For those who can afford it. I always run a discount coupon. Ask me for discounts.

I can see that students & freshers are still struggling to enter the telco cloud industry just because they don't have the basic skills required in this domain.

Therefore I have decided to grant an absolutely "𝗙𝗥𝗘𝗘" access for a lifetime by providing a free coupon every month to a bunch of students & freshers (having 0-2 years of exp) for both of my courses.

Kindly take it as a facility & 𝘯𝘰𝘵 as a privilege because I reserve the right to provide coupons at my discretion.

Here is how you can get it -

1. Limited coupons are available on a monthly basis & are only available to students & freshers.
3. Send me a DM on LinkedIn. (If you're not connected to me then send a connection request first)
4. Just write "Fresher coupon needed for # # #" in the message box. # # # can be either OpenStack or K8s.
5. I will check your profile & "may" ask you a few queries about your education & career.
6. A coupon will be granted to you.

No other channel (Gmail, Insta, FB) is allowed for coupons. 𝘖𝘯𝘭𝘺 𝘓𝘪𝘯𝘬𝘦𝘥𝘐𝘯 𝘮𝘦𝘴𝘴𝘢𝘨𝘪𝘯𝘨

Course links here -

https://www.udemy.com/course/openstack-telcocloud-asad/?couponCode=UDEMY-OCT

https://www.udemy.com/course/kubernetes-in-nfv-telcocloud/?couponCode=UDEMY-OCT

"𝗝𝗼𝗯 𝗮𝗹𝗲𝗿𝘁 𝗳𝗼𝗿 𝘄𝗼𝗺𝗲𝗻 𝗶𝗻 𝗘𝗿𝗶𝗰𝘀𝘀𝗼𝗻"

Ericsson is conducting a special referral drive for women across 𝗮𝗹𝗹 𝗱𝗼𝗺𝗮𝗶𝗻𝘀 on 𝗮𝗹𝗹 𝗷𝗼𝗯 𝘀𝘁𝗮𝗴𝗲𝘀 at various locations 𝗶𝗻 𝗜𝗻𝗱𝗶𝗮.

I can refer your CV. Follow these steps -

1. Go to Ericcson's career page & search for the job(s) of your choice - https://www.ericsson.com/en/careers
2. Send me the 𝗝𝗼𝗯 𝗜𝗗 along with your 𝗖𝗩 via LinkedIn messenger only (No other communication channel)
3. If you're not my connection then first send me a connection request so that you can DM me.
4. I will refer your CV to the given job ID(s). Remember, there will be no referral without the job ID.

Emphasizing again - This is "𝗮𝗽𝗽𝗹𝗶𝗰𝗮𝗯𝗹𝗲 𝘁𝗼 𝘄𝗼𝗺𝗲𝗻 𝗼𝗻𝗹𝘆"

"𝗟𝗮𝗰𝗸 𝗼𝗳 𝘀𝗸𝗶𝗹𝗹𝘀 𝗶𝘀 𝗿𝗲𝗴𝗮𝗿𝗱𝗲𝗱 𝗮𝘀 𝘁𝗵𝗲 𝗺𝗮𝗶𝗻 𝗯𝗮𝗿𝗿𝗶𝗲𝗿 𝗶𝗻 𝘁𝗵𝗲 𝗮𝗱𝗼𝗽𝘁𝗶𝗼𝗻 𝗼𝗳 𝗰𝗹𝗼𝘂𝗱-𝗻𝗮𝘁𝗶𝘃𝗲 𝗶𝗻 𝗧𝗲𝗹𝗰𝗼𝘀"

The poll, which attracted responses from more than 200 respondents, was held during TelecomTV’s fifth annual Cloud Native Telco Summit.

Operators grapple with the migration of services and customers from existing systems to their cloud-based platforms.

As a trainer, I identified this gap 2 years ago & that is the reason I have created two courses for the Telco industry on the most used cloud technologies in telecom (i.e. OpenStack & Kubernetes). The courses are bestsellers in their category.

Why are you still waiting?

Here are the discounted links. Start your cloud-native journey today -

https://www.udemy.com/course/openstack-telcocloud-asad/?couponCode=UDEMY-OCT

https://www.udemy.com/course/kubernetes-in-nfv-telcocloud/?couponCode=UDEMY-OCT

All the Q&A of the "𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝘀𝗲𝗿𝗶𝗲𝘀" till now, are collected in this article.

You can bookmark this link for your future reference.

Going forward, the upcoming Q&A will also be hosted in this article only.

OpenStack interview Q&A This article contains a series of Q&A for an OpenStack operations engineer, involved in configuring VNFs, performance monitoring, network troubleshooting, and technical support roles. The whole series is divided into four major sections i.

"𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗦𝗲𝗿𝗶𝗲𝘀 - 𝗘𝗻𝗱 𝗼𝗳 𝗦𝗲𝗰𝘁𝗶𝗼𝗻 𝟮"

This post marks the end of section 2 i.e. Networking & Architecture.

Now, Let's take a break for some days from the OpenStack series & discuss some other topics. After that, we will resume with section 3 of the series.

𝗔𝗻𝘀𝘄𝗲𝗿 𝘁𝗼 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟭𝟲 𝗯𝗲𝗹𝗼𝘄 -

Which command options do you use to capture "tcpdump" at various interfaces across the OpenStack environment? How do you rotate the traces & manage space for bulky trace files?

𝗔𝗻𝘀 - Save the following commands & thank me later.

i. Capture a trace on a tap interface (ex. tap12345-ab), inside a compute node
(tcpdump -peni tap12345-ab)

ii. Filter a specific protocol from this trace, say ICMP
(tcpdump -peni tap12345-ab icmp)

iii. Save this trace in a file
(tcpdump -peni tap12345-ab -w trace.pcap)

iv. Keep the trace running & make 4 files of 100 MB each & rotate the filename with current date & time in the filename
(tcpdump -peni tap12345-ab -w trace-%m-%d-%H-%M.pcap -C 100 -W 4)

v. Rotate files every 1 hour or 500 MB (whichever is earlier) & keep the last 4 files only
(tcpdump -peni tap12345-ab -w trace-%m-%d-%H-%M.pcap -G 3600 -C 500 -W 4)

vi. If you want to check the same conversation on the physical NIC of compute (say ens1f0) then apply "-T vxlan" otherwise the encapsulated packets of vxlan tunnels won't be visible.
(tcpdump -nnvve -i ens1f0 -T vxlan -w trace.pcap)

"𝗢𝗽𝗲𝗻𝗦𝘁𝗮𝗰𝗸 𝗶𝗻𝘁𝗲𝗿𝘃𝗶𝗲𝘄 𝗣𝗼𝘀𝘁-𝟭𝟱"

𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟭𝟱

How to analyze network latency between two endpoints?

𝗔𝗻𝘀𝘄𝗲𝗿 𝘁𝗼 𝗤𝘂𝗲𝘀𝘁𝗶𝗼𝗻-𝟭𝟰 𝗯𝗲𝗹𝗼𝘄 -

For what kind of network functions OVS is a good choice & where does SRIOV win over OVS?

𝗔𝗻𝘀 - OpenVswitch (𝗢𝗩𝗦) is a highly intelligent, multilayer software switch, managed by neutron which is the native SDN component of OpenStack. The feature that distinguishes OVS is its capability to manage the networking between all the VMs hosted on a compute server without involving the physical NIC of the host (if the VMs are part of the same subnet).
It doesn't mean that OVS doesn't work well in case of external communication but, it adds an overhead within the compute for every packet processing.

Therefore, 𝗢𝗩𝗦 𝗶𝘀 𝘀𝘂𝗶𝘁𝗮𝗯𝗹𝗲 𝗳𝗼𝗿 all the 𝗰𝗼𝗻𝘁𝗿𝗼𝗹-𝗽𝗹𝗮𝗻𝗲 𝗳𝘂𝗻𝗰𝘁𝗶𝗼𝗻𝘀 like - CSCFs, TAS, PCRF, HSS, MSS server, etc. i.e., for 𝗩𝗡𝗙𝘀 𝗿𝗲𝗾𝘂𝗶𝗿𝗶𝗻𝗴 𝗹𝗼𝘄 𝗻𝗲𝘁𝘄𝗼𝗿𝗸 𝘁𝗵𝗿𝗼𝘂𝗴𝗵𝗽𝘂𝘁𝘀.

𝗦𝗥𝗜𝗢𝗩 - The trick here is to avoid hypervisor altogether and have VM access the physical NIC directly & get connected to the leaf/TOR switch, thus enabling almost line throughput. This increases performance compared to OVS.

𝗦𝗥𝗜𝗢𝗩 𝗶𝘀 𝘀𝘂𝗶𝘁𝗮𝗯𝗹𝗲 𝗳𝗼𝗿 𝗮𝗹𝗹 𝘁𝗵𝗲 𝘂𝘀𝗲𝗿-𝗽𝗹𝗮𝗻𝗲 𝗳𝘂𝗻𝗰𝘁𝗶𝗼𝗻𝘀 like UPF, media gateways, SGW, PGW, vDU/vCU, etc. i.e., for 𝗩𝗡𝗙𝘀 𝗿𝗲𝗾𝘂𝗶𝗿𝗶𝗻𝗴 𝘃𝗲𝗿𝘆 𝗵𝗶𝗴𝗵 𝗻𝗲𝘁𝘄𝗼𝗿𝗸 𝘁𝗵𝗿𝗼𝘂𝗴𝗵𝗽𝘂𝘁𝘀.