DevOps Tools Engineer

Unternehmen auf der ganzen Welt implementieren zunehmend DevOps-Praktiken, um die tägliche Systemadministration und Softwareentwicklung zu optimieren. Infolgedessen stellen branchenübergreifende Unternehmen IT-Experten ein, die DevOps effektiv einsetzen können, um Lieferzeiten zu verkürzen und die Qualität bei der Entwicklung neuer Softwareprodukte zu verbessern.

Um diesem wachsenden Bedarf an qualifizierten Fachleuten gerecht zu werden, hat das Linux Professional Institute (LPI) die DevOps Tools Engineer-Zertifizierung des Linux Professional Institute entwickelt, mit der die Fähigkeiten überprüft werden, die für die Verwendung der Tools erforderlich sind, die die Zusammenarbeit in Workflows während der gesamten Systemadministration und Softwareentwicklung verbessern.

Bei der Entwicklung der DevOps Tools Engineer-Zertifizierung für das Linux Professional Institute überprüfte LPI die DevOps Tools-Landschaft und definierte eine Reihe grundlegender Fähigkeiten für die Anwendung von DevOps. Daher konzentriert sich die Zertifizierungsprüfung auf die praktischen Fähigkeiten, die erforderlich sind, um in einer DevOps-Umgebung erfolgreich zu arbeiten - und auf die Fähigkeiten, die für die Verwendung der bekanntesten DevOps-Tools erforderlich sind. Das Ergebnis ist eine Zertifizierung, die die Schnittstelle zwischen Entwicklung und Betrieb abdeckt und für alle IT-Experten relevant ist, die im Bereich DevOps tätig sind.

Die Schulung setzt sich aus 2 Teilen (nur komplett buchbar) à 4 Tage zusammen, in denen der Trainer die vom LPI für die Prüfung vorgegebenen Inhalte (siehe weiter unten) mit den Teilnehmenden aufarbeitet und diese damit in die Lage versetzt, die Prüfung 701 des LPI bestehen. zu können.
Diese Prüfung ist kein Bestandteil der Schulung, es kann jedoch auf Wunsch ein Prüfungsvoucher mitbestellt werden und die Prüfung in einem Pearson VUE Testzentrum abgelegt werden. Prüfungssprachen: Englisch, Japanisch.

Voraussetzungen

Grundsätzliche Kenntnisse in DevOps-bezogenen Bereichen wie Software Engineering und Architektur, Container- und Maschinenbereitstellung, Konfigurationsmanagement und Monitoring.
Die Inhalte zum Beispiel unserer Linux Administrationsschulung bzw LPI-1-relevante Themen (LPI 1 Vorbereitung) sollten nicht fremd sein.

Inhalt

701: Software Engineering

701.1 Modern Software Development (weight: 6)

Key Knowledge Areas:

  • Understand and design service based applications
  • Understand common API concepts and standards
  • Understand aspects of data storage, service status and session handling
  • Understand the properties of cloud native applications
  • Design software to be run in containers
  • Design software to be deployed to cloud services
  • Awareness of risks in the migration and integration of monolithic legacy software
  • Awareness of database schema updates and database migrations
  • Understand the concept of agile software development
  • Understand the concept of DevOps and its implications to software developers and operators

The following is a partial list of the used files, terms and utilities:

  • REST, JSON
  • Service Orientated Architectures (SOA)
  • Microservices
  • Immutable servers
  • Loose coupling
  • Test-driven development

701.2 Standard Components and Platforms for Software (weight: 3)

Key Knowledge Areas:

  • Features and concepts of object storage
  • Features and concepts of relational and NoSQL databases
  • Features and concepts of message brokers and message queues
  • Features and concepts of big data services
  • Features and concepts of computing services / IaaS
  • Features and concepts of application runtimes / PaaS
  • Features and concepts of hosted application / SaaS
  • Features and concepts of function application / FaaS
  • Features and concepts of content delivery networks
  • Awareness of identity and access management in cloud services

The following is a partial list of the used files, terms and utilities:

  • Objects, Buckets, ACLs, S3
  • MariaDB, MySQL, PostgreSQL
  • Redis, MongoDB, InfluxDB
  • Elasticsearch and OpenSearch
  • Kafka, MQTT
  • IAM

701.3 Source Code Management (weight: 6)

Key Knowledge Areas:

  • Understand Git concepts and repository structure
  • Manage files within a Git repository
  • Manage branches and tags
  • Work with remote repositories and branches as well as submodules
  • Merge files and branches
  • Awareness of SVN and CVS, including concepts of centralized and distributed SCM solutions

The following is a partial list of the used files, terms and utilities:

  • git
  • .gitignore

701.4 Continuous Integration and Continuous Delivery (weight: 3)

Key Knowledge Areas:

  • Understand the concepts of Continuous Integration and Continuous Delivery
  • Understand the components of a CI/CD pipeline, including builds, unit, integration and acceptance tests, artifact management, delivery and deployment
  • Understand the concepts of GitOps
  • Understand the role of build artifacts and caches
  • Understand deployment best practices
  • Understand semantic versioning
  • Awareness of Jenkins and Gitlab CI
  • Awareness of Artifactory and Nexus

The following is a partial list of the used files, terms and utilities:

  • Declarative Pipeline
  • Production, Staging and Development Environments
  • Feature toggles
  • Preview releases
  • Reconciliation loops
  • A/B testing
  • Blue-green and canary deployment

701.5 Software Composition, Licensing and Open Source (weight: 2)

Key Knowledge Areas:

  • Understand how an application is build out of multiple software components
  • Awareness of dependency managers like NPM, gradle or composer
  • Understand the concepts proprietary and open source software
  • Understand the concepts of open source software licenses
  • Awareness of commonly used open source licenses (GPL, LGPL, AGPL, BSD, MIT and Apache License)
  • Awareness of license compatibility and multi licensing

The following is a partial list of the used files, terms and utilities:

  • Software libraries
  • Software Bill Of Materials
  • Proprietary software
  • Open Source Software and Free Software
  • Copyleft open source software licenses
  • Permissive open source software licenses

702: Application Container

702.1 Application Container Management (weight: 5)

Key Knowledge Areas:

  • Understand the Docker and Podman architecture
  • Use existing images from an OCI registry
  • Operate and access containers
  • Understand Docker networking concepts, including overlay networks
  • Understand the concepts of DNS service discovery
  • Connect container to container networks and use DNS for service discovery
  • Understand Docker storage concepts
  • Use Docker volumes for shared and persistent container storage
  • Awareness of rootless containers

The following is a partial list of the used files, terms and utilities:

  • docker container
  • docker network
  • docker image
  • docker volume
  • podman container
  • podman network
  • podman image
  • podman volume

702.2 Container Orchestration (weight: 3)

Key Knowledge Areas:

  • Understand the application model of Docker Compose
  • Create and run Docker Compose Files (version 3 or later)
  • Define services, networks and volumes, along with their commonly used properties, in Docker Compose files
  • Use Docker Compose to update running containers to newer images

The following is a partial list of the used files, terms and utilities:

  • docker compose
  • podman-compose
  • docker-compose.yml

702.3 Container Image Building (weight: 5)

Key Knowledge Areas:

  • Create Dockerfiles and build images from Dockerfiles
  • Understand OCI image
  • Upload images to a Docker registry
  • Understand the principles of image scanners
  • Understand security risks of container virtualization and container images and how to mitigate them
  • Awareness Docker buildx, Docker Buildkit, Podman build and Buildah

The following is a partial list of the used files, terms and utilities:

  • docker image *
  • docker login
  • Dockerfile
  • Containerfile
  • .dockerignore
  • FROM
  • COPY
  • ADD
  • RUN
  • VOLUME
  • EXPOSE
  • USER
  • WORKDIR
  • ENV
  • ARG
  • CMD
  • ENTRYPOINT

703: Kubernetes

703.1 Kubernetes Architecture and Usage (weight: 4)

Key Knowledge Areas:

  • Understand the major components and services in a Kubernetes cluster
  • Configure kubectl to use an existing Kubernetes cluster
  • Use kubectl to get information about Kubernetes resources
  • Use kubectl to create, modify and delete resources
  • Awareness of Kubernetes Operators

partial list of the used files, terms and utilities:

  • API-Server, etcd, Controller Manager, Scheduler
  • ~/.kube/config
  • kubectl get
  • kubectl describe
  • kubectl apply
  • kubectl create
  • kubectl run
  • kubectl expose
  • kubectl scale
  • kubectl set
  • kubectl edit
  • kubectl explain
  • kubectl config
  • kubectl logs
  • kubectl exec

703.2 Basic Kubernetes Operations (weight: 7)

Key Knowledge Areas:

  • Understanding the use of YAML files to declare Kubernetes resources
  • Understanding the principle of a Pod
  • Understanding how to use Deployments, including scaling and rolling updates
  • Understanding how to make services accessible using Services and Ingress
  • Understanding how to use storage using PersistentVolumeClaims
  • Awareness of other Kubernetes orchestration resources, i.e. DaemonSets, StatefulSets, Jobs and CronJobs

partial list of the used files, terms and utilities:

  • Pods
  • ReplicaSets
  • Deployments
  • Services
  • Ingress
  • PersistentVolumeClaims
  • ConfigMaps
  • Secrets

703.3 Kubernetes Package Management (weight: 2)

Key Knowledge Areas:

  • Understanding the concepts of Charts, Releases and Values
  • Installation, upgrading and uninstalling software using Helm
  • Specify custom values to configure software installed using Helm
  • Awareness of Kustomize
  • Awareness of Flux CD and Argo CD

The following is a partial list of the used files, terms and utilities:

  • helm install
  • helm upgrade
  • helm list
  • helm uninstall
  • values.yaml

704: Security and Observability

704.1 Cloud Native Security (weight: 4)

Key Knowledge Areas:

  • Understand core IT infrastructure components and their role in deployment
  • Understand common IT infrastructure security risks and ways to mitigate them
  • Understand supply chain security and dependencies on foreign code
  • Understand common application security risks and ways to mitigate them
  • Understand the concepts of asymmetric cryptography and digital certificates
  • Understand the principles of common standard for authentication and authorization
  • Understand how to manage user credentials and how to use advanced authentication technologies

The following is a partial list of the used files, terms and utilities:

  • Service exploits, brute force attacks, and denial of service attacks
  • Security updates, packet filtering, load balancers and application gateways
  • Cross site scripting, verbose error reports
  • API authentication
  • Buffer overflows, SQL injections
  • API access, permissions, verbosity and rate limits
  • CORS headers and CSRF tokens
  • Common Vulnerabilities and Exposures (CVE)
  • CVE IDs and CVE scores
  • Public key, private key, X.509 certificate, certificate authority
  • TLS, transport encryption
  • Single sign-on (SSO)
  • OAuth2, OpenID Connect and SAML
  • Two-factor authentication (2FA) and multi-factor authentication (MFA)
  • One-time passwords (OTP), time-based one-time passwords (TOTP)
  • Authenticator applications
  • Password hashing and salting

704.2 Prometheus Monitoring (weight: 6)

Key Knowledge Areas:

  • Understand goals of IT operations and service provisioning, including nonfunctional properties such as availability, latency, responsiveness
  • Understand and identify metrics and indicators to monitor and measure the technical functionality of a service
  • Understand and identify metrics and indicators to monitor and measure the logical functionality of a service
  • Understand the concepts of Prometheus, including Exporters, Pushgateway, Alertmanager and Grafana
  • Understand the architecture of Prometheus
  • Set up Prometheus and configure file based service discovery
  • Monitor containers and microservices using Prometheus
  • Use PromQL to retrieve log data
  • Aggregate metrics for specific labels
  • Aggregate metrics over time
  • Awareness of common exporters
  • Awareness of application instrumentation
  • Awareness of Thanos

The following is a partial list of the used files, terms and utilities:

  • Prometheus, Exporters, AlertManager, Grafana
  • Label selectors
  • Instant vectors and aggregate functions
  • Range vectors and aggregate functions
  • Node Exporter and Blackbox Exporter

704.3 Log Management and Analysis (weight: 2)

Key Knowledge Areas:

  • Understand how application and system logging works
  • Understand the architecture and features of commonly used open source logging stacks
  • Awareness of syslogd and systemd-journald

The following is a partial list of the used files, terms and utilities:

  • Elasticsearch and OpenSearch
  • Logstash and filebeat
  • Fluentd and FluentBit
  • Kibana
  • Loki and promtail
  • Grafana
  • Greylog2

704.4 Tracing (weight: 2)

Key Knowledge Areas:

  • Understanding the concepts of tracing
  • Understanding the concepts of OpenTelemetry
  • Awareness of commonly used open source telemetry analysis tools
  • Awareness of application instrumentation

The following is a partial list of the used files, terms and utilities:

  • OpenTelemetry
  • Spans and Distributed Traces
  • Contexts, Span and Trace IDs
  • Span attributes, events, links, status and kind
  • Grafana Tempo
  • Jaeger

Kurszeiten

Wer möchte, reist bis 22 Uhr am Vortag an und nutzt den Abend bereits zum Fachsimpeln am Kamin oder im Park.

An Kurstagen gibt es bei uns ab 8 Uhr Frühstück.

Unsere Kurse beginnen um 9 Uhr und enden um 18 Uhr.

Neben den kleinen Pausen gibt es eine Stunde Mittagspause mit leckerem, frisch in unserer Küche zubereitetem Essen.

Nach der Schulung anschließend Abendessen und Angebote für Fachsimpeln, Ausflüge uvm. Wir schaffen eine Atmosphäre, in der Fachleute sich ungezwungen austauschen. Wer das nicht will, wird zu nichts gezwungen und findet auch jederzeit Ruhe.