Configuring Application Workloads to Use OpenShift Data Foundation Object Storage

Question 1

What are the three parts of object storage in Red Hat OpenShift Data Foundation?

Answer 1

Objects, Buckets, S3 API server

Question 2

What is an object in the context of object storage?

Answer 2

The storage unit with a unique identifier and associated metadata

Question 3

What do buckets contain in object storage?

Answer 3

A set of objects and the policies associated with them

Question 4

What is the role of the S3 API server?

Answer 4

Authenticates applications and stores and retrieves objects from the buckets

Question 5

How can objects be organized in object storage?

Answer 5

By adding a prefix to the name

Question 6

Fill in the blank: Object storage is effective for ______ applications.

Answer 6

[cloud-native]

Question 7

What types of data can applications use object storage for?

Answer 7

Large amounts of unstructured data, such as text, audio, images, video, or binary content

Question 8

List some common use cases for object storage.

Answer 8

• Large data sets
• Unstructured data
• Log files
• Backups for archiving

Question 9

How do applications access buckets and objects using the S3 API?

Answer 9

Through a client library using the HTTP or HTTPS protocol

Question 10

What are the two components of S3 access keys?

Answer 10

• Access key
• Secret access key

Question 11

True or False: The S3 API allows random file access.

Answer 11

False

Question 12

What does the s3cmd tool do?

Answer 12

Manages data in Amazon S3 and other cloud storage providers using the S3 protocol

Question 13

What is required to configure the s3cmd tool?

Answer 13

Create a .s3cfg file in your home directory with S3 credentials

Question 14

Fill in the blank: Bucket replication enables automatic and ______ replication of objects across S3 buckets.

Answer 14

[asynchronous]

Question 15

What is the difference between Single-Region Replication (SRR) and Cross-Region Replication (CRR)?

Answer 15

SRR is for the same region, CRR is for different regions

Question 16

What is object versioning in the context of object storage?

Answer 16

Enables keeping multiple versions of an object in a bucket

Question 17

What command in s3cmd is used to check the status of object versioning?

Answer 17

s3cmd info s3://my-bucket

Question 18

How can you enable object versioning for an S3 bucket?

Answer 18

Using the command: s3cmd setversioning s3://my-bucket enable

Question 19

What does the s3cmd sync command do?

Answer 19

Synchronizes a directory to S3 or S3 to a directory, transferring only new files

Question 20

List the main differences between block, file, and object storage.

Answer 20

• Data access: Block device / File system / S3 API
• Random access: Yes / Yes / No
• Access modes: RWO / RWX / RWX
• Hierarchical: No / Yes / Flat
• Storage unit: Block / File / Object

Question 21

What are the two operators that provide object storage in OpenShift Data Foundation?

Answer 21

• Ceph RADOS Object Gateway (Ceph RGW)
• Multicloud Object Gateway (NooBaa MCG)

Question 22

What is the purpose of Ceph RGW?

Answer 22

Provides a RESTful gateway to Ceph storage clusters with an S3 interface

Question 23

What advantages does the NooBaa MCG provide?

Answer 23

Lightweight object storage service using any Amazon S3-compatible storage with a unique endpoint

Question 24

Fill in the blank: You can configure the backing storage for Ceph RGW or NooBaa MCG depending on the type of ______.

Answer 24

[infrastructure]

Question 25

What deployment mode of NooBaa uses local block or file storage?

Answer 25

Stand-alone deployment mode

Question 26

What is the purpose of an Object Bucket Claim (OBC) in OpenShift?

Answer 26

To request an S3-compatible bucket for object storage.

Question 27

What are the two object storage services included in OpenShift Data Foundation?

Answer 27

* Multicloud Object Gateway (MCG) from NooBaa operator * Ceph RADOS Object Gateway (RGW) from Rook-Ceph operator

Question 28

What does an OBC create when it is instantiated?

Answer 28

* An S3 bucket * A set of associated resources * An application account with read and write permissions

Question 29

True or False: The storage class of an OBC can be changed after creation.

Answer 29

False

Question 30

What is the storage class for Ceph RGW in OpenShift?

Answer 30

ocs-storagecluster-ceph-rgw

Question 31

What protocol does NooBaa MCG use?

Answer 31

HTTPS

Question 32

What is the command to view the details of a storage class in OpenShift?

Answer 32

oc describe storageclass [storage_class_name]

Question 33

Fill in the blank: The object storage class provided by NooBaa MCG is _______.

Answer 33

openshift-storage.noobaa.io

Question 34

What YAML configuration defines an Object Bucket Claim?

Answer 34

apiVersion: objectbucket.io/v1alpha1 kind: ObjectBucketClaim metadata: name: [name] namespace: [namespace] spec: storageClassName: [storage_class] generateBucketName: [bucket_name]

Question 35

What type of resources does the API server create when an OBC is created?

Answer 35

* The object bucket * A configuration map * A secret

Question 36

What does the configuration map created by OpenShift contain?

Answer 36

* S3 endpoint details * Name of the bucket

Question 37

What command is used to extract data from a configuration map?

Answer 37

oc extract configmap/[configmap_name] --to=-

Question 38

What is the default port used by the S3 service from Ceph RGW?

Answer 38

80

Question 39

What is the default protocol and port used by NooBaa MCG?

Answer 39

HTTPS on port 443

Question 40

What are the two external endpoints provided by OpenShift for Ceph RGW?

Answer 40

* Unsecure route on port 80 * Secure route on port 443

Question 41

What is the command to view available OBCs in the current namespace?

Answer 41

oc get objectbucketclaims

Question 42

What type of information does the secret created by OpenShift contain?

Answer 42

* Credentials to authenticate with the S3 API

Question 43

What is the command to extract data from an OBC secret?

Answer 43

oc extract secret/[secret_name] --to=-

Question 44

What is the recommended practice for protecting access and secret keys?

Answer 44

Protect them as passwords.

Question 45

After creating the OBC, what indicates that the object bucket is created?

Answer 45

The bound phase for the associated object bucket resource.

Question 46

What information is included in the S3 service endpoint for a bucket created with NooBaa MCG?

Answer 46

s3.openshift-storage.svc

Question 47

What command can be used to access an S3 bucket with s3cmd?

Answer 47

s3cmd [command]

Question 48

Fill in the blank: The path for the SSL CA certificate file is _______.

Answer 48

/run/secrets/kubernetes.io/serviceaccount/service-ca.crt

Question 49

What is the main objective of configuring applications in OpenShift Data Foundation?

Answer 49

Configure applications to use S3-compatible object storage from Red Hat OpenShift Data Foundation

Question 50

How do applications access S3 buckets?

Answer 50

Applications use a client library to access buckets with the HTTP or HTTPS protocol

Question 51

What do client libraries use to authenticate with the S3 API?

Answer 51

A set of access keys

Question 52

What resources does OpenShift Data Foundation create when an object bucket claim is made?

Answer 52

A configuration map and a secret

Question 53

What information does the configuration map contain?

Answer 53

The S3 endpoint and the name of the S3 bucket

Question 54

What is the default S3 endpoint for OpenShift Data Foundation?

Answer 54

s3.openshift-storage.svc

Question 55

What is the default port for the S3 endpoint?

Answer 55

443

Question 56

What is an example of a bucket name in OpenShift Data Foundation?

Answer 56

my-object-bucket-claim-27f4ce2f-13ca-44cc-b8a5-1a747989cfb3

Question 57

What does the secret contain for accessing the S3 API?

Answer 57

The access keys

Question 58

What is the AWS_ACCESS_KEY_ID example value?

Answer 58

AKIAIOSFODNN7EXAMPLE

Question 59

What is the AWS_SECRET_ACCESS_KEY example value?

Answer 59

wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

Question 60

How can you inject S3 settings into a pod?

Answer 60

By adding environment variables in the container specification

Question 61

What keys indicate the injection of settings from the configuration map and secret?

Answer 61

configMapRef and secretRef

Question 62

What command is used to inject a key-value pair into a container?

Answer 62

oc set env

Question 63

What is the command to inject a configuration map into a deployment?

Answer 63

oc set env --from cm/my-object-bucket-claim deploy/image-tool-s3-obc

Question 64

What is the command to inject a secret into a deployment?

Answer 64

oc set env --from secret/my-object-bucket-claim deploy/image-tool-s3-obc

Question 65

How can you create custom environment variables from configuration maps or secrets?

Answer 65

Using valueFrom with configMapKeyRef or secretKeyRef

Question 66

What does configMapKeyRef do?

Answer 66

Reads value from a key in a configuration map

Question 67

What does secretKeyRef do?

Answer 67

Extracts value from a key in a secret

Question 68

What overrides environment variables defined in the container image?

Answer 68

Environment variables defined with env or envFrom