Simone “Simo” Bertull: LPI’s Certifications - What Is Your Path?

In this post I will do something different from the previous ones: I will be matching the LPI’s certifications panel with specific job descriptions and career paths.

LPI offers technical certifications for every level of training and on different subjects. Each certification aims at a specific objective and groups together topics that best prepare people with the skills they need to apply the technology at work.

The LPI certification program is a smooth, well-run framework. OK: I am slightly biased, here… 

But I do believe that, to exploit each of these certifications entirely, it is helpful to think about them, to approach them, in terms of professional paths, paths that are not necessarily linked to aiming for the highest step of specialization, but to consolidate your knowledge in a specific area of interest or application.

Your career’s colors

In other words: the certifications, as a whole, are a palette: it’s you who is going to choose the best colors for your painting, your career.

Hence, I would not say that there is only "the one" path that is necessarily the best, but that there are many, the best fit being the one with the specific skills required by the work market for one particular role.

Another good reason this approach can be helpful is that there is never just "the one" technology in the open-source world to which we have to refer, to deal with, to work on.

With a set of technologies and tasks in mind, having a path as defined or structured as possible allows you to create very well consolidated and, therefore, more “vertical” skill sets, focusing on the quality of training on them.

Begin from the beginning

Generally speaking, the starting point is the Linux Essentials https://www.lpi.org/our-certifications/linux-essentials-overview certification and the first step of the professional path, the LPIC-1 certification https://www.lpi.org/our-certifications/lpic-1-overview, to get the basics of system and network administration.

I also strongly recommend the BSD Specialist https://www.lpi.org/it/our-certifications/bsd-overview certification, as it is very similar to the LPIC-1 one in terms of competence and knowledge covered, but with a few important differences.

Differences because, after all, we are talking about diverse ecosystems from a technical point of view. In my opinion the LPIC-1 and the BSD Specialist certifications aren’t interchangeable (given the “verticality” of the different operating systems ). This is why they must be evaluated in a global view of their complementarity, within the broad Open Source universe.

I wanted to consider Linux Essentials as the starting point just to remind everybody how important small steps are at the beginning of a long journey ;-).

Below, we see the roadmap of certifications as proposed by LPI itself:

LPI roadmap - the future's hiring.

Following what we can see above, I will share with you my personal opinion about how an IT professional can “play”, with the roadmap, as from my own experiences at work and analyzing how certifications play their role in multiple environments.

Path #1: Linux Essentials + LPIC-1 + BSD Specialist

Position: Junior Sysadmin.

The Junior Sysadmin title can be associated with several job titles, such as "Unix Administrator", "Server Administrator", or "IT Administrator". Sometimes, with technical support or help desk too.

This first path aims to give solid knowledge to start working in the Linux / Open Source world, thus allowing certified people to be able to cover the following roles in various operating environments:

◉ Technical Support / Help Desk

◉ Unix Administrator

◉ Server Administrator

◉ IT Administrator

Path #1: Linux Essentials + LPIC-1 + BSD Specialist

Path #2: Linux Essentials + BSD Specialist + LPIC-1 + LPIC-2

Position: Advanced level help desk - Senior Sysadmin.

“Senior” level system administrator with more in-depth skills, such as being able also to be a network engineer of a Network Operation Center (NOC). This level also corresponds to an advanced level help desk qualification.

Compared to the #1path, the LPIC-2 step is added, to consolidate system knowledge previously acquired with other skills such as the management of e-mail servers, DNS, file sharing, insights on some security elements and much more; in the networking field, management of switches, routers and other network devices that use hardened versions of Linux or BSD as operating systems.

Path #2: Linux Essentials + BSD Specialist + LPIC-1 + LPIC-2

Path #3: Linux Essentials + BSD Specialist + LPIC-1 + LPIC-2 + LPIC-3 Mixed

Position: Sysadmin specialist.

A professional who has the skills to be able to work both as a systems engineer and as an advanced level network engineer; in short, this is the training path for the "definitive system engineer" :-)

The LPIC-3 Mixed Environment https://www.lpi.org/our-certifications/lpic-3-300-overview, in this case, consolidates the high-end Linux systems skills taking into consideration the integration between a number of operating systems with all the relative features, such as LDAP configuration issues, SAMBA, Active management Directory, management of Windows clients and related file systems in mixed, complex and structured environments.

Path #3: Linux Essentials + BSD Specialist + LPIC-1 + LPIC-2 + LPIC-3 Mixed

Path #4: Linux Essentials + BSD Specialist + LPIC-1 + LPIC-2 + LPIC-3 Security

Position: Security specialist.

This is a very crucial role, in high demand because it is difficult to get security right, and security resources are generally limited.

The path inherent in IT security notoriously has to cover large macro-areas: I strongly recommend here both the specialist certifications, including LPIC-3 Mixed Environment https://www.lpi.org/our-certifications/lpic-3-300-overview as it deals with the interaction with other operating systems.

LPIC-3 Security https://www.lpi.org/our-certifications/lpic-3-303-overview, of course, will cover all the aspects of the complex IT security world, leaving the certified professional with a good understanding of the right modus operandi.

Path #4: Linux Essentials + BSD Specialist + LPIC-1 + LPIC-2 + LPIC-3 Security

Path #5: Linux Essentials + BSD Specialist + LPIC-1 + LPIC-2 + LPIC-3 Virtualization + DevOps

Position: Cloud specialist.

This position is required as an internal resource in many companies, and to manage third-party cloud providers as well. In such working environments, skills in DevOps and CI / CD are in play too.

The demand for experienced and suitably trained personnel on cloud technologies is always very high, given the great benefits that this method of providing services brings with itself.

In this case, the LPIC-3 Virtualization and Containerization certification https://www.lpi.org/our-certifications/lpic-3-305-overview is a "must-have" to begin to understand this world which is as complex as it is fascinating; the DevOps Tools Engineer https://www.lpi.org/our-certifications/devops-overview certification covers very useful and interesting topics such as the various Cloud techniques, Machine Deployment & Orchestration, the phases of Service Operations, Container Deployment and much more.

Path #5: Linux Essentials + BSD Specialist + LPIC-1 + LPIC-2 + LPIC-3 Virtualization + DevOps

Path #5 plus: how to go even further

In this case, however, we can open up two even more specialized routes, since as we now know, the 304 virtualization and high-reliability exam has been split into two exams:

◉ LPIC-3 Virtualization and Containerization 3.0 (exam 305) https://www.lpi.org/our-certifications/lpic-3-305-overview 

◉ LPIC-3 High Availability Systems and Storage 3.0 (exam 306) https://www.lpi.org/our-certifications/lpic-3-306-overview 

Exam 305 covers the whole area of virtual machines, containers, and the relative orchestration tools, with all the existing technologies being addressed.

Exam 306, on the other hand, deals with the topics of high reliability, management of clusters, and resources distributed over several computing nodes, passing through topics such as storage and file systems in distributed environments.

It totally makes sense to have two separate exams, as just one exam cannot cover in a detailed and exhaustive manner all the technical matters related to virtualization and high reliability.

To become a specialist of the field you have to segment and investigate clusters of closely related topics. I have taken the 304 exam in 2019, I can say in no uncertain terms how much the certified skills and knowledge match the actual work in the field.

An example? The virtualization and high reliability topics are intended for an audience of systems engineers, but it is related to containers too, and everything about this cluster of topics is of interest for the DevOps universe, building a sort of virtual bridge between certifications.

This ultimate path, as, of course, the previous ones for different positions and careers, stresses exactly what I try to achieve for my professional development: grasping the possibility of “verticalization” of skills and competence, enriching your curriculum with an extra qualification. Something that people looking for continuous improvement definitely love :)

Read More: Simone “Simo” Bertulli: Lpic-3 Security - How to Approach the Certification

Source: lpi.org

Continue reading

Linux Certifications Overview

Linux skills certification

LPI is committed to the development of a global standard in Linux certification. We believe that such a certification program must meet the requirements of both IT professionals and the organizations that would employ them. To achieve this goal we have adopted an open, rigorous, and consultative development process which uses both volunteer and hired resources. Our development process is widely recognized and endorsed and has met the strict requirements of independent certification authorities.

The LPI Certification Program is:

◈ Designed by a community of Linux professionals, volunteers, vendors and educators

◈ Challenging: if you don't know the subjects you won't pass

◈ Accessible and available at thousands of test centres around the world or at special events

◈ Of high quality: relying on critical input from numerous Linux experts and employing scientific and industry-recognized psychometric processes

◈ Distribution-neutral: verifying knowledge on any standard Linux system

◈ Relevant: surveying thousands to determine the skills that need to be tested

◈ Training-vendor independent: encouraging a variety of methods and approaches to test preparation

◈ Supported and sponsored by a large number of Linux companies and projects

◈ A certification the Linux community can respect and be proud of

The LPIC Program

The Linux Professional Institute Certification (LPIC) program is designed to certify the competency of IT professionals using the Linux operating system and its associated tools. It is designed to be distribution neutral, following the Linux Standard Base and other relevant standards and conventions. The LPIC program is designed in multiple levels. Determining which tasks were suitable to each level was done using a "Job Task Analysis" (JTA) survey. As with all of the LPIC exam development processes, the JTA was developed and executed using recognized psychometric processes, to ensure its relevance and high quality. For more information on our "Job Task Analysis" see this page. The LPIC program consists of three levels of certification: LPIC-1, LPIC-2 and LPIC-3.

Also Read: LPI Certifications

Continue reading

The Ultimate Guide to LPI Certifications - Overview

The Linux Professional Institute (LPI) is a nonprofit organization based in Toronto, Canada that increases the use of Linux, open source and free software. One way in which the organization furthers its mission is to give vendor-neutral Linux certifications to IT professionals around the globe. With "more than 500,000 exams delivered" to candidates LPI stakes a claim as “the world’s first and largest vendor-neutral Linux and open source certification body.”

LPI Certification Overview

The LPI certification program is simple. It includes three certifications that make on one another:

◈ LPIC-1: Linux Administrator — the Entry-level accreditation that recognizes individuals who can install and configure a workstation running Linux, maintain the system from the command line and set a primary network
◈ LPIC-2: Linux Engineer — Mid-level certification designed for professionals who administer small- to medium-sized mixed networks
◈ LPIC-3: Linux Enterprise Professional — the Senior-level accreditation that identifies Linux professionals who plan, conceptualize, design, implement and troubleshoot Linux installations in enterprise environments

LPI Linux Essentials

◈ What: Ability to use basic console line editor and demonstrate an understanding of processes, programs and components of the Linux Operating System.

◈ How: Pass the LPI 010 exam; 40 multiple-choice questions in 60 minutes.

◈ Cost: $110 USD (1 exam, certificate does not expire). Price may vary per region. Learn More

LPIC-OT 701: DevOps Tools Engineer

◈ What: Have a working knowledge of DevOps-related domains such as Software Engineering and Architecture, Container and Machine Deployment, Configuration Management and Monitoring.

◈ How: Pass LPI 701 exam; 60 multiple-choice and fill-in-the-blank questions in 90 minutes.

◈ Cost: $200 USD (1 exam, certification valid for 5 years). Price may vary per region. Learn More

LPIC-1 Certified Linux Administrator

◈ What: Ability to perform maintenance tasks with the command line, install and configure a computer running Linux and be able to configure basic networking.

◈ How: Pass LPI 101 and 102 exams; each exam is 60 multiple-choice and fill-in-the-blank questions in 90 minutes.

◈ Cost: $200 USD per exam (2 exams, certification valid for 5 years). Price may vary per region. Learn More

LPIC-2 Certified Linux Engineer

◈ What: Ability to administer small to medium–sized mixed networks.

◈ How: Pass LPI 201 and 202 exams; each exam is 60 multiple-choice and fill-in-the-blank questions in 90 minutes. Must also have active LPIC-1 certification.

◈ Cost: $200 USD per exam (2 exams, certification valid for 5 years). Price may vary per region. Learn More

LPIC-3 300: Linux Enterprise Professional Mixed Environment

◈ What: Ability to integrate Linux services in an enterprise-wide mixed environment.

◈ How: Pass LPI 300 exam; 60 multiple-choice and fill-in-the-blank questions in 90 minutes. Must also have active LPIC-2 certification.

◈ Cost: $200 USD (1 exam, certification valid for 5 years). Price may vary per region. Learn More

LPIC-3 303: Linux Enterprise Professional Security

◈ What: Ability to secure and harden Linux-based servers, services and networks enterprise-wide.

◈ How: Pass LPI 303 exam; 60 multiple-choice and fill-in-the-blank questions in 90 minutes. Must also have active LPIC-2 certification.

◈ Cost: $200 USD (1 exam, certification valid for 5 years). Price may vary per region. Learn More

LPIC-3 304: Linux Enterprise Professional Virtualization and High Availability

◈ What: Ability to plan and implement enterprise-wide virtualization and high availability setups using Linux-based technologies.

◈ How: Pass LPI 304 exam; 60 multiple-choice and fill-in-the-blank questions in 90 minutes. Must also have active LPIC-2 certification.

◈ Cost: $200 USD (1 exam, certification valid for 5 years). Price may vary per region. Learn More

Continue reading

Linux Professional Institute (LPI) Certifications

Started back in 1999 by Linus Torvalds, these Linux certifications today has become important for any Linux professional. This program is available in three distinct levels, which are:

LPIC- 1: Linux Administrator

It is a junior-level Linux certification with no perquisites. The candidate needs to pass 2 exams, which covers all basic Linux skills that even include installing and configuring Linux on a workstation, performing maintenance tasks, making LAN or internet connections, and more. Obtain CompTIA Linux+ powered by LPI credential first; which will make you qualified both for Linux+ and LPIC-1 credentials.

LPIC- 2: Linux Engineer

This is an advanced level Linux Certification, which requires an active LPIC-1 certification. It has two exams- First covers the file system and devices, kernel, system startup, network configuration, system maintenance, storage administration, and even capacity planning and the second exam covers email services, network client management, domain name servers, system security and troubleshooting, and the like tasks.

LPIC- 3: Linux Enterprise Professional Certification

It is a senior-level Linux certification, which needs an active LPIC-2 besides passing any single exam in the 300 series. This certification includes exam IDs, which are:

◈ 300: Mixed Environment

◈ 303: Security

◈ 304: Virtualization and High Availability

300: Mixed Environment covers Samba, work with Linux & windows client, and even plus OpenLDAP.

303: Security covers operations, application security, and the network are covered under the security exam besides cryptography and access controls.

304: Virtualization and High Availability covers virtualization and high availability cluster storage and engagement.

Latest Certification in LPIC

LPI’s latest certification is the LPIC-OT DevOps Tools Engineer, which allows the Linux professionals to utilize the tools for collaboration during software and system development. The exam has 60 questions and it lasts for about 90 minutes.

Linux professionals, thus, have a whole new set of Linux certifications to attain in 2019. We believe that this guide is helpful for all the Linux professionals in finding some of the best Linux certifications and finding a new way in the world of Linux thereafter.

Continue reading

Linux Professional Institute DevOps Tools Engineer

Businesses across the globe are increasingly implementing DevOps practices to optimize daily systems administration and software development tasks. As a result, businesses across industries are hiring IT professionals that can effectively apply DevOps to reduce delivery time and and improve quality in the development of new software products.

To meet this growing need for qualified professionals, LPI developed the Linux Professional Institute DevOps Tools Engineer certification which verifies the skills needed to use the tools that enhance collaboration in workflows throughout system administration and software development.

In developing the Linux Professional Institute DevOps Tools Engineer certification, LPI reviewed the DevOps tools landscape and defined a set of essential skills when applying DevOps. As such, the certification exam focuses on the practical skills required to work successfully in a DevOps environment -- focusing on the skills needed to use the most prominent DevOps tools. The result is a certification that covers the intersection between development and operations, making it relevant for all IT professionals working in the field of DevOps.

Current Version: 1.0 (Exam code 701-100)

Prerequisites: There are no prerequisites for this certification.

Requirements: Pass the Linux Professional Institute DevOps Tools Engineer exam. The 90-minute exam consists of 60 multiple choice and fill-in-the-blank questions.

Validity Period: 5 years

Languages: English

To receive the Linux Professional Institute DevOps Tools Engineer Certification the candidate must:

◈ Have a working knowledge of DevOps-related domains such as Software Engineering and Architecture, Container and Machine Deployment, Configuration Management and Monitoring.

◈ Have proficiency in prominent free and open source utilities such as Docker, Vagrant, Ansible, Puppet, Git, and Jenkins.

Skills in DevOps Tools Enhance Many Job Roles such as:

Developers

Front End Web Developer

Back End Web Developer

Java Developer

Python Developer

PHP Developer

Mobile Developer

SQL Database Developer

Embedded Systems Engineer/Developer

System Administrators

Cloud Architect

Database Administrator

Big Data Architect

Network or Server Virtualization Specialist

Systems Analyst

Engineers

Development Team Lead

Operations Team Lead

Quality Assurance/Quality Control Specialist

Cloud Architect

Software Architect

Microsoft Systems Engineer

Network Administrator

Information Security Specialist

DevOps Tools Engineer Certification holders validate that they:

Have a working understanding of:

◈ Modern software applications and cloud services
◈ How tools support DevOps collaboration

Can apply their knowledge to:

◈ Set up Continuous Integration and Continuous Delivery pipelines
◈ Build, deploy and orchestrate application containers
◈ Automate system configuration
◈ Build system images and run them locally and in the cloud
◈ Monitor applications and computing instances

◈ Manage, collect and analyze log data
◈ Use Source Code Management and Version Control

Exam 701 Topics

◈ Software Engineering
◈ Container Management
◈ Machine Deployment
◈ Configuration Management
◈ Service Operations

Detailed Exam 701 Objectives

Continue reading

Objectives: LPIC-OT Exam 701 - DevOps Tools Engineer

Topic 701: Software Engineering

701.1 Modern Software Development (weight: 6) 

Weight: 6

Description: Candidates should be able to design software solutions suitable for modern runtime environments. Candidates should understand how services handle data persistence, sessions, status information, transactions, concurrency, security, performance, availability, scaling, load balancing, messaging, monitoring and APIs. Furthermore, candidates should understand the implications of agile and DevOps on software development.

Key Knowledge Areas:

◈ Understand and design service based applications
◈ Understand common API concepts and standards
◈ Understand aspects of data storage, service status and session handling
◈ Design software to be run in containers
◈ Design software to be deployed to cloud services
◈ Awareness of risks in the migration and integration of monolithic legacy software
◈ Understand common application security risks and ways to mitigate them
◈ Understand the concept of agile software development
◈ Understand the concept of DevOps and its implications to software developers and operators

The following is a partial list of the used files, terms and utilities:

◈ REST, JSON
◈ Service Orientated Architectures (SOA)
◈ Microservices
◈ Immutable servers
◈ Loose coupling
◈ Cross site scripting, SQL injections, verbose error reports, API authentication, consistent enforcement of transport encryption
◈ CORS headers and CSRF tokens
◈ ACID properties and CAP theorem

701.2 Standard Components and Platforms for Software (weight: 2)

Weight: 2

Description: Candidates should understand services offered by common cloud platforms. They should be able to include these services in their application architectures and deployment toolchains and understand the required service configurations. OpenStack service components are used as a reference implementation.

Key Knowledge Areas:

◈ Features and concepts of object storage
◈ Features and concepts of relational and NoSQL databases
◈ Features and concepts of message brokers and message queues
◈ Features and concepts of big data services
◈ Features and concepts of application runtimes / PaaS
◈ Features and concepts of content delivery networks

The following is a partial list of the used files, terms and utilities:

◈ OpenStack Swift
◈ OpenStack Trove
◈ OpenStack Zaqar
◈ CloudFoundry
◈ OpenShift

701.3 Source Code Management (weight: 5)

Weight: 5

Description: Candidates should be able to use Git to manage and share source code. This includes creating and contributing to a repository as well as the usage of tags, branches and remote repositories. Furthermore, the candidate should be able to merge files and resolve merging conflicts.

Key Knowledge Areas:

◈ Understand Git concepts and repository structure
◈ Manage files within a Git repository
◈ Manage branches and tags
◈ Work with remote repositories and branches as well as submodules
◈ Merge files and branches
◈ Awareness of SVN and CVS, including concepts of centralized and distributed SCM solutions

The following is a partial list of the used files, terms and utilities:

◈ git
◈ .gitignore

701.4 Continuous Integration and Continuous Delivery (weight: 5)

Weight: 5

Description: Candidates should understand the principles and components of a continuous integration and continuous delivery pipeline. Candidates should be able to implement a CI/CD pipeline using Jenkins, including triggering the CI/CD pipeline, running unit, integration and acceptance tests, packaging software and handling the deployment of tested software artifacts. This objective covers the feature set of Jenkins version 2.0 or later.

Key Knowledge Areas:

◈ Understand the concepts of Continuous Integration and Continuous Delivery
◈ Understand the components of a CI/CD pipeline, including builds, unit, integration and acceptance tests, artifact management, delivery and deployment
◈ Understand deployment best practices
◈ Understand the architecture and features of Jenkins, including Jenkins Plugins, Jenkins API, notifications and distributed builds
◈ Define and run jobs in Jenkins, including parameter handling
◈ Fingerprinting, artifacts and artifact repositories
◈ Understand how Jenkins models continuous delivery pipelines and implement a declarative continuous delivery pipeline in Jenkins
◈ Awareness of possible authentication and authorization models
◈ Understanding of the Pipeline Plugin
◈ Understand the features of important Jenkins modules such as Copy Artifact Plugin, Fingerprint Plugin, Docker Pipeline, Docker Build and Publish plugin, Git Plugin, Credentials Plugin
◈ Awareness of Artifactory and Nexus

The following is a partial list of the used files, terms and utilities:

◈ Step, Node, Stage
◈ Jenkins SDL
◈ Jenkinsfile
◈ Declarative Pipeline
◈ Blue-green and canary deployment

Topic 702: Container Management

702.1 Container Usage (weight: 7)

Weight: 7

Description: Candidates should be able to build, share and operate Docker containers. This includes creating Dockerfiles, using a Docker registry, creating and interacting with containers as well as connecting containers to networks and storage volumes. This objective covers the feature set of Docker version 17.06 or later.

Key Knowledge Areas:

◈ Understand the Docker architecture
◈ Use existing Docker images from a Docker registry
◈ Create Dockerfiles and build images from Dockerfiles
◈ Upload images to a Docker registry
◈ Operate and access Docker containers
◈ Connect container to Docker networks
◈ Use Docker volumes for shared and persistent container storage

The following is a partial list of the used files, terms and utilities:

◈ docker
◈ Dockerfile
◈ .dockerignore

702.2 Container Deployment and Orchestration (weight: 5)

Weight: 5

Description: Candidates should be able to run and manage multiple containers that work together to provide a service. This includes the orchestration of Docker containers using Docker Compose in conjunction with an existing Docker Swarm cluster as well as using an existing Kubernetes cluster. This objective covers the feature sets of Docker Compose version 1.14 or later, Docker Swarm included in Docker 17.06 or later and Kubernetes 1.6 or later.

Key Knowledge Areas:

◈ Understand the application model of Docker Compose
◈ Create and run Docker Compose Files (version 3 or later)
◈ Understand the architecture and functionality of Docker Swarm mode
◈ Run containers in a Docker Swarm, including the definition of services, stacks and the usage of secrets
◈ Understand the architecture and application model Kubernetes
◈ Define and manage a container-based application for Kubernetes, including the definition of ◈ Deployments, Services, ReplicaSets and Pods

The following is a partial list of the used files, terms and utilities:

◈ docker-compose
◈ docker
◈ kubectl

702.3 Container Infrastructure (weight: 4)

Weight: 4

Description: Candidates should be able to set up a runtime environment for containers. This includes running containers on a local workstation as well as setting up a dedicated container host. Furthermore, candidates should be aware of other container infrastructures, storage, networking and container specific security aspects. This objective covers the feature set of Docker version 17.06 or later and Docker Machine 0.12 or later.

Key Knowledge Areas:

◈ Use Docker Machine to setup a Docker host
◈ Understand Docker networking concepts, including overlay networks
◈ Create and manage Docker networks
◈ Understand Docker storage concepts
◈ Create and manage Docker volumes
◈ Awareness of Flocker and flannel
◈ Understand the concepts of service discovery
◈ Basic feature knowledge of CoreOS Container Linux, rkt and etcd
◈ Understand security risks of container virtualization and container images and how to mitigate them

The following is a partial list of the used files, terms and utilities:

◈ docker-machine

Topic 703: Machine Deployment

703.1 Virtual Machine Deployment (weight: 4)

Weight: 4

Description: Candidates should be able to automate the deployment of a virtual machine with an operating system and a specific set of configuration files and software.

Key Knowledge Areas:

◈ Understand Vagrant architecture and concepts, including storage and networking
◈ Retrieve and use boxes from Atlas
◈ Create and run Vagrantfiles
◈ Access Vagrant virtual machines
◈ Share and synchronize folder between a Vagrant virtual machine and the host system
◈ Understand Vagrant provisioning, including File, Shell, Ansible and Docker
◈ Understand multi-machine setup

The following is a partial list of the used files, terms and utilities:

◈ vagrant
◈ Vagrantfile

703.2 Cloud Deployment (weight: 2)

Weight: 2

Description: Candidates should be able to configure IaaS cloud instances and adjust them to match their available hardware resources, specifically, disk space and volumes. Additinally, candidates should be able to configure instances to allow secure SSH logins and prepare the instances to be ready for a configuration management tool such as Ansible.

Key Knowledge Areas:

◈ Understanding the features and concepts of cloud-init, including user-data and initializing and configuring cloud-init
◈ Use cloud-init to create, resize and mount file systems, configure user accounts, including login credentials such as SSH keys and install software packages from the distribution’s repository
◈ Understand the features and implications of IaaS clouds and virtualization for a computing instance, such as snapshotting, pausing, cloning and resource limits.

703.3 System Image Creation (weight: 2)

Weight: 2

Description: Candidates should be able to create images for containers, virtual machines and IaaS cloud instances.

Key Knowledge Areas:

◈ Understand the functionality and features of Packer
◈ Create and maintain template files
◈ Build images from template files using different builders

The following is a partial list of the used files, terms and utilities:

◈ packer

Topic 704: Configuration Management

704.1 Ansible (weight: 8)

Weight: 8

Description: Candidates should be able to use Ansible to ensure a target server is in a specific state regarding its configuration and installed software. This objective covers the feature set of Ansible version 2.2 or later.

Key Knowledge Areas:

◈ Understand the principles of automated system configuration and software installation
◈ Create and maintain inventory files
◈ Understand how Ansible interacts with remote systems
◈ Manage SSH login credentials for Ansible, including using unprivileged login accounts
◈ Create, maintain and run Ansible playbooks, including tasks, handlers, conditionals, loops and registers
◈ Set and use variables
◈ Maintain secrets using Ansible vaults
◈ Write Jinja2 templates, including using common filters, loops and conditionals
◈ Understand and use Ansible roles and install Ansible roles from Ansible Galaxy
◈ Understand and use important Ansible tasks, including file, copy, template, ini_file, lineinfile, patch, replace, user, group, command, shell, service, systemd, cron, apt, debconf, yum, git, and debug
◈ Awareness of dynamic inventory
◈ Awareness of Ansibles features for non-Linux systems
◈ Awareness of Ansible containers

The following is a partial list of the used files, terms and utilities:

◈ ansible.cfg
◈ ansible-playbook
◈ ansible-vault
◈ ansible-galaxy
◈ ansible-doc

704.2 Other Configuration Management Tools (weight: 2)

Weight: 2

Description: Candidates should understand the main features and principles of important configuration management tools other than Ansible.

Key Knowledge Areas:

◈ Basic feature and architecture knowledge of Puppet.
◈ Basic feature and architecture knowledge of Chef.

The following is a partial list of the used files, terms and utilities:

◈ Manifest, Class, Recipe, Cookbook
◈ puppet
◈ chef
◈ chef-solo
◈ chef-client
◈ chef-server-ctl
◈ knife

Topic 705: Service Operations

705.1 IT Operations and Monitoring (weight: 4)

Weight: 4

Description: Candidates should understand how IT infrastructure is involved in delivering a service. This includes knowledge about the major goals of IT operations, understanding functional and nonfunctional properties of an IT services and ways to monitor and measure them using Prometheus. Furthermore candidates should understand major security risks in IT infrastructure. This objective covers the feature set of Prometheus 1.7 or later.

Key Knowledge Areas:

◈ Understand goals of IT operations and service provisioning, including nonfunctional properties such as availability, latency, responsiveness
◈ Understand and identify metrics and indicators to monitor and measure the technical functionality of a service
◈ Understand and identify metrics and indicators to monitor and measure the logical functionality of a service
◈ Understand the architecture of Prometheus, including Exporters, Pushgateway, Alertmanager and Grafana
◈ Monitor containers and microservices using Prometheus
◈ Understand the principles of IT attacks against IT infrastructure
◈ Understand the principles of the most important ways to protect IT infrastructure
◈ Understand core IT infrastructure components and their the role in deployment

The following is a partial list of the used files, terms and utilities:

◈ Prometheus, Node exporter, Pushgateway, Altermanager, Grafana
◈ Service exploits, brute force attacks, and denial of service attacks
◈ Security updates, packet filtering and application gateways
◈ Virtualization hosts, DNS and load balancers

705.2 Log Management and Analysis (weight: 4)

Weight: 4

Description: Candidates should understand the role of log files in operations and troubleshooting. They should be able to set up centralized logging infrastructure based on Logstash to collect and normalize log data. Furthermore, candidates should understand how Elasticsearch and Kibana help to store and access log data.

Key Knowledge Areas:

◈ Understand how application and system logging works
◈ Understand the architecture and functionality of Logstash, including the lifecycle of a log message and Logstash plugins
◈ Understand the architecture and functionality of Elasticsearch and Kibana in the context of log data management (Elastic Stack)
◈ Configure Logstash to collect, normalize, transform and store log data
◈ Configure syslog and Filebeat to send log data to Logstash
◈ Configure Logstash to send email alerts
◈ Understand application support for log management

The following is a partial list of the used files, terms and utilities:

◈ logstash
◈ input, filter, output
◈ grok filter
◈ Log files, metrics
◈ syslog.conf
◈ /etc/logstash/logstash.yml
◈ /etc/filebeat/filebeat.yml

Continue reading

LPI Certifications

LPI Linux Essentials

◈ What: Ability to use basic console line editor and demonstrate an understanding of processes, programs and components of the Linux Operating System.

◈ How: Pass the LPI 010 exam; 40 multiple-choice questions in 60 minutes.

◈ Cost: $110 USD (1 exam, certificate does not expire). Price may vary per region. Learn More

LPIC-OT 701: DevOps Tools Engineer

◈ What: Have a working knowledge of DevOps-related domains such as Software Engineering and Architecture, Container and Machine Deployment, Configuration Management and Monitoring.

◈ How: Pass LPI 701 exam; 60 multiple-choice and fill-in-the-blank questions in 90 minutes.

◈ Cost: $200 USD (1 exam, certification valid for 5 years). Price may vary per region. Learn More

LPIC-1 Certified Linux Administrator

◈ What: Ability to perform maintenance tasks with the command line, install and configure a computer running Linux and be able to configure basic networking.

◈ How: Pass LPI 101 and 102 exams; each exam is 60 multiple-choice and fill-in-the-blank questions in 90 minutes.

◈ Cost: $200 USD per exam (2 exams, certification valid for 5 years). Price may vary per region. Learn More

LPIC-2 Certified Linux Engineer

◈ What: Ability to administer small to medium–sized mixed networks.

◈ How: Pass LPI 201 and 202 exams; each exam is 60 multiple-choice and fill-in-the-blank questions in 90 minutes. Must also have active LPIC-1 certification.

◈ Cost: $200 USD per exam (2 exams, certification valid for 5 years). Price may vary per region. Learn More

LPIC-3 300: Linux Enterprise Professional Mixed Environment

◈ What: Ability to integrate Linux services in an enterprise-wide mixed environment.

◈ How: Pass LPI 300 exam; 60 multiple-choice and fill-in-the-blank questions in 90 minutes. Must also have active LPIC-2 certification.

◈ Cost: $200 USD (1 exam, certification valid for 5 years). Price may vary per region. Learn More

LPIC-3 303: Linux Enterprise Professional Security

◈ What: Ability to secure and harden Linux-based servers, services and networks enterprise-wide.

◈ How: Pass LPI 303 exam; 60 multiple-choice and fill-in-the-blank questions in 90 minutes. Must also have active LPIC-2 certification.

◈ Cost: $200 USD (1 exam, certification valid for 5 years). Price may vary per region. Learn More

LPIC-3 304: Linux Enterprise Professional Virtualization and High Availability

◈ What: Ability to plan and implement enterprise-wide virtualization and high availability setups using Linux-based technologies.

◈ How: Pass LPI 304 exam; 60 multiple-choice and fill-in-the-blank questions in 90 minutes. Must also have active LPIC-2 certification.

◈ Cost: $200 USD (1 exam, certification valid for 5 years). Price may vary per region. Learn More

Continue reading

LPIC-OT Exam 701: DevOps Tools Engineer

Businesses across the globe are increasingly implementing DevOps practices to optimize daily systems administration and software development tasks. As a result, businesses across industries are hiring IT professionals that can effectively apply DevOps to reduce delivery time and improve quality in the development of new software products.

To meet this growing need for qualified professionals, LPI developed the Linux Professional Institute DevOps Tools Engineer certification which verifies the skills needed to use the tools that enhance collaboration in workflows throughout system administration and software development.

In developing the Linux Professional Institute DevOps Tools Engineer certification, LPI reviewed the DevOps tools landscape and defined a set of essential skills when applying DevOps. As such, the certification exam focuses on the practical skills required to work successfully in a DevOps environment -- focusing on the skills needed to use the most prominent DevOps tools. The result is a certification that covers the intersection between development and operations, making it relevant for all IT professionals working in the field of DevOps.

Current Version: 1.0 (Exam code 701-100)

Objectives: 701-100

Prerequisites: There are no prerequisites for this certification.

Requirements: Pass the Linux Professional Institute DevOps Tools Engineer exam. The 90-minute exam consists of 60 multiple choice and fill-in-the-blank questions.

Validity Period: 5 years

Languages: English, Japanese

To receive the LPIC-OT DevOps Tools Engineer Certification the candidate must:

◈ Have a working knowledge of DevOps-related domains such as Software Engineering and Architecture, Container and Machine Deployment, Configuration Management and Monitoring.

◈ Have proficiency in prominent free and open source utilities such as Docker, Vagrant, Ansible, Puppet, Git, and Jenkins.

Exam Objectives Version: Version 1.0

Exam Code: 701-100

About Objective Weights: Each objective is assigned a weighting value. The weights indicate the relative importance of each objective on the exam. Objectives with higher weights will be covered in the exam with more questions.

Topic 701: Software Engineering

701.1 Modern Software Development (weight: 6) 

Weight: 6

Description: Candidates should be able to design software solutions suitable for modern runtime environments. Candidates should understand how services handle data persistence, sessions, status information, transactions, concurrency, security, performance, availability, scaling, load balancing, messaging, monitoring and APIs. Furthermore, candidates should understand the implications of agile and DevOps on software development.

Key Knowledge Areas:

◈ Understand and design service based applications
◈ Understand common API concepts and standards
◈ Understand aspects of data storage, service status and session handling
◈ Design software to be run in containers
◈ Design software to be deployed to cloud services
◈ Awareness of risks in the migration and integration of monolithic legacy software
◈ Understand common application security risks and ways to mitigate them
◈ Understand the concept of agile software development
◈ Understand the concept of DevOps and its implications to software developers and operators

The following is a partial list of the used files, terms and utilities:

◈ REST, JSON
◈ Service Orientated Architectures (SOA)
◈ Microservices
◈ Immutable servers
◈ Loose coupling
◈ Cross site scripting, SQL injections, verbose error reports, API authentication, consistent enforcement of transport encryption
◈ CORS headers and CSRF tokens
◈ ACID properties and CAP theorem

701.2 Standard Components and Platforms for Software (weight: 2)

Weight: 2

Description: Candidates should understand services offered by common cloud platforms. They should be able to include these services in their application architectures and deployment toolchains and understand the required service configurations. OpenStack service components are used as a reference implementation.

Key Knowledge Areas:

◈ Features and concepts of object storage
◈ Features and concepts of relational and NoSQL databases
◈ Features and concepts of message brokers and message queues
◈ Features and concepts of big data services
◈ Features and concepts of application runtimes / PaaS
◈ Features and concepts of content delivery networks

The following is a partial list of the used files, terms and utilities:

◈ OpenStack Swift
◈ OpenStack Trove
◈ OpenStack Zaqar
◈ CloudFoundry
◈ OpenShift

701.3 Source Code Management (weight: 5)

Weight: 5

Description: Candidates should be able to use Git to manage and share source code. This includes creating and contributing to a repository as well as the usage of tags, branches and remote repositories. Furthermore, the candidate should be able to merge files and resolve merging conflicts.

Key Knowledge Areas:

◈ Understand Git concepts and repository structure
◈ Manage files within a Git repository
◈ Manage branches and tags
◈ Work with remote repositories and branches as well as submodules
◈ Merge files and branches
◈ Awareness of SVN and CVS, including concepts of centralized and distributed SCM solutions

The following is a partial list of the used files, terms and utilities:

◈ git
◈ .gitignore

701.4 Continuous Integration and Continuous Delivery (weight: 5)

Weight: 5

Description: Candidates should understand the principles and components of a continuous integration and continuous delivery pipeline. Candidates should be able to implement a CI/CD pipeline using Jenkins, including triggering the CI/CD pipeline, running unit, integration and acceptance tests, packaging software and handling the deployment of tested software artifacts. This objective covers the feature set of Jenkins version 2.0 or later.

Key Knowledge Areas:

◈ Understand the concepts of Continuous Integration and Continuous Delivery
◈ Understand the components of a CI/CD pipeline, including builds, unit, integration and acceptance tests, artifact management, delivery and deployment
◈ Understand deployment best practices
◈ Understand the architecture and features of Jenkins, including Jenkins Plugins, Jenkins API, notifications and distributed builds
◈ Define and run jobs in Jenkins, including parameter handling
◈ Fingerprinting, artifacts and artifact repositories
◈ Understand how Jenkins models continuous delivery pipelines and implement a declarative continuous delivery pipeline in Jenkins
◈ Awareness of possible authentication and authorization models
◈ Understanding of the Pipeline Plugin
◈ Understand the features of important Jenkins modules such as Copy Artifact Plugin, Fingerprint Plugin, Docker Pipeline, Docker Build and Publish plugin, Git Plugin, Credentials Plugin
◈ Awareness of Artifactory and Nexus

The following is a partial list of the used files, terms and utilities:

◈ Step, Node, Stage
◈ Jenkins SDL
◈ Jenkinsfile
◈ Declarative Pipeline
◈ Blue-green and canary deployment

Topic 702: Container Management

702.1 Container Usage (weight: 7)

Weight: 7

Description: Candidates should be able to build, share and operate Docker containers. This includes creating Dockerfiles, using a Docker registry, creating and interacting with containers as well as connecting containers to networks and storage volumes. This objective covers the feature set of Docker version 17.06 or later.

Key Knowledge Areas:

◈ Understand the Docker architecture
◈ Use existing Docker images from a Docker registry
◈ Create Dockerfiles and build images from Dockerfiles
◈ Upload images to a Docker registry
◈ Operate and access Docker containers
◈ Connect container to Docker networks
◈ Use Docker volumes for shared and persistent container storage

The following is a partial list of the used files, terms and utilities:

◈ docker
◈ Dockerfile
◈ .dockerignore

702.2 Container Deployment and Orchestration (weight: 5)

Weight: 5

Description: Candidates should be able to run and manage multiple containers that work together to provide a service. This includes the orchestration of Docker containers using Docker Compose in conjunction with an existing Docker Swarm cluster as well as using an existing Kubernetes cluster. This objective covers the feature sets of Docker Compose version 1.14 or later, Docker Swarm included in Docker 17.06 or later and Kubernetes 1.6 or later.

Key Knowledge Areas:

◈ Understand the application model of Docker Compose
◈ Create and run Docker Compose Files (version 3 or later)
◈ Understand the architecture and functionality of Docker Swarm mode
◈ Run containers in a Docker Swarm, including the definition of services, stacks and the usage of secrets
◈ Understand the architecture and application model Kubernetes
◈ Define and manage a container-based application for Kubernetes, including the definition of ◈ Deployments, Services, ReplicaSets and Pods

The following is a partial list of the used files, terms and utilities:

◈ docker-compose
◈ docker
◈ kubectl

702.3 Container Infrastructure (weight: 4)

Weight: 4

Description: Candidates should be able to set up a runtime environment for containers. This includes running containers on a local workstation as well as setting up a dedicated container host. Furthermore, candidates should be aware of other container infrastructures, storage, networking and container specific security aspects. This objective covers the feature set of Docker version 17.06 or later and Docker Machine 0.12 or later.

Key Knowledge Areas:

◈ Use Docker Machine to setup a Docker host
◈ Understand Docker networking concepts, including overlay networks
◈ Create and manage Docker networks
◈ Understand Docker storage concepts
◈ Create and manage Docker volumes
◈ Awareness of Flocker and flannel
◈ Understand the concepts of service discovery
◈ Basic feature knowledge of CoreOS Container Linux, rkt and etcd
◈ Understand security risks of container virtualization and container images and how to mitigate them

The following is a partial list of the used files, terms and utilities:

◈ docker-machine

Topic 703: Machine Deployment

703.1 Virtual Machine Deployment (weight: 4)

Weight: 4

Description: Candidates should be able to automate the deployment of a virtual machine with an operating system and a specific set of configuration files and software.

Key Knowledge Areas:

◈ Understand Vagrant architecture and concepts, including storage and networking
◈ Retrieve and use boxes from Atlas
◈ Create and run Vagrantfiles
◈ Access Vagrant virtual machines
◈ Share and synchronize folder between a Vagrant virtual machine and the host system
◈ Understand Vagrant provisioning, including File, Shell, Ansible and Docker
◈ Understand multi-machine setup

The following is a partial list of the used files, terms and utilities:

◈ vagrant
◈ Vagrantfile

703.2 Cloud Deployment (weight: 2)

Weight: 2

Description: Candidates should be able to configure IaaS cloud instances and adjust them to match their available hardware resources, specifically, disk space and volumes. Additinally, candidates should be able to configure instances to allow secure SSH logins and prepare the instances to be ready for a configuration management tool such as Ansible.

Key Knowledge Areas:

◈ Understanding the features and concepts of cloud-init, including user-data and initializing and configuring cloud-init
◈ Use cloud-init to create, resize and mount file systems, configure user accounts, including login credentials such as SSH keys and install software packages from the distribution’s repository
◈ Understand the features and implications of IaaS clouds and virtualization for a computing instance, such as snapshotting, pausing, cloning and resource limits.

703.3 System Image Creation (weight: 2)

Weight: 2

Description: Candidates should be able to create images for containers, virtual machines and IaaS cloud instances.

Key Knowledge Areas:

◈ Understand the functionality and features of Packer
◈ Create and maintain template files
◈ Build images from template files using different builders

The following is a partial list of the used files, terms and utilities:

◈ packer

Topic 704: Configuration Management

704.1 Ansible (weight: 8)

Weight: 8

Description: Candidates should be able to use Ansible to ensure a target server is in a specific state regarding its configuration and installed software. This objective covers the feature set of Ansible version 2.2 or later.

Key Knowledge Areas:

◈ Understand the principles of automated system configuration and software installation
◈ Create and maintain inventory files
◈ Understand how Ansible interacts with remote systems
◈ Manage SSH login credentials for Ansible, including using unprivileged login accounts
◈ Create, maintain and run Ansible playbooks, including tasks, handlers, conditionals, loops and registers
◈ Set and use variables
◈ Maintain secrets using Ansible vaults
◈ Write Jinja2 templates, including using common filters, loops and conditionals
◈ Understand and use Ansible roles and install Ansible roles from Ansible Galaxy
◈ Understand and use important Ansible tasks, including file, copy, template, ini_file, lineinfile, patch, replace, user, group, command, shell, service, systemd, cron, apt, debconf, yum, git, and debug
◈ Awareness of dynamic inventory
◈ Awareness of Ansibles features for non-Linux systems
◈ Awareness of Ansible containers

The following is a partial list of the used files, terms and utilities:

◈ ansible.cfg
◈ ansible-playbook
◈ ansible-vault
◈ ansible-galaxy
◈ ansible-doc

704.2 Other Configuration Management Tools (weight: 2)

Weight: 2

Description: Candidates should understand the main features and principles of important configuration management tools other than Ansible.

Key Knowledge Areas:

◈ Basic feature and architecture knowledge of Puppet.
◈ Basic feature and architecture knowledge of Chef.

The following is a partial list of the used files, terms and utilities:

◈ Manifest, Class, Recipe, Cookbook
◈ puppet
◈ chef
◈ chef-solo
◈ chef-client
◈ chef-server-ctl
◈ knife

Topic 705: Service Operations

705.1 IT Operations and Monitoring (weight: 4)

Weight: 4

Description: Candidates should understand how IT infrastructure is involved in delivering a service. This includes knowledge about the major goals of IT operations, understanding functional and nonfunctional properties of an IT services and ways to monitor and measure them using Prometheus. Furthermore candidates should understand major security risks in IT infrastructure. This objective covers the feature set of Prometheus 1.7 or later.

Key Knowledge Areas:

◈ Understand goals of IT operations and service provisioning, including nonfunctional properties such as availability, latency, responsiveness
◈ Understand and identify metrics and indicators to monitor and measure the technical functionality of a service
◈ Understand and identify metrics and indicators to monitor and measure the logical functionality of a service
◈ Understand the architecture of Prometheus, including Exporters, Pushgateway, Alertmanager and Grafana
◈ Monitor containers and microservices using Prometheus
◈ Understand the principles of IT attacks against IT infrastructure
◈ Understand the principles of the most important ways to protect IT infrastructure
◈ Understand core IT infrastructure components and their the role in deployment

The following is a partial list of the used files, terms and utilities:

◈ Prometheus, Node exporter, Pushgateway, Altermanager, Grafana
◈ Service exploits, brute force attacks, and denial of service attacks
◈ Security updates, packet filtering and application gateways
◈ Virtualization hosts, DNS and load balancers

705.2 Log Management and Analysis (weight: 4)

Weight: 4

Description: Candidates should understand the role of log files in operations and troubleshooting. They should be able to set up centralized logging infrastructure based on Logstash to collect and normalize log data. Furthermore, candidates should understand how Elasticsearch and Kibana help to store and access log data.

Key Knowledge Areas:

◈ Understand how application and system logging works
◈ Understand the architecture and functionality of Logstash, including the lifecycle of a log message and Logstash plugins
◈ Understand the architecture and functionality of Elasticsearch and Kibana in the context of log data management (Elastic Stack)
◈ Configure Logstash to collect, normalize, transform and store log data
◈ Configure syslog and Filebeat to send log data to Logstash
◈ Configure Logstash to send email alerts
◈ Understand application support for log management

The following is a partial list of the used files, terms and utilities:

◈ logstash
◈ input, filter, output
◈ grok filter
◈ Log files, metrics
◈ syslog.conf
◈ /etc/logstash/logstash.yml
◈ /etc/filebeat/filebeat.yml

Continue reading