LinuC System Architect

LinuC-SA

Exam SA01 Objectives

In order to be certified as a LinuC System Architect, it is essential to take this exam and the SA02 exam. It covers the skills necessary to design and build an optimal architecture by taking a bird's-eye view of the entire lifecycle of a system that utilizes Linux and other OSS, including on-premise/cloud and real/virtualization.

Each item in the question pool is weighted according to its importance. The importance level indicates the relative importance of each topic. The more important a topic is, the more questions will be asked about it in the exam.

SA.01: System Architecture

SA.01.1 Architecture design principles and major patterns
Weight 4
Overview
  • Candidates can compare architectural patterns focusing on the division, control, and integration of business functions across multiple nodes.
  • Candidates can extensively understand the characteristics, constraints, and suitable use cases of major architectural patterns, and use this knowledge as decision-making material during architecture design.
Details
  • Understand and compare the viewpoints that constitute design principles for architecture.
    • System deployment: centralized, distributed
    • Methods of system division: layer structure, tier structure
    • Methods of functional control and integration between subsystems and components
    • Relationship between business processes and data, methods of data sharing/non-sharing across nodes
    • Timing of subsystem calls and data sharing: synchronous, asynchronous
  • Understand the characteristics, primary-secondary relationships, and suitable use cases of specific architectural patterns related to functional control and integration between subsystems and components.
    • Pipeline (pipe/filter)
    • Coordination, orchestration
    • Event-driven, choreography
    • Mediation and brokering: messaging queues, Pub/Sub pattern
  • Understand the characteristics, important design viewpoints, and suitable use cases of specific architectural patterns related to data integration and consistency between subsystems.
    • Patterns for distributed transactions and error handling: TCC, Saga
    • Replication (asynchronous data duplication)
SA.01.2 Architectural patterns to enhance flexibility
Weight 5
Overview Candidates understand architectural patterns, communication protocols, and design techniques that avoid system complexity and enable independent changes and extensions by element, thereby creating a highly flexible system.
Details
  • Understand the advantages and disadvantages of using microservices architecture and make decisions on its adoption in specific design scenarios.
    • Independent technology selection, scaling, deployment per service
  • Understand the basic configurations of inter-service communication commonly used in microservices.
    • Synchronous communication: REST (OpenAPI), GraphQL, gRPC/Protocol Buffer
    • Asynchronous communication, queues, streams, topics
  • Understand design patterns that separate system control functions from application implementation, and understand the main functions that are separated and their effects.
    • Service proxy, sidecar pattern
    • Separation of control plane and data plane
    • Service mesh
    • API gateway
    • Main functions separated: traffic control, fault recovery, authentication, tracing
  • Understand design patterns that combine event-driven architecture with dynamic resource provisioning.
    • FaaS (Serverless)

SA.02: Network and Storage

SA.02.1 Intra-site networking
Weight 3
Overview
  • Candidates understand the basic technologies needed for network design within a site.
  • Candidates understand the network technologies used when employing virtual machines or containers, and can select configurations according to their purpose.
Details
  • Understand the overview of technologies for logically dividing and connecting networks.
    • VLAN
    • Tunneling, encapsulation
    • L2 over L3 overlay networks such as VXLAN
  • Understand the operation of a Linux host when constructing networks for virtual machines and containers.
    • Create virtual bridges
    • Create TAP/TUN devices, virtual NICs, and veth
    • Provide NAT (NAPT) and DHCP functionality
  • Understand the differences in major network configurations used with virtual machines and containers.
    • libvirt default virtual bridge (virbr0)
    • Docker Bridge driver (docker0), Host driver
  • Compare major implementations for cross-host container communication based on the differences in their operating principles.
    • Docker overlay network driver
    • flannel, Calico
SA.02.2 Inter-site networking
Weight 3
Overview Candidates understand the key factors to consider when designing and operating systems that integrate multiple sites.
Details
  • Understand basic methods related to network connectivity and encryption.
    • PPPoE, IPoE
    • VPN, IPsec, L2TP
  • Construct a connection environment to use cloud resources as an extension of on-premises infrastructure.
    • Site-to-site connections using internet VPN via VPN gateways
    • Site-to-site connections using leased lines via private cloud connectivity services
    • Address issues related to bandwidth, port restrictions, and name resolution
  • Understand the purposes of technologies for optimizing geographically extensive systems.
    • SD-WAN
    • Edge computing
SA.02.3 Storage and access protocols
Weight 2
Overview Candidates can select storage provisioning types and access protocols according to their use cases. They can also understand key configuration methods and considerations for implementation.
Details
  • Understand the features and limitations of each storage provisioning type and utilize them according to their use cases.
    • Block storage
    • File storage
    • Object storage
  • Compare and select major data sharing protocols based on their network and security features and limitations.
    • SMB: including encryption features
    • NFS
    • WebDAV
    • HTTPS + REST API file transfers: including presigned URL
SA.02.4 Centralized and distributed storage
Weight 4
Overview
  • Candidates understand the types of file systems and mechanisms of logical volumes.
  • Candidates can select Linux/OSS-based centralized and distributed storage environments based on simultaneous access requirements and other non-functional requirements.
Details
  • Compare EXT4, XFS, and Btrfs in terms of data structure, performance, fault tolerance, and usability.
    • B-Tree, journaling
    • Deduplication, Copy on Write, snapshots
  • Compare the mechanisms, performance, and fault recovery procedures for logical volume provisioning.
    • Thick provisioning, thin provisioning
  • Design block storage using SAN.
    • Choose connection methods: Fibre Channel, iSCSI (target, initiator)
    • Volume-level access control: LUN masking, zoning
  • Design virtualized storage accessible from multiple nodes using cLVM.
    • Manage physical volumes, volume groups, and logical volumes
    • Volume-level access control
    • Secure, create, and manage snapshot areas
  • Understand the theoretical operating principles of distributed storage and distributed databases.
    • Consistency (strong consistency, eventual consistency), availability, partition tolerance, and their trade-offs
    • Read and write algorithms: Read One Write All (ROWA), Primary Copy ROWA, Read Repair
  • Understand the features of Ceph as distributed storage and its basic configuration methods.
    • RADOS Gateway, RADOS Block Device, Ceph FS
    • Roles and locations of monitor/metadata/OSD servers

SA.03: Availability

SA.03.1 Failover clusters
Weight 3
Overview Candidates understand the design to eliminate single points of failure through failover clusters, including problems to solve, design considerations, and key implementations.
Details
  • Understand the purpose, basic structure, and operational principles of failover clusters.
    • Active-standby, resource control, heartbeat
  • Understand the concept of split-brain and how to resolve it.
    • Interconnect partition
    • Fencing
    • Leader election based on quorum
  • Understand the overview of key redundancy configurations and specific implementations to achieve failover, as well as design considerations.
    • Redundancy configuration using VIP and VRRP: keepalived
    • Process monitoring and resource control using Pacemaker/Corosync: resource agents, STONITH, IPMI
    • Failover and recovery in distributed storage
    • Redundant design tailored to individual protocols and services: DHCP, etc.
SA.03.2 Load balancing and fault localization
Weight 4
Overview
  • Candidates can compare the operation modes and constraints of load balancers and messaging queues used for traffic distribution.
  • Candidates understand methods to prevent accidental or partial failures from propagating throughout the entire system.
Details
  • Understand the major types of load balancers and their basic configurations.
    • L4 load balancers and their packet forwarding methods: NAT, Direct Server Return (Direct Routing), Tunneling, Local Node
    • L7 load balancers and their forwarding criteria: URI, request parameters, HTTP headers
    • Connection scheduling: round-robin, least connections, least traffic
    • Backend health checking
  • Perform allocation, scheduling, and health checks of load balancing clusters using specific OSS.
    • IPVS (LVS)
    • HAProxy
  • Design inter-site redundancy using DNS-based load balancing (global server load balancing).
    • Routing policies: weighted round-robin, least connections, geolocation, proximity algorithms
    • Dynamic routing configuration combined with monitoring tools
  • Address load balancing and accidental errors through asynchronous processing via messaging queues.
    • Delivery methods: pull model, push model
    • QoS: At-least-once, Exactly-once, At-most-once
    • Error detection and retry: ack, exponential backoff and jitter, dead-letter queue
  • Understand and compare design patterns that prevent the propagation of partial failures to the entire system.
    • Timeout, throttling, circuit breaker
SA.03.3 Data replication and disaster recovery
Weight 3
Overview
  • Candidates understand the mechanisms for ensuring redundancy through data replication.
  • Candidates can select methods for copying data to remote locations and configuring and switching to sub-sites according to recovery objectives, in order to restore services quickly in the event of failures or disasters.
Details
  • Understand block-level replication and use DRBD to achieve data redundancy.
    • Synchronous/in-memory synchronous/asynchronous replication
    • Multi-node replication
    • Failover design
  • Know the replication features of major middleware.
    • PostgreSQL: streaming replication, logical replication
  • Design efficient backup acquisition and management.
    • Create a point-in-time snapshot
  • Compare configurations and switching methods for remote sub-sites, based on trade-offs including RPO, RTO, implementation constraints, and cost.
    • Data handling: backup & restore, replication
    • Standby methods: stopped, warm standby, hot standby
    • Switching methods: manual switching, failover via clustering

SA.04: Performance and Scalability

SA.04.1 Performance estimation and evaluation
Weight 2
Overview
  • Candidates can accurately estimate performance and select appropriate resources, considering functional characteristics and expected access.
  • Candidates can use prototypes to evaluate and measure the performance of initial designs and investigate bottlenecks when performance targets are not met.
Details
  • Organize performance-related requirements.
    • Business characteristics: number of users, peak load trends, service hours, total data volume, data increment trends, etc.
    • Performance requirements: requests per second, concurrent connections, acceptable response time, I/O speed (IOPS, throughput, latency), etc.
    • Constraints: necessity for exclusive control, granularity of locks, etc.
    • Application characteristics: multi-core utilization, caching characteristics, etc.
  • Perform performance estimation and sizing.
    • Analyze the resource usage rate for each business function.
    • Consider the allocation of performance requirements (e.g., acceptable response time) to components.
    • (Tentative) selection of resources: CPU, memory, disk, network.
  • Understand evaluation methods.
    • Practical Implementation Testing (Proof of Concept, PoC)
    • Comparison with benchmarks
  • Measure and analyze if the prototype system performs as intended.
    • Interpret the output of utility commands that investigate the state of various resources and the kernel.
    • Analyze the relationship between performance indicators of components and the overall system performance indicators.
  • Narrow down performance bottlenecks and their causes when targets are not met.
    • Default settings, recommended values tailored for different use cases, optimal values.
    • Version selection of tools executing tasks.
    • Limits: number of sessions, file descriptors, sockets and ports.
SA.04.2 Performance improvement
Weight 3
Overview Candidates can improve performance bottlenecks by selecting processing or communication methods, adjusting functionality priorities, and tuning parameters to suit business characteristics.
Details
  • Compare characteristics and constraints of various algorithms and protocols from a performance design perspective.
    • HTTP/3, QUIC
  • Adjust the priority of functionality.
    • Change process priority of new and existing processes.
    • Select and configure tuned profiles.
    • Adjust system resource usage with cgroups.
  • Improve the performance of CPU, memory, disk, and network within a node.
    • Kernel: adjust shmmax.
    • Memory: adjust alternative page size.
    • Disk and filesystem: select I/O scheduling algorithms, choose feature options, adjust block size.
    • Network: calculate and set buffer size.
  • Tune performance between nodes.
    • Improve the number of network hops.
    • Bonding (link aggregation)
  • Configure to mitigate resource exhaustion.
    • Optimize the number of file descriptors.
    • Optimize network sockets, ports, queues.
    • Optimize the number of sessions: connection pooling.
SA.04.3 Performance scalability
Weight 4
Overview
  • Candidates understand major throughput improvement methods and their application conditions for both application and database tiers.
  • Candidates can introduce a balanced design to expand the system according to performance requirements by adding nodes or splitting functions.
Details
  • Reduce load and improve response times by externalizing read access.
    • CDN
    • Cache, in-memory databases: Redis, Memcached
  • Introduce stateless design and distribute application servers.
    • Externalize data
    • Externalize session information
    • Externalize logs
  • Design a scale-out configuration using load balancers or messaging queues.
  • Distribute databases across multiple nodes to improve throughput according to requirements.
    • Vertical sharding
    • Horizontal sharding
    • Introduction of read replicas
  • Avoid bottlenecks related to locks in distributed processing.
    • Limit shared resources
    • Distribute locks and shorten lock duration
Page top