[Esi] OpenShift on Elastic Secure Bare-metal Infrastructure

Paul G Crumley pgc at us.ibm.com
Mon Nov 21 09:35:13 EST 2022 

Hi, Gagan & Team,
Sorry for my delay.

We are interested to learn more about ESI to understand how it fits in the Red Hat world and how we could use it here in IBM Research for some of our work.

I am adding Sarah to the to list in order to find time for us to get together and determine if this is a good fit and if so, how to proceed.

Our TL;DR:  We are creating a Hybrid Cloud data center in which IBM Research technology will be placed  so partners and clients can experience the work easily, in flexible, isolated regions which the clients reach through secure connections.  The technology varies from specialized HW to SW-only components running on OpenShift.  We want to make sure that if a client sees something they like, they can replicate the stack in their own data center.  The recent announcement on ESI seems to help with this reproducibility goal.

I’m looking forward to getting the team’s thoughts on this use case.

Thanks,
Paul

From: Gagan Kumar <gakumar at redhat.com>
Sent: Tuesday, November 15, 2022 15:00
To: esi at lists.massopen.cloud; research-team <research-team at redhat.com>; octo-dept at redhat.com; openshift-pm at redhat.com; openstack-pm at redhat.com; Karsten Wade <kwade at redhat.com>; Julia Kreger <juliaashleykreger at gmail.com>; Paul G Crumley <pgc at us.ibm.com>; Apoorve Mohan <Apoorve.Mohan at ibm.com>; James Cadden <jcadden at ibm.com>
Subject: [EXTERNAL] OpenShift on Elastic Secure Bare-metal Infrastructure

TL;DR: The Red Hat Research team is working on a Bare-metal leasing project called Elastic Secure Infrastructure with the goal of enabling different Research Computing environments to share their bare-metal infrastructure based on computing
ZjQcmQRYFpfptBannerStart
This Message Is From an External Sender
This message came from outside your organization.
ZjQcmQRYFpfptBannerEnd

TL;DR: The Red Hat Research team is working on a Bare-metal leasing project called Elastic Secure Infrastructure<https://github.com/CCI-MOC/esi> with the goal of enabling different Research Computing environments to share their bare-metal infrastructure based on computing demands. In recent days, the team tested managing OpenShift on the underlying leased bare-metal infrastructure. Now, after significant tests and experiments, Red Hat’s OpenShift can be supported on a leased bare-metal infrastructure where servers can be leased and released.  ESI and infrastructure for evaluating it are currently available in the MOC Alliance<https://massopen.cloud/>. If you are interested in this project, get in touch with the Red Hat Research team.


Hi All,


The Red Hat Research team supports several Cloud environments such as MOC Alliance and CloudLab. We realized there is a need to increase the productivity of bare-metal machines in these environments and also promote leasing unused infrastructure to trusted partners. For this purpose, we started developing a project called Elastic Secure Infrastructure (ESI).


What is ESI?

The goal of ESI is to create a set of services to permit multiple tenants to flexibly allocate bare-metal machines from a pool of available hardware, create networks, attach bare-metal nodes and networks, and optionally provision an operating system on those systems. While doing this, we also had to consider two important goals:

  *   Allow hardware owners to maintain control.
  *   Allow hardware consumers flexible self-provisioning.


What is implemented in ESI?

Most OpenStack services are “multi-tenant”. The resources are owned by a project and cannot be seen by members of other projects. Ironic is also multi-tenant, in the sense that multiple parties can lease hardware. Crucially, however, it is not “multi-admin;” it has an “admin or nothing” model. A user with admin privileges can do everything, and a non-admin user can’t do anything. In order to support the true isolation of one cluster from another and allow full ownership of leased hardware, we extended Ironic to create true multi-tenancy at the hardware layer.


We have achieved multi-tenancy in Ironic by implementing the following features:

● Enabled node owners to control nodes

● Introduced the concept of a node lessee to Ironic

● Tweaked node deployment through the Ironic API

● Allowed Ironic to reserve nodes based on owner/lessee


ESI and OpenShift

The ESI Engineering team has tested installing and managing OpenShift on a bare-metal infrastructure supported by ESI in various scenarios. Our aim was to enable research institutions to run their workloads in OpenShift, which in turn runs on a leaseable bare-metal environment. This system enables research institutions to lease, sub-lease or claim bare-metal machines and add or remove them from the OpenShift deployment without any impact on the OpenShift performance. In this way, we enable an elastic infrastructure layer along with OpenShift, which can reduce the operating cost of computation.


How do I get access to the ESI or get in touch with the team for a demo?

If you are interested in getting to know more about the ESI project, and the project’s roadmap or want to be part of the development activities, you can contact us by sending an email to esi at lists.massopen.cloud<http://esi@lists.massopen.cloud>. Also, if you are aware of any customers/partners who will be interested in collaborating with us, you can contact us as well.


To learn more about this and other interesting projects, visit the Red Hat Research Blog<https://research.redhat.com/blog/> and also sign up for a free Red Hat Research Quarterly<https://research.redhat.com/quarterly/> magazine subscription.


Resource:

ESI in News: https://research.redhat.com/blog/2022/11/15/openshift-on-elastic-secure-bare-metal-infrastructure/<https://research.redhat.com/blog/2022/11/15/openshift-on-elastic-secure-bare-metal-infrastructure/>

ESI Documentation: https://esi.readthedocs.io/en/latest/index.html<https://esi.readthedocs.io/en/latest/index.html>

ESI GitHub: https://github.com/CCI-MOC/esi<https://github.com/CCI-MOC/esi>


Regards,

ESI Team
[https://static.redhat.com/libs/redhat/brand-assets/2/corp/logo--200.png]<https://www.redhat.com/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.massopen.cloud/pipermail/esi/attachments/20221121/ea0528a5/attachment-0001.html>

More information about the esi mailing list