OpenShift on elastic secure bare metal infrastructure

Nov 15, 2022 | Boston University, Featured News, News

The Red Hat Research team supports several cloud environments, such as MOC Alliance and CloudLab. We realized there is a need to increase the productivity of bare metal machines in these environments and to promote leasing unused infrastructure to trusted partners. For this purpose, we started developing a project called Elastic Secure Infrastructure (ESI). 

What is ESI?

The goal of ESI is to create a set of services to permit multiple tenants to flexibly allocate bare metal machines from a pool of available hardware, create networks, attach bare metal nodes and networks, and optionally provision an operating system on those systems. While doing this, we also had to consider two important goals:

  • Allowing hardware owners to maintain control 
  • Allowing hardware consumers flexible self-provisioning

What is implemented in ESI?

Most OpenStack services are multi-tenant. The resources are owned by a project and cannot be seen by members of other projects. Ironic is also multi-tenant, in the sense that multiple parties can lease hardware. Crucially, however, it is not multi-admin; it has an “admin or nothing” model. A user with admin privileges can do everything, and a non-admin user can’t do anything. In order to support the true isolation of one cluster from another and allow full ownership of leased hardware, we extended Ironic to create true multi-tenancy at the hardware layer.

We have achieved multi-tenancy in Ironic by implementing the following features: 

● Enabled node owners to control nodes 

● Introduced the concept of a node lessee to Ironic 

● Tweaked node deployment through the Ironic API 

● Allowed Ironic to reserve nodes based on owner/lessee

ESI and OpenShift

The ESI Engineering team has tested installing and managing OpenShift on a bare metal infrastructure supported by ESI in various scenarios. Our aim was to enable research institutions to run their workloads in OpenShift, which in turn runs on a leaseable bare metal environment. This system enables research institutions to lease, sub-lease or claim bare metal machines and add or remove them from the OpenShift deployment without any impact on the OpenShift performance. In this way, we enable an elastic infrastructure layer along with OpenShift, which can reduce the operating cost of computation. 

How do I get access to the ESI or get in touch with the team for a demo?

If you are interested in getting to know more about the ESI project and the project’s roadmap or want to be part of the development activities, you can contact us by sending an email to esi@lists.massopen.cloud. Also, please contact us if you are aware of any customers or partners who will be interested in collaborating with us. 

To learn more about this and other interesting projects, visit the Red Hat Research Blog and sign up for a free Red Hat Research Quarterly magazine subscription.  

Resource:

ESI Documentation: https://esi.readthedocs.io/en/latest/index.html

ESI GitHub: https://github.com/CCI-MOC/esi

Related Stories

EU-funded cybersecurity consortium kicks off in Brno, Czech Republic

EU-funded cybersecurity consortium kicks off in Brno, Czech Republic

Authors Jaroslav Řezník, Principal Program Manager—Technical at Red HatViktor Malík, Senior Software Engineer at Red Hat Cybersecurity has become a critical focus of research in today's interconnected world, especially with the rise of cyberattacks posing a threat to...

Meet the new 2023 Red Hat Collaboratory Research Incubation Award Recipients

Meet the new 2023 Red Hat Collaboratory Research Incubation Award Recipients

We are pleased to announce the recipients of the 2023 Red Hat Collaboratory Research Incubation Awards. The awards are part of a joint effort between Red Hat and Boston University (BU) aimed at recognizing, supporting and funding research in cloud computing, and to advance the state of the art in open source technologies such as distributed systems, security, operating systems, and networking.

Call for Project Ideas (North America Research Interest Group)

Call for Project Ideas (North America Research Interest Group)

Are you a Red Hatter with a project idea that needs a little help getting started? Could your project benefit from some intern power?  Red Hat Research (RHR) may be able to help by providing intern and research support to get your idea off the ground or to the next...

DevConf.CZ Mini 2022 features Red Hat supported research projects

DevConf.CZ Mini 2022 features Red Hat supported research projects

Held on November 3, DevConf.CZ Mini featured talks themed around Cloud and Hyperscale, Edge Computing, and Future Tech and Open Research, including two research collaborations with Brno University of Technology and Czech Technical University in Prague supported by Red...

Open source values are the focus of Red Hat Summer Camp in Brno

Open source values are the focus of Red Hat Summer Camp in Brno

In summer 2022, a group of Red Hat volunteers organized the first in-office run of Red Hat Summer Camp Brno: an IT camp aimed at high school students, regardless of how much IT experience they had. The goal of the summer camp was to bring together people with...