OpenShift on elastic secure bare metal infrastructure

Nov 15, 2022 | Boston University, Featured News, News

The Red Hat Research team supports several cloud environments, such as MOC Alliance and CloudLab. We realized there is a need to increase the productivity of bare metal machines in these environments and to promote leasing unused infrastructure to trusted partners. For this purpose, we started developing a project called Elastic Secure Infrastructure (ESI). 

What is ESI?

The goal of ESI is to create a set of services to permit multiple tenants to flexibly allocate bare metal machines from a pool of available hardware, create networks, attach bare metal nodes and networks, and optionally provision an operating system on those systems. While doing this, we also had to consider two important goals:

  • Allowing hardware owners to maintain control 
  • Allowing hardware consumers flexible self-provisioning

What is implemented in ESI?

Most OpenStack services are multi-tenant. The resources are owned by a project and cannot be seen by members of other projects. Ironic is also multi-tenant, in the sense that multiple parties can lease hardware. Crucially, however, it is not multi-admin; it has an “admin or nothing” model. A user with admin privileges can do everything, and a non-admin user can’t do anything. In order to support the true isolation of one cluster from another and allow full ownership of leased hardware, we extended Ironic to create true multi-tenancy at the hardware layer.

We have achieved multi-tenancy in Ironic by implementing the following features: 

● Enabled node owners to control nodes 

● Introduced the concept of a node lessee to Ironic 

● Tweaked node deployment through the Ironic API 

● Allowed Ironic to reserve nodes based on owner/lessee

ESI and OpenShift

The ESI Engineering team has tested installing and managing OpenShift on a bare metal infrastructure supported by ESI in various scenarios. Our aim was to enable research institutions to run their workloads in OpenShift, which in turn runs on a leaseable bare metal environment. This system enables research institutions to lease, sub-lease or claim bare metal machines and add or remove them from the OpenShift deployment without any impact on the OpenShift performance. In this way, we enable an elastic infrastructure layer along with OpenShift, which can reduce the operating cost of computation. 

How do I get access to the ESI or get in touch with the team for a demo?

If you are interested in getting to know more about the ESI project and the project’s roadmap or want to be part of the development activities, you can contact us by sending an email to Also, please contact us if you are aware of any customers or partners who will be interested in collaborating with us. 

To learn more about this and other interesting projects, visit the Red Hat Research Blog and sign up for a free Red Hat Research Quarterly magazine subscription.  


ESI Documentation:

ESI GitHub:

Related Stories

Red Hat Research brings sustainability to the edge

Red Hat Research brings sustainability to the edge

A data-science-driven sustainability project supported by Red Hat Research was recognized as a FIWARE iHub at the 2023 FIWARE Summit in Vienna, Austria. Based on the SmartaByar smart village in Sweden, the project was a recipient of the Red Hat Collaboratory at Boston University Research Incubation Award in 2022 and 2023. FIWARE describes iHubs as centers for accelerated growth that support companies, cities, and developers in their innovation and digitalization journey by offering easy access to open source technologies, business development support, and community building.

Red Hat Collaboratory at Boston University announces Request for Proposals for 2024 Grants

Red Hat Collaboratory at Boston University announces Request for Proposals for 2024 Grants

The Red Hat Collaboratory at Boston University has announced details on the Request for Proposals (RFP) for 2024 Grants. The goal of the program is to enable collaborative research between Boston University researchers and Red Hat engineers. Projects must be open source and should generally focus on problems of distributed, operating, security, or network systems whose solution shows promise for advancing their field and impacting industry.

Watch recordings of the Mass Open Cloud Alliance Workshop

Watch recordings of the Mass Open Cloud Alliance Workshop

Over 30 Red Hatters attend the 2023 Mass Open Cloud (MOC) Alliance Workshop on March 20 - 21, 2023, at Boston University.  Recordings of each day of the event are available (see below with the schedule - currently unedited), and we will announce in the coming...

EU-funded cybersecurity consortium kicks off in Brno, Czech Republic

EU-funded cybersecurity consortium kicks off in Brno, Czech Republic

Authors Jaroslav Řezník, Principal Program Manager—Technical at Red HatViktor Malík, Senior Software Engineer at Red Hat Cybersecurity has become a critical focus of research in today's interconnected world, especially with the rise of cyberattacks posing a threat to...