About Pervasive Technology InstituteCyberinfrastructure is pervasive in the research, discovery, and creative processes. Information technology today pervades scholarly discovery in the humanities, research in all areas of the sciences, and the processes of artistic creation. The... Read More →
Open source communities are adapting, even thriving when facing today’s disruptive technology shifts. Why? Organization’s infrastructure needs are different due to global IT industry challenges from licensing changes, open hardware integration, and digital sovereignty to supporting AI workloads and increased security concerns. This is what open source communities are designed to do, and it’s not surprising that the demand for open source software exceeds $8.8 trillion USD. The OpenInfra community, composed of 110,000 individuals from hundreds of organizations and 187 different countries, is already evolving open source infrastructure technologies including OpenStack, Kata Containers, and StarlingX to manage these recent shifts. In this keynote, Jimmy McArthur will talk about how the OpenInfra community is applying our software formula for open development to drive worldwide innovation in the face of massive disruption. And how you can, too!
Director of Business Development, OpenInfra Foundation
Jimmy leads the collaboration with OpenInfra Members, including strategy development, goal alignment and new member recruitment. Outside of advocating for current open source trends and distributing his calendar link (which you can find here: https://calendly.com/jimmy-mcarthur... Read More →
The first Beowulf cluster was built in 1994 at NASA’s Goddard Space Flight Center. Thirty years later, most HPC shops still follow the same basic cluster paradigm (including the one at Goddard today). The intervening decades have witnessed many evolutions in computing: virtualization/cloud, software-defined networking, kubernetes, AI/ML; GitOps and Agile -- just to name some big ones. The traditional cluster paradigm, with its static network zones and security controls, make it all but impossible to “bolt” these new technologies onto an existing operational system. A new approach is needed essentially from the ground up – one that will increase interoperability between the on-premises solution and commercial clouds by enabling the reuse of code used to deploy infrastructure and services. This translates into faster time to science/discoveries for our end users. This is a User Story about one HPC organization’s journey to rapidly modernize in one giant leap. We will discuss the “Next Generation System” being built at Goddard now, which is designed from the start to leverage modern cloud-native methods and best practices to flexibly deploy baremetal, VMs, or containers from a single pool of resources. We will touch on network design, OpenStack & Ironic, Security considerations like DevSecOps, and cultural barriers to adoption.
This presentation delves into the complexities of cloud migration and the transformative potential of leveraging open-source technologies through the integration of Atmosphere and MigrateKit.
Atmosphere is a robust, open-source cloud management framework built on OpenStack. It offers a feature-rich platform that rivals proprietary cloud solutions. MigrateKit complements this by serving as the bridge for organizations migrating from VMware or similar environments to OpenStack, ensuring a streamlined and automated transition.
The presentation will explore how this powerful combination simplifies the technical aspects of migration and aligns with the strategic business goals of scalability, agility, and cost-efficiency. Attendees will gain insights into the automated, repeatable deployment workflows enabled by MigrateKit and how they seamlessly integrate with Atmosphere's core capabilities.
Mohammed Naser, CEO of VEXXHOST, has had the chance to work with customers ranging from growing small businesses to solutions for large Fortune 500 companies, based on OpenStack. He has been a contributor to the OpenStack project since 2011 and has contributed code to almost every... Read More →
As a cloud provider, VEXXHOST specializes in delivering cloud solutions powered by OpenStack. It offers a variety of Atmosphere deployment options, including public cloud environments, private clouds, and on-premises solutions, so clients can choose the optimal setup for their needs... Read More →
We are building HPC operations at UAB around software development best-practices. To that end we are constructing a CI/CD infrastructure that supports development and testing of services in support of campus HPC operations. We instantiate HPC clusters on OpenStack cloud infrastructure to explore capabilities, develop features, and construct releases for the HPC cluster.
Data that is used by applications and services. Secrets can include API keys, credentials, tokens, certificates, and passwords that grant access to various resources and systems. If these secrets are compromised, attackers can exploit them to cause damage, steal information, or disrupt operations. The challenges of secret management is how to securely store, distribute, and rotate secrets in a dynamic and distributed environment. Traditional methods of hard-coding secrets in configuration files or environment variables are not secure, scalable, or reliable. Moreover, secrets need to be updated frequently to comply with security policies and regulations to prevent unauthorized access. To address these challenges, several tools and frameworks have been developed to provide secret management solutions for DevOps. These tools can help DevOps teams to implement best practices for secret management.
Michel started his career as a medical officer in the Royal Dutch Airforce. After the air force, he continued in clinical pharmacology. While there, he transitioned to IT.As his career developed, his responsibility shifted from a deep technical perspective to a more visionary role... Read More →
OpenStack Plus: The Perfect Recipe for Enterprise-Grade Deployment
OpenStack is a powerful open-source cloud platform, but achieving an enterprise-grade deployment requires more than just a basic setup. This session explores the key components and best practices that transform OpenStack into a robust, secure, and high-performing solution for enterprises.
Critical enhancements include integrating advanced storage solutions like Ceph, implementing comprehensive security measures, leveraging orchestration tools, and ensuring high availability (HA) configurations. Efficient monitoring, logging systems, and seamless networking solutions are also essential.
Ajith Narayanan, based in Bangalore, India, has 20 years of experience as a Cloud Infrastructure Architect with a specialization in designing and building private cloud infrastructure.
In this talk, the audience will learn about the patterns of collaboration the OpenInfra Foundation has fostered with universities to get students involved in Open Source before they graduate and begin hunting for jobs. The University Partnership Program (UPP) aims to alleviate the Open Source hiring vacuum that exists in the tech job market globally, the UPP's benefits to students, the universities, the open source projects and the larger ecosystem. This talk will explain the process of how a university can join this program with anecdotes and real examples of how its all implemented. This talk will have information for both students and professors but also industry professionals about how they can get involved as mentors or support the program through hiring students completing the program etc.
This talk dives into Rackspace's use of Ironic for baremetal provisioning, including, but not limited to, the use of Ironic and Ansible to manage fleet lifecycles.
- How Rackspace is leveraging Ironic over legacy in-house Baremetal provisioning tools. Not just for OpenStack-related workloads, but for general data center server provisioning. - How Rackspace is adopting the use of Virtual Media boot over PXE/DHCP to simplify network requirements in leaf/spine architectures - How Rackspace is (re)contributing to the Ironic project based on these new efforts
I hope viewers can take away the following: - Ironic does not require a full OpenStack ‘stack’, but can benefit from Neutron and other integrations, and can benefit from customizations (ie. ML2 plugin) that might be more suited for your use-case - In addition to servicing baremetal workloads in a virtual world, Ironic is extremely useful as a general server deployment tool for all kinds of workloads (OpenStack, VMware, etc)
James Denton is a Principal Network Architect for Rackspace, and has been involved with OpenStack on the Rackspace Private Cloud team since 2012. He is the author of "Learning OpenStack Networking (Neutron)" released in 2014, and is currently working on a second edition of the same... Read More →
In order to successfully develop software through open community collaboration, tools and workflows are carefully chosen with regard to transparency and visibility of activities. This makes it easier for people to see what’s going on within the project and get involved, but safety-critical activities like security vulnerability management require temporary secrecy, a fundamental conflict presenting unique challenges.
This presentation will cover the workflows and tooling choices OpenStack’s vulnerability managers have employed and refined for more than a decade, with specific goals of keeping secrets only when necessary and making sure the record of our activities becomes fully public as soon as possible. Our processes are openly documented, with templating and automation that streamlines these sensitive workflows, serving as a model for many other communities as well as forming the basis of popular industry specifications and standard practices over the years. Learn how it’s done, get involved in our community, or apply these principles within your own projects.
In recent years, in particular with the rise of AI, the diversity of workloads that need to be supported by research infrastructures has exploded. Many of these workloads take advantage of new technologies, such as Kubernetes, that need to be run alongside the traditional workhorse of the large batch cluster. Some require access to specialist hardware, such as GPUs or network accelerators. Others, such as Trusted Research Environments, have to be executed in a secure sandbox. Here, we show how a flexible and dynamic research computing cloud infrastructure can be achieved, without sacrificing performance, using OpenStack. By having OpenStack manage the hardware, we get access to APIs for reconfiguring that hardware, allowing the deployment of platforms to be automated with full control over the levels of isolation. Optimisations like CPU-pinning, PCI passthrough and SR-IOV allow us to take advantage of the efficiency gains from virtualisation without sacrificing performance where it matters.
The HPC+AI Cloud becomes even more powerful when combined with Azimuth, an open-source self-service portal for HPC and AI workloads. Using the Azimuth interface, users can self-service from a curated set of optimised platforms from web desktops through to Kubernetes apps such as Jupyter notebooks. Those applications are accessed securely, with SSO, via the open-source Zenith application proxy. Self-service platforms provisioned via Azimuth can co-exist with large bare-metal batch clusters on the same OpenStack cloud, allowing users to pick the environments and tools that best suit their workflow.
Stig has a background in R&D working for various prominent technology companies, particularly in HPC and software-defined networking. Stig is now CTO for StackHPC, a consultancy specialising in the convergence of cloud, HPC and big data. Stig is also co-chair of the OpenStack Scientific... Read More →
We describe the construction, deployment, and ongoing use and development of Project Pythia’s persistent BinderHub (https://binder.projectpythia.org) platform on Jetstream2, using a community-tested OpenStack / Kubernetes workflow developed by Dr. Andrea Zonca at the San Diego Supercomputer Center and operated and maintained by Kevin Tyle of University at Albany-SUNY on behalf of Project Pythia. Project Pythia (https://projectpythia.org) is an open access educational initiative established with funding from the U.S. National Science Foundation. Its mission is to help students and scientists enhance their skills and adopt best practices using the tools and technologies of open science. As part of the Pangeo community, Project Pythia primarily focuses on the Pangeo stack, which includes cloud computing, Jupyter technologies, GitHub, and various software packages in the Scientific Python ecosystem, centered around Xarray. Project Pythia offers a wide range of open access content, such as datasets, software, tutorials, and annotated real-world workflows presented in the form of Jupyter Books. Following the presenters’ initial development efforts on Jetstream2 during summer 2022, in May 2023, Project Pythia was awarded a Discover ACCESS allocation that deployed a persistent and performant BinderHub instance to support our community educational Pythia Cookbook (https://cookbooks.projectpythia.org) initiative. This ongoing service ensures continuous open access to high quality, tested, and reproducible tutorial and training material for geoscientific workflows, while growing our user-contributor community. The BinderHub has also powered the following workshops and tutorials: Pythia Cookoff, June 2023, Boulder AMS Open Radar Short Course, August 2023, Minneapolis Scientific data workshop with Python and R - AtmosCol 2023, October 2023, Colombia AGU Python Visualization Workshop, Dec. 2023, San Francisco AMS Python Visualization Short Course, January 2024, Baltimore ARM Open Science Summer School, May 2024, Cleveland Pythia Cookoff, June 2024, Boulder At each event, our BinderHub seamlessly served all attendees, which typically ranged between 30 and 70.
A report from a research project that shows that it is possible to operate a digitally sovereign cloud with the help of OpenStack and other open source components. The question is briefly explored and shown what digital sovereignty actually means - and what it does not. The focus of this short presentation is on the infrastructure, knowing full well that this is not an all-encompassing solution for digital sovereignty because other components (e.g. front ends) are missing. The project team plans and implements the construction and operation of a sovereign, private cloud that serves as an edge cloud and in which the workloads in research and teaching are processed. The project team has been operating a private cloud under OpenStack since 2016. Since container workloads are and will be increasingly in demand, the decision was made to set up an additional instance of the reference implementation of the Sovereign Cloud Stack (SCS) in parallel to the existing OpenStack installation. The workloads are then transferred from the OpenStack installation to the Sovereign Cloud Stack.