[edge] Zero Touch Provisioning

Curtis serverascode at gmail.com
Thu Dec 20 14:33:12 UTC 2018


On Thu, Dec 20, 2018 at 9:01 AM Jay Pipes <jaypipes at gmail.com> wrote:

> On 12/20/2018 08:47 AM, Curtis wrote:
> > On Thu, Dec 20, 2018 at 8:09 AM Jay Pipes <jaypipes at gmail.com
> > <mailto:jaypipes at gmail.com>> wrote:
> >
> >     On 12/20/2018 07:12 AM, Curtis wrote:
> >      > Hi,
> >      >
> >      > I've been looking through the docs I can find related to the edge
> >      > working group, and I'm wondering if there has been any
> >      > discussion/documentation of a Zero Touch Provisioning use case. I
> >     can't
> >      > seem to find anything, but I may not be looking in the right
> >     place. Just
> >      > wanted to double check and see what the current state is, if any.
> >
> >     I take it that by "zero touch *provisioning*" (emphasis added to
> >     differentiate from zero *configuration* networking, you are
> >     referring to
> >     the ability for a new server to be rack-and-stacked in a site,
> powered
> >     on, and immediately register itself with either a local inventory
> >     management system or a remote one?
> >
> > In this case, yes that is what I'm talking about, just the provisioning
> > aspect, and mostly related to the "edge" which in my case I usually
> > consider to be one or two physical servers (but that's just one use
> case).
> >
> > I'm a relatively new member of the StarlingX TSC and there is some
> > discussion about deployment models, of which ZTP would presumably be a
> > part, so I wanted to check in with the edge working group to see what's
> > been going on in that area if anything.
>
> I'm not involved in StarlingX so can't speak to that area.
>
> >     In either case, the issue I foresee is that the firmware (or initial
> >     boot/ramdisk that comes from the factory or supply chain team) will
> >     need
> >     to have some program installed in it that sends out a request looking
> >     for some known/assumed inventory management service [1]. The thing
> that
> >     *responds* to such a request would, of course, need to be already
> >     installed and available either on a switch or a pre-installed machine
> >     pingable on the out-of-band network and already configured by the
> team
> >     that handles hardware inventory.
> >
> >     I can see some vendors working on their own custom low-touch
> >     provisioning software -- and this software would likely end up
> >     depending
> >     on their own proprietary (or subscription-based) server software ala
> >     Red
> >     Hat's Satellite software [2]). But getting all the vendors to come
> >     together on a unified low-touch provisioning system? Chances are
> pretty
> >     slim, IMHO.
> >
> > Well, perhaps ONIE [1] is the best example. Switches that can run
> > multiple network OSes have pretty much standardized on it. But I don't
> > know if ONIE is the right example here, though it very well might be.
>
> ONIE looks interesting, thanks for the link. It does seem to be specific
> to network switches, though, not general compute hardware (or servers
> that need large root disks and partitioning). It seems to be kind of a
> custom TFTP server for network devices?
>
> Is ONIE something you're saying would be a solution for inventory
> management? Because I don't really see anything in there (or the scope
> of ONIE) about that...
>

No, it doesn't do inventory management. It's like a small base OS for
network switches, they come with it, boot up into it, and you can use it to
install other OSes. At least that's how it's used with the whitebox
switches I have. With ONIE it'd install the OS, then the initial OS could
register with some kind of inventory system.

Thanks,
Curtis


>
> Best,
> -jay
>
> >     Still, it's an interesting problem domain and I'd be interested in
> >     sharing thoughts and discussing it with others. Here at
> >     "Yahoo!/Oath/Verizon Media Group/Whatever we'll be called next
> >     month" we
> >     have custom software (and a bit of custom hardware!) that handles
> base
> >     hardware provisioning and I'm definitely interested in seeing if
> other
> >     shops that handle hundreds of thousands of baremetal machines are
> >     looking to collaborate in this area ("edge" or otherwise!).
> >
> >     Best,
> >     -jay
> >
> >     [1] this could be done via some custom DHCPDISCOVER/DHCPREQUEST bits
> I
> >     suppose -- which would require a DHCP client in the
> >     firmware/bootdisk --
> >     but more likely would depend on the IPMI/BMC system in use for the
> >     hardware. As soon as IPMI/BMC comes into play, the extreme
> differences
> >     in OEM vendor support will rule out a generic workable solution here
> as
> >     many in the Ironic community will likely attest to [3]. If you can
> rely
> >     on a homogeneous set of hardware at edge sites, you might be able to
> >     put
> >     something together that just suits your company's need, however.
> >
> >     [2] https://www.redhat.com/en/technologies/management/satellite
> >
> >     [3] https://github.com/openstack/ironic/tree/master/ironic/drivers
> >
> >
> > [1]: https://opencomputeproject.github.io/onie/
> >
> > --
> > Blog: serverascode.com <http://serverascode.com>
>


-- 
Blog: serverascode.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20181220/8c469f64/attachment-0001.html>


More information about the openstack-discuss mailing list