I had originally wanted to deploy full server sized KVM instances and rent VPS' that way, but it was brought to my attention that a certain market segment which I'm targeting- tech startups, who are testing apps on these rentals, are unable to get reliable metrics because of the software between their app & the hardware. So I've shifted gears to offering dedicated servers instead, to remove that layer of interference.
Couldn't I re-flash the BIOS between each tenant to be sure there isn't any problem with it? -----Original Message----- From: Robert Collins [mailto:robe...@robertcollins.net] Sent: Sunday, May 26, 2013 4:56 PM To: ch...@christopherbartels.com Cc: openstack@lists.launchpad.net Subject: Re: [Openstack] Using openstack to manage dedicated servers in a service provider setting On 27 May 2013 07:01, Chris Bartels <ch...@christopherbartels.com> wrote: > Hi, > > > > I'm working on a startup that aims to rent dedicated servers to tech > startups, and I would like to use OpenStack to manage the servers I > rent out. > > > > I saw on the OpenStack Foundation YouTube channel there was a video > there about using OpenStack to manage bare metal, but the presenter in > the video had such a strong accent that I couldn't understand anything > they were saying & didn't learn a thing from the video. Which video in particular ? There are a number of groups who have been taped presenting on bare metal things. I'm part of a team working on using OpenStack [baremetal] to deploy OpenStack [virtual]. So I'm happy to answer any questions. http://www.openstack.org/summit/portland-2013/session-videos/presentation/pr ovisioning-bare-metal-with-openstack is a good video on the baremetal layer, which is what will interest you I think. That said, there are huge security issues with repurposing baremetal from one tenant to another: in the absence of UEFI secure boot it is possible for the prior tenant to inject hostile boot-time firmware into physical devices that have software flashable EEPROMS. Currently in OpenStack we have no mitigation for this at all: so I would very strongly advise against using OpenStack baremetal to provide dedicated machines. What I suggest you do instead is provide KVM instances where the KVM flavor size exactly matches the physical machines - so youre tenants have the full capacity of the machine, and only the [low] overhead of the KVM layer. This has a -much- better security story. You could use TripleO - OpenStack on OpenStack - to manage this setup. -Rob -- Robert Collins <rbtcoll...@hp.com> Distinguished Technologist HP Cloud Services _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
