What Is Lab-as-a-Service?
Lab as a Service is a project to serve the OPNFV and LFN communities by hosting resources for development and testing of LFN projects. Many of the LFN projects require much more hardware to run than what is available on a developer's laptop.
To solve this problem, Lab as a Service allows users to request access to hardware resources (i.e. powerful servers). We host a web dashboard at https://labs.lfnetworking.org for users to interact with. On the backend, we listen to the dashboard and provision the requested resources and provide access to them. The whole process is automated and does not require any manual intervention. This means that users can get access to hardware much faster and the lab that hosts the hardware does not have to waste labor to manually configure hardware.
It is important to note the separation between the "front-end" dashboard and the "back-end" hardware provisioning system. Multiple labs may host hardware and use the lab provisioning software to connect to the one shared dashboard.
The new release of Lab as a Service (LaaS) offers some big new features:
Now you can reserve and use multiple servers together in one booking.
Users can define how they want their multiple machines to be networked. We provide a fully configurable Layer 2 network between machines in a booking.
If you want to share a booking with team members, the dashboard will handle sharing access and creating multiple accounts for you.
The new dashboard makes it possible for multiple labs to participate and host servers for LaaS.
We will allow users to take a snapshot of one of their currently booked machines. This snapshot can be applied to another machine in a new booking to save time setting up a development / testing environment, etc.
We have automated virtual deployments of OPNFV so that users can be delivered an already deployed and running OPNFV environment.
LaaS 2.0 moves away from the old "book a single server" model and allows users to define and book a "POD". A user's pod can contain multiple servers, and the user can define how the machines will be networked together. This opens up the possibility of running OPNFV/ONAP on a baremetal environment provided on demand by Lab as a Service.
How to Book a Resource:
Note: Reserving multiple servers at once is only available to Project Team Leaders (PTLs) of approved projects.
If you do not need a multi-server resource, there is an easy one-page form for requesting access to a single server with an optional OPNFV virtual deployment.
There are 3 steps in booking a multi-server resource with LaaS:
- Define your resource / pod
- Configure your resource / pod
- Create a booking using your resource / pod
Defining Your Resource
When defining what your resource will be, you first must select which lab you want your booking to be at. This will determine what resources are available to you. Each lab will host different kinds of machines with different capabilities. You can mix and match different machines to satisfy your requirements.
Finally, you can define the networking for your pod. Every pod automatically comes with a public network that allows you to access the machines in your pod and allows your machines to reach the internet. Beyond that, you may add private networks to your pod which will utilize different vlans. Please note that if you do not connect a machine to any networks, you will not be able to reach it (because it is not connected to any network!).
Configuring Your Resource
Once you have a template for a hardware pod, you need to tell your lab how to configure it. You can select which operating system to have installed on each of your machines. This is also where you will configure your OPNFV deployment when that feature becomes publicly available.
Create Your Booking
To create a booking, you simply need to select which of your pods and pod configurations you want. You can select the length of your booking, up to a maximum of 3 weeks. You can also add "collaborators" to your booking. They will receive their own vpn + ssh access information to make it easy to share resources with the people you work with.
How To Access a Booked Resource
Once you have created a booking on the dashboard, you can access information about the booking at Account > My Bookings > Details. This page will display to you messages sent from the lab that is providing your booked resource.
Notes on using resources at the UNH-IOL:
- If the ip address given to you is not reachable, the DHCP address of the host may have changed. You may also reach your hosts with DNS.
- You may try to access your machine using its hostname, rather than IP
- You may have to add our DNS server manually, as some VPN clients do not support setting this automatically. Our DNS server is at 10.64.0.1 (same as the VPN server)
- We provide access to your machines through ssh keys. You must have ssh keys in the dashboard to be able to connect to your servers.
- Your ssh key will work for the `opnfv` user, who has passwordless sudo privileges.
Acceptable Usage Policy
The Lab as a Service (LaaS) Acceptable Usage Policy (AUP) defines what is acceptable and not acceptable in the LaaS community labs. These lab environments are sponsored by the Linux Foundation, hosted by the UNH-IOL (https://www.iol.unh.edu) and made available to LFN community members for purposes of developing features, testing deployments and delivering releases for LFN projects.
LaaS resources are controlled and scheduled through the Pharos LaaS Dashboard This system provides all user access, displays status of available resources, and allows requesting access to resources. Users may not schedule resources in excess of what the dashboard permits.
All dashboard users must have approved Linux Foundation / controlled credentials. Control / approval / granting of those credentials is outside the scope of this policy.
Hardware resources are only to be used for their assigned purpose. Lab users should be contributors to an approved LFN project and be working on tasks that are for planned project deliverables.
The maximum length of time a user may book a resource is defined to be three weeks.
Users may not "host" or "assign" hardware resources to other projects or individuals without the approval of the UNH-IOL or Linux Foundation.
Hardware resources that are not being actively used may be reallocated to another project or user.
No data, software, or intellectual property that is not freely available to the community may be downloaded or stored in/on the LaaS resource.
Users are responsible for obtaining, monitoring and renewing any software licences required. No software may be downloaded or used in the lab without required licences.
The UNH-IOL and Linux Foundation reserve the right to audit software and lab usage without notice and remove access of users who are not following this AUP.
Users access to LaaS resources is provided through an openvpn connection.
The IOL provides VPN access to the LaaS resources on a per-booking basis. Users may not share their VPN credentials with others. Sharing of VPN credentials will result in permanent loss of access to the LaaS resources.
VPN access is created automatically on the start date of a booked resource and terminated automatically at the conclusion of the booking.
Available bandwidth is limited and shared across all lab users.
Downloading excessively large files can interfere with other users therefore as a courtesy the lab admin should be informed if users intend to download very large files or consume substantial bandwidth for any duration.
Remote Console Access
Access to the remote console access and ipmi power management will be given out on a per-booking basis.
Causing or intending to cause any damage or configuration change to the BIOS of the hosted machines will result in permanent loss of access to the LaaS resources.
Console and power management rights may be changed or removed at the Linux Foundation or UNH-IOL’s discretion.
Support is provided during normal business hours (assuming the USA East Coast time zone.) Support outside of those hours is provided on a best effort basis only.
Support requests might take up to 24 business hours to be completed, depending on the request.
For support, please contact firstname.lastname@example.org.
Any violation of this Acceptable Usage Policy may result in loss of VPN access and usage of the LaaS resources.