Managing an information middle will also be tough and dear, and so there is a transparent want for high-performance, cost-efficient basic compute, networking, and garage answers. Red Hat, Senao Networks, and Intel have joined forces to carry you the Senao SX904 Next-Gen NetSec Accelerator that tackles those demanding situations in cutting edge tactics. Of direction this resolution integrates seamlessly with Red Hat’s complete endeavor platform choices, together with Red Hat Enterprise Linux (RHEL), Red Hat Device Edge and Red Hat OpenShift. In this text, we show how including the Senao SX904 Next-Gen NetSec Accelerator PCIe card to an OpenShift cluster allows scaling of sped up containerized workloads.

The Senao SX904 is largely an information middle server packaged in a PCIe shape issue constructed on Intel^® NetSec Accelerator Reference Design, as described within the SX904 datasheet. It’s powered via the Intel^® Xeon^® D processor (codenamed Ice Lake), dual-25G Intel^® Ethernet Controller E810 (codenamed Columbiaville), and MCIO for quad NVMe garage. Offering compute and safety {hardware} acceleration, the SX904 delivers the processing functions required via nowadays’s fashionable compute and garage extensive workloads.

Designed to take on quite a lot of use circumstances for basic compute, networking, and garage, the SX904 is qualified via Red Hat and to be had in the course of the Red Hat Ecosystem Catalog, so that you get complete enhance and long-term upkeep with RHEL 9.4+ and OpenShift 4.16+.

The advantages of Red Hat platform applied sciences and the Senao SX904 Next-Gen NetSec Accelerator

The SX904 addresses the demanding situations of bodily house barriers in scaling on-site knowledge facilities and decreases the desire for buying further rack servers. It integrates easily via merely plugging the cardboard in current servers that run on Red Hat device answers, including compute and garage nodes with out vital charge or complexity, thereby extending the lifetime of your current server property. This robust PCIe card supplies a solution to change into how compute sources are deployed within the conventional datacenter and in exterior edge compute places, due to:

• Total charge of possession: The previous adage that “more is better” is not at all times true in computing. Adding some other server in your cluster is not at all times the precise resolution, and the SX904 highlights this. Instead of making an investment in additional of what you have already got, including an SX904 card into an current server allows a formidable and independently controlled co-processor. The 10 Core SX904 has a price of roughly $2,300 (USD). A similar server platform with an identical compute capability (as an example, an Intel^® Xeon^® Silver 4309Y processor with 8 cores, 32 GB RDIMM, 480 GB SSD, and a Dual Port 10/25 GbE Network Adapter) retails for roughly $7,000 (USD)
• Greater potency to lend a hand decrease prices: A whole server method on a PCIe card mitigates the desire for pricey {hardware} overhauls or lengthy lead instances for more than a few elements
• A design primed for the pains of edge computing: The SX904 helps native knowledge processing, safety, AI Inferencing on the edge, and is helping programs to run easily, whether or not they’re in-house or third-party. Plus, with local compatibility for x86 structure, porting current programs to the SX904 is a breeze
• Powerful Intel structure: The SX904 is pushed via the Intel Xeon D processor. It can maintain compute-intensive duties and AI programs, whilst additionally leaning at the complicated AI instruction units of the processor cores to lend a hand get your operations waiting for clever workloads
• Smooth optimization for Red Hat Enterprise Linux and Red Hat OpenShift: With the SX904, it is simple to deploy hybrid cloud methods that construct at the global’s main endeavor Linux platform and the business’s main hybrid cloud software platform powered via Kubernetes

Making workload offloading much less of a load

By combining the Senao SX904 Next-Gen NetSec Accelerator and RHEL, you’ll migrate workloads that you simply have been working on x86 servers to the devoted Intel Xeon D processor at the PCIe card. With the SX904 taking the workload, you’ll higher optimize the functionality of and offload security-based programs, together with complicated firewall answers.

OpenShift and the SX904

You can deploy the SX904 as a bare-metal node in OpenShift to extra readily unharness the total attainable of your containerized workloads. This means that you can have the benefit of OpenShift’s software ecosystem, portability, effective useful resource usage, and automatic scaling. The SX904 with OpenShift supplies for prime availability with self-healing and rolling updates, whilst serving to to simplify microservices control and safety thru complicated isolation options. Backed via OpenShift’s powerful enhance and ecosystem, the SX904 supplies a streamlined, ready-to-go {hardware} resolution for deploying and managing fashionable programs at scale.

Provisioning Red Hat OpenShift at the host with SX904

With the SX904 put in as the only node Openshift (SNO) node, a couple of changes to the SX904 node are had to permit for connectivity between the host and the SX904. By default, there’s no community connection between the host and the SX904.

By including a Linux bridge between the backplane and exterior 25G interfaces as a Day-2 Operation at the SX904, the host stocks the similar Layer 2 community because the SX904. This lets in each the host and the SX904 to get entry to the Openshift management aircraft hosted at the SX904 as a part of SNO. This will also be finished via including the next community supervisor configuration thru gadget configuration:

Firstly we wish to outline the Linux bridge community supervisor connection as proven right here:

# cat br0.nmconnection
[connection]
identification=br0
uuid=86f88cbc-5fb5-458a-976c-c95ab33021b8
sort=bridge
autoconnect-priority=-100
autoconnect-retries=1
interface-name=br0
multi-connect=1

[ethernet]

[bridge]
stp=false

[ipv4]
manner=auto

[ipv6]
manner=auto

Then for each and every of the exterior and host-facing interfaces, we wish to outline the community supervisor connection that references the Linux bridge connection we created above. The following community supervisor connection is for the exterior interface.

# cat enp244s0f0.nmconnection
[connection]
identification=enp244s0f0
uuid=9671d7e8-354f-4977-a77a-3a36242d7d00
sort=ethernet
autoconnect-priority=-100
autoconnect-retries=1
controller=86f88cbc-5fb5-458a-976c-c95ab33021b8
interface-name=enp244s0f0
grasp=86f88cbc-5fb5-458a-976c-c95ab33021b8
multi-connect=1
port-type=bridge 
slave-type=bridge

[ethernet]
 
[bridge-port] 

The following is the community supervisor configuration for the host-facing community connection. The configuration is very similar to the exterior interface.

#cat enp244s0f2.nmconnection
[connection]
identification=enp244s0f2
uuid=f3c0f4ab-5a42-4ed1-9271-56046d7ffb2e
sort=ethernet
autoconnect-priority=-100
autoconnect-retries=1
controller=86f88cbc-5fb5-458a-976c-c95ab33021b8
interface-name=enp244s0f2
grasp=86f88cbc-5fb5-458a-976c-c95ab33021b8
multi-connect=1
port-type=bridge
slave-type=bridge

[ethernet]

[bridge-port]

These recordsdata will also be then encoded to base64 with the next command:

cat <interface_name>.nmconnection | base64

These base64 encoded values could be used to retailer the report contents for the OpenShift gadget configuration as proven underneath:

# cat 11-master-linux-bridge.yaml
apiVersion: machineconfiguration.openshift.io/v1
type: MachineConfig
metadata:
 labels:
   machineconfiguration.openshift.io/function: grasp
 call: 11-master-linux-bridge
spec:
 config:
   ignition:
     model: 3.2.0
   garage:
     recordsdata:
     - contents:
         supply: knowledge:;base64,W2Nvbm5lY3Rpb25dCmlkPWVucDI0NHMwZjAKdXVpZD05NjcxZDdlOC0zNTRmLTQ5NzctYTc3YS0zYTM2MjQyZDdkMDAKdHlwZT1ldGhlcm5ldAphdXRvY29ubmVjdC1wcmlvcml0eT0tMTAwCmF1dG9jb25uZWN0LXJldHJpZXM9MQpjb250cm9sbGVyPTg2Zjg4Y2JjLTVmYjUtNDU4YS05NzZjLWM5NWFiMzMwMjFiOAppbnRlcmZhY2UtbmFtZT1lbnAyNDRzMGYwCm1hc3Rlcj04NmY4OGNiYy01ZmI1LTQ1OGEtOTc2Yy1jOTVhYjMzMDIxYjgKbXVsdGktY29ubmVjdD0xCnBvcnQtdHlwZT1icmlkZ2UKc2xhdmUtdHlwZT1icmlkZ2UKCltldGhlcm5ldF0KClticmlkZ2UtcG9ydF0K
       trail: /and so forth/NetworkSupervisor/system-connections/enp244s0f0.nmconnection
       filesystem: root
       mode: 0600
     - contents:
         supply: knowledge:;base64,W2Nvbm5lY3Rpb25dCmlkPWVucDI0NHMwZjIKdXVpZD1mM2MwZjRhYi01YTQyLTRlZDEtOTI3MS01NjA0NmQ3ZmZiMmUKdHlwZT1ldGhlcm5ldAphdXRvY29ubmVjdC1wcmlvcml0eT0tMTAwCmF1dG9jb25uZWN0LXJldHJpZXM9MQpjb250cm9sbGVyPTg2Zjg4Y2JjLTVmYjUtNDU4YS05NzZjLWM5NWFiMzMwMjFiOAppbnRlcmZhY2UtbmFtZT1lbnAyNDRzMGYyCm1hc3Rlcj04NmY4OGNiYy01ZmI1LTQ1OGEtOTc2Yy1jOTVhYjMzMDIxYjgKbXVsdGktY29ubmVjdD0xCnBvcnQtdHlwZT1icmlkZ2UKc2xhdmUtdHlwZT1icmlkZ2UKCltldGhlcm5ldF0KClticmlkZ2UtcG9ydF0KCg==
       trail: /and so forth/NetworkSupervisor/system-connections/enp244s0f2.nmconnection
       filesystem: root
       mode: 0600
     - contents:
         supply: knowledge:;base64,W2Nvbm5lY3Rpb25dCmlkPWJyMAp1dWlkPTg2Zjg4Y2JjLTVmYjUtNDU4YS05NzZjLWM5NWFiMzMwMjFiOAp0eXBlPWJyaWRnZQphdXRvY29ubmVjdC1wcmlvcml0eT0tMTAwCmF1dG9jb25uZWN0LXJldHJpZXM9MQppbnRlcmZhY2UtbmFtZT1icjAKbXVsdGktY29ubmVjdD0xCgpbZXRoZXJuZXRdCgpbYnJpZGdlXQpzdHA9ZmFsc2UKCltpcHY0XQptZXRob2Q9YXV0bwoKW2lwdjZdCm1ldGhvZD1hdXRvCgo=
       trail: /and so forth/NetworkSupervisor/system-connections/br0.nmconnection
       filesystem: root
       mode: 0600

Lastly, follow the gadget configuration report to have the Linux bridge created at the SX904 (please be aware that the SX904 will reboot to use those adjustments):

# oc follow -f 11-master-linux-bridge.yaml                                                                                                                 
machineconfig.machineconfiguration.openshift.io/11-master-linux-bridge created

After the SX904 reboots with the Linux bridge created, the host will also be provisioned with any manner of including hosts with the Assisted Installer.

)

Scaling pods with SX904

After the host will get added to the cluster, programs are in a position to scale horizontally between the host and the SX904.

# oc get nodes
NAME        STATUS   ROLES                         AGE   VERSION
sx904       Ready    control-plane,grasp,employee   20d   v1.29.6+aba1e8d
host.server Ready    employee                        20d   v1.29.6+aba1e8d

For instance, a easy NGINX internet server will also be scaled throughout host and SX904 nodes:

# oc get pods
NAME                READY STATUS   IP           NODE
nginx-deploy-6f7d... 1/1  Running  10.129.0.98  host.server
nginx-deploy-6f7d... 1/1  Running  10.129.0.96  host.server
nginx-deploy-6f7d... 1/1  Running  10.129.0.97  host.server
nginx-deploy-6f7d... 1/1  Running  10.128.0.201 sx904
nginx-deploy-6f7d... 1/1  Running  10.128.0.200 sx904
nginx-deploy-6f7d... 1/1  Running  10.128.0.202 sx904

Accessing those NGINX pods displays that OpenShift load balances requests throughout pods working at the host or SX904:

# oc logs nginx-deployment-6f7d5c8f7f-jbgh6 | grep GET
100.64.0.2 - - [22/Aug/2024:18:23:22 +0000] "GET / HTTP/1.1" 200 615 "-" "curl/7.76.1" "-"
# oc logs nginx-deployment-6f7d5c8f7f-vd76h | grep GET
100.64.0.2 - - [22/Aug/2024:18:23:23 +0000] "GET / HTTP/1.1" 200 615 "-" "curl/7.76.1" "-"

This easy instance of scaling internet microservices is simply the top of the iceberg of what will also be finished for offloading workloads at the SX904.

Better streamline your datacenter with Senao SX904 and Red Hat

The Senao SX904 Next-Gen NetSec Accelerator includes a baseboard control controller (BMC) that leverages the DMTF Redfish usual, enabling computerized, extremely scalable deployments with minimum effort. Its powerful internet interface is built-in with the processor’s serial console thru iKVM, and gives simple debugging for a hassle-free enjoy.

With the SX904, robust provisioning is only a few clicks away. Administrators can extra simply set up RHEL and OpenShift installations thru user-friendly graphical internet interfaces and Redfish HTTP/REST APIs. The result’s a streamlined deployment procedure with higher reliability that empowers your datacenter to function at the next potency.

Whether you’re scaling workloads, compute offloading, or improving safety, the SX904 with Red Hat’s platform of hybrid cloud applied sciences empowers your knowledge middle to function extra successfully, extra easily and at scale.