Red Hat and Intel are collaborating on a joint solution that more seamlessly integrates Intel® IPU with Red Hat OpenShift, propelling cloud and edge computing into a new era of performance and scalability.
The solution brings together Intel’s latest leading programmable network device, the Intel® Infrastructure Processing Unit (Intel® IPU) E2000 Series with Red Hat OpenShift. This solution, shown in the following diagram, is designed for performance at scale under real world workloads and opens up a wide array of use cases through the ability to flexibly service chain network functions at the edge.
Integrating network function chaining on the Intel® IPU and orchestrating it with business logic running on OpenShift worker nodes can help conserve energy through optimized resource utilization, enhanced efficiency, reduced overall power consumption, and industry-leading security practices.
OpenShift offers the industry’s leading hybrid cloud application platform powered by Kubernetes, enhancing security across infrastructure. Its capabilities enable integration of security into applications, automated policies for container deployment security, and enhanced protection of the container runtime. This presents systems security as a top priority while maximizing performance and efficiency.
Challenges that exist with traditional infrastructure solutions
As network speeds continue advancing towards 100Gb Ethernet and beyond, and the complexity of supporting and managing new network infrastructure use cases at the edge grows in parallel, it places significant additional demands on components like standard Network Interface Cards (NICs) that were not designed for supporting this increased network complexity at these data rates.
Traditional monolithic applications constructed in virtual machines also do not translate well to how modern microservices are developed independently using containers. The level of agility required to rapidly deploy new edge capabilities on an on-demand basis is difficult with rigid legacy architectures.
Finally, delivering advanced network functions like compression, encryption/decryption, traffic filtering and firewalling at the network edge with greater security imposes new demands that strain traditional shared-resource server models, as they were not designed with strong isolation between edge services and infrastructure processing.
To address these challenges, service providers and enterprises are investing heavily in data center modernization to deliver more efficient compute for cloud native applications and microservices at the edge. The applications delivering these services must have access to high-speed networking infrastructure with a strong security footprint and low latency storage.
Network infrastructure based on the Intel® IPU is optimized for these emerging edge use cases whose potential can be fully realized through interfacing to OpenShift worker nodes to truly deliver innovative real-time applications.
Traditional SmartNICs can accelerate some infrastructure tasks like packet processing through static or semi-programmable logic to offload work from server CPUs. The IPU goes far beyond this by integrating both programmable hardware acceleration and a highly efficient multi-core CPU to enable full offloading and distributed processing of the entire software stack. Infrastructure services such as virtual switching, security, and storage that consume a significant number of CPU cycles can be offloaded to the IPU, freeing up CPU cores for improved application performance.
By leveraging the capabilities of OpenShift, the Intel® IPU-based solution maximizes performance, scalability, efficiency and provides a layered approach to container and Kubernetes security across your network infrastructure.
In parallel to the technical benefits, the key to unlocking this potential lies also in openness and scalability. To that end, Intel and Red Hat are building an open, standards-based solution that is fully Open Programmable Infrastructure (OPI) compliant.
Simplifying infrastructure provisioning
The ease of use associated with provisioning and managing OpenShift is well documented and understood in the industry.
This solution extends the ease of provisioning and management to the IPU through the integration of the Redfish standard from DMTF into the IPU’s Integrated Management Complex (IMC). Integrated with the Intel® IPU Software Development Kit (Intel® IPU SDK), which now comes equipped with Redfish support, administrators can seamlessly perform out-of-band provisioning tasks.
Redfish enables administrators to interact with the IPU through standard web services, such as HTTP and REST APIs. The provided HTTP provisioning interface greatly simplifies the Red Hat Enterprise Linux install process, with clients only needing to know the URI path to access this resource.
Ease of use and manageability
Red Hat provides a comprehensive set of tools to help you manage your newly deployed solution. With Red Hat Enterprise Linux (RHEL) seamlessly running on the IPU, you gain access to all the normal Red Hat manageability tools for free. The IPU is treated just like any other server and can be managed effortlessly using the same familiar tools as any other component in your infrastructure.
The single pane of glass interface provided to all Red Hat subscribers, known as the Red Hat Portal, streamlines management tasks, offering a unified experience for overseeing your entire infrastructure.
The Red Hat Portal is a web-based interface that provides a centralized location for managing Red Hat subscriptions, accessing Red Hat tools and services, and monitoring infrastructure. It allows users to more easily manage their Red Hat environments, including deploying and managing RHEL, Red Hat OpenShift, and other Red Hat solutions.
Red Hat provides security updates for its products through the Red Hat Security Advisories and alerts. These updates are available on the Red Hat Customer Portal and include information on vulnerabilities, patches, and workarounds. This ecosystem helps keep your solution up-to-date with the latest security fixes and empowers you to take steps to protect your system from potential security threats.
In addition, the OpenShift web console provides a graphical user interface to visualize your project data and perform administrative, management, and troubleshooting tasks. The web console is designed to be user-friendly and intuitive, and it provides a wide range of features and capabilities for managing your workloads.
Chaining network functions
Network Function Chaining, also known as Service Function Chaining (SFC), is a technique used in software-defined networking (SDN) that creates a chain of connected network services.
The solution developed by Intel and Red Hat enables the deployment of these network functions on the IPU at the edge where latency, bandwidth and resource constraints are critical. Offloading the chaining of network functions on the IPU is facilitated through its P4-programmable packet processing engine, freeing up valuable CPU resources on the OpenShift worker nodes which can result in decreased capital expenditure (CAPEX) and operational expenditure (OPEX).
The robust security boundary established between the OpenShift worker nodes and the IPU empowers infrastructure administrators with full autonomy to enforce network functionality transparently. This provides confidence that critical network operations cannot be tampered with or disabled from the host side, providing an added layer of protection and reliability.
OpenShift worker nodes can focus on delivering the business logic workflows. Resource intensive packet processing workflows can be executed on the IPU and network functions like firewalls, packet filtering and compression can be chained to deliver complex services with the added benefit of enhanced efficiency and reduced overall power consumption.
Summary
The collaboration between Red Hat and Intel represents a significant leap forward in edge computing. By combining the power of the Intel® IPU with Red Hat's OpenShift platform, organizations can be poised to achieve unparalleled performance, scalability, flexibility, and robust security.
Red Hat and Intel’s joint solution allows you to embrace the future of edge computing, trusting in the knowledge that your infrastructure is not only high-performing and capable of supporting key revenue-generating use cases, but also that it is more securely positioned from end-to-end.
关于作者
Balazs Nemeth, Ph.D joined Red Hat in 2020. As a Principal Software Engineer, he is a tech lead of the Network Hardware Enablement (NHE) team aiming to enable SmartNICs and Data Processing Units (DPU) in OpenShift. In addition, he is involved with the Open Programmable Infrastructure (OPI) Project.
Kevin Quinn is a Senior Technical Writer in Red Hat's Content Services Group specializing in telco and edge. He has over 2 decades experience as a technical trainer, support engineer and technical writer on products in the telco space. Kevin resides in Northern Ireland with his family and when not working can be found on the golf course, hill walking and simply enjoying the beautiful scenery of Ireland.
Rashid Khan is a seasoned technology leader with over 25 years of engineering expertise, currently serving as the Senior Director of Core Platforms at Red Hat. In this role, he oversees the development and strategic direction of networking technologies, focusing on innovation in cloud and bare metal networking. His work extends to significant contributions in hardware enablement for the edge, cloud and AI. Rashid is also actively involved in the open source communities, holding esteemed positions such as Chairman of the Board of Governors at DPDK (Data Plane Development Kit) under the Linux Foundation. Furthermore, he is a member of the Board of Governors at OPI (Open Platform Initiative) within the Linux Foundation, where he plays a pivotal role in shaping the future of open source technologies and their applications across various industries. Rashid's commitment to advancing technology and fostering a collaborative ecosystem reflect his deep dedication to both innovation and community building.
Abdul has worked with Network Plumbing Working Group (NPWG) for enabling Kubernetes high-performance networking with SR-IOV technologies for comms and telco workloads transitioning to cloud-native deployment. Currently he is focused on enabling Intel Infrastructure Processing Unit (IPU) to offload Kubernetes networking dataplane.
Mike Lynch has over 2 decades experience supporting and leading the development of networking products across cloud, enterprise and telco market segments worldwide with focus on next-generation infrastructure networking and software optimizations. Mike resides in Ireland with his family and spends his spare time enjoying hiking and golfing on the west coast of the country.
产品
工具
试用购买与出售
沟通
关于红帽
我们是世界领先的企业开源解决方案供应商,提供包括 Linux、云、容器和 Kubernetes。我们致力于提供经过安全强化的解决方案,从核心数据中心到网络边缘,让企业能够更轻松地跨平台和环境运营。