Group line items on the invoice details page if there are more than 20

Ubicloud

Ubicloud is an open, free, and portable cloud. Think of it as an open alternative to cloud providers, like what Linux is to proprietary operating systems.

Ubicloud provides IaaS cloud features on bare metal providers, such as Hetzner, OVH, and AWS Bare Metal. You can set it up yourself on these providers or you can use our managed service. We're currently in public beta.

Quick start

Managed platform

You can use Ubicloud without installing anything. When you do this, we pass along the underlying provider's benefits to you, such as price or location.

https://console.ubicloud.com

Build your own cloud

You can also build your own cloud. To do this, start up Ubicloud's control plane and connect to its cloud console.

git clone [email protected]:ubicloud/ubicloud.git

# Generate secrets for demo
./demo/generate_env

# Run containers: db-migrator, app (web & respirate), postgresql
docker-compose -f demo/docker-compose.yml up

# Visit localhost:3000

The control plane is responsible for cloudifying bare metal Linux machines. The easiest way to build your own cloud is to lease instances from one of those providers. For example: https://www.hetzner.com/sb

Once you lease instance(s), run the following script for each instance to cloudify the instance. By default, the script cloudifies bare metal instances leased from Hetzner. After you cloudify your instances, you can provision and manage cloud resources on these machines.

# Enter hostname/IP and provider, and install SSH key as instructed by script
docker exec -it ubicloud-app ./demo/cloudify_server

Later when you create VMs, Ubicloud will assign them IPv6 addresses. If your ISP doesn't support IPv6, please use a VPN or tunnel broker such as Mullvad or Hurricane Electric's https://tunnelbroker.net/ to connect. Alternatively, you could lease IPv4 addresses from your provider and add them to your control plane.

Why use it

Public cloud providers like AWS, Azure, and Google Cloud have made life easier for start-ups and enterprises. But they are closed source, have you rent computers at a huge premium, and lock you in. Ubicloud offers an open alternative, reduces your costs, and returns control of your infrastructure back to you. All without sacrificing the cloud's convenience.

Today, AWS offers about two hundred cloud services. Ultimately, we will implement 10% of the cloud services that make up 80% of that consumption.

Example workloads and reasons to use Ubicloud today include:

You have an ephemeral workload like a CI/CD pipeline (we're integrating with GitHub Actions), or you'd like to run compute/memory heavy tests. Our managed cloud is ~3x cheaper than AWS, so you save on costs.
You want a portable and simple app deployment service like Kamal. We're moving Ubicloud's control plane from Heroku to Kamal; and we want to provide open and portable services for Kamal's dependencies in the process.
You have bare metal machines sitting somewhere. You'd like to build your own cloud for portability, security, or compliance reasons.

Status

Ubicloud is in public alpha. You can provide us your feedback, get help, or ask us to support your network environment in the Community Forum.

We follow an established architectural pattern in building public cloud services. A control plane manages a data plane, where the data plane leverages open source software. You can find our current cloud components / services below.

Elastic Compute: Our control plane communicates with Linux bare metal servers using SSH. We use Cloud Hypervisor as our virtual machine monitor (VMM); and each instance of the VMM is contained within Linux namespaces for further isolation / security.
Virtual Networking: We use IPsec tunneling to establish an encrypted and private network environment. We support IPv4 and IPv6 in a dual-stack setup and provide both public and private networking. For security, each customer’s VMs operate in their own networking namespace. Everything in virtual networking is layer 3 and up.
Block Storage, non replicated: We use Storage Performance Development Toolkit (SPDK) to provide virtualized block storage to VMs. SPDK enables us to add enterprise features such as snapshot and replication in the future. We follow security best practices and encrypt the data encryption key itself.
Attribute-Based Access Control (ABAC): With ABAC, you can define attributes, roles, and permissions for users and give them fine-grained access to resources. You can read more about our ABAC design here.
What's Next?: We're planning to work on the elastic load balancer or simple storage service next. If you have a workload that would benefit from a specific cloud service, please get in touch with us through our Community Forum.
Control plane: Manages data plane services and resources. This is a Ruby program that stores its data in Postgres. We use the Roda framework to serve HTTP requests and Sequel to access the database. We manage web authentication with Rodauth. We communicate with data plane servers using SSH, via the library net-ssh. For our tests, we use RSpec.
Cloud console: Server-side web app served by the Roda framework. For the visual design, we use Tailwind CSS with components from Tailwind UI. We also use jQuery for interactivity.

If you’d like to start hacking with Ubicloud, any method of obtaining Ruby and Postgres versions is acceptable. If you have no opinion on this, our development team uses asdf-vm as documented here in detail.

Greptile provides an AI/LLM that indexes Ubicloud's source code can answer questions about it.

FAQ

Do you have any experience with building this sort of thing?

Our founding team comes from Azure; and worked at Amazon and Heroku before that. We also have start-up experience. We were co-founders and founding team members at Citus Data, which got acquired by Microsoft.

How is this different than OpenStack?

We see three differences. First, Ubicloud is available as a managed service (vs boxed software). This way, you can get started in minutes rather than weeks. Since Ubicloud is designed for multi-tenancy, it comes with built-in features such as encryption at rest and in transit, virtual networking, secrets rotation, etc.

Second, we're initially targeting developers. This -we hope- will give us fast feedback cycles and enable us to have 6 key services in GA form in the next two years. OpenStack is still primarily used for 3 cloud services.

Last, we're designing for simplicity. With OpenStack, you pick between 10 hypervisors, 10 S3 implementations, and 5 block storage implementations. The software needs to work in a way where all of these implementations are compatible with each other. That leads to consultant-ware. We'll take a more opinionated approach with Ubicloud.

	# Waiting 404 Not Found response for get runner request
	begin
	github_client.get("/repos/#{github_runner.repository_name}/actions/runners/#{github_runner.runner_id}")
	github_client.delete("/repos/#{github_runner.repository_name}/actions/runners/#{github_runner.runner_id}")
	nap 5
	rescue Octokit::NotFound
	end

	# YYY: Should password secret and session secret be the same? Are
	# there rotation issues? See also:
	#
	# https://github.com/jeremyevans/rodauth/commit/6cbf61090a355a20ab92e3420d5e17ec702f3328
	# https://github.com/jeremyevans/rodauth/commit/d8568a325749c643c9a5c9d6d780e287f8c59c31

	# YYY: Hack to deal with the presentation currently being in
	# "vcpu" which has a pretty specific meaning being ambigious to
	# threads or actual cores.
	#
	# The presentation is currently helpful because our bare metal
	# sizes are quite small, supporting only 1, 2, 3 cores (reserving
	# one for ourselves) and 2, 4, 6 vcpu. So the product line is
	# ambiguous as to whether it's ordinal or descriptive (it's
	# descriptive). To convey the right thing in demonstration, use
	# vcpu counts. It would have been nice to have gotten bigger
	# hardware in time to avoid that and standardize on cores.
	#
	# As an aside, although we probably want to reserve a core an I/O
	# process of some kind (e.g. SPDK, reserving the entire memory
	# quota for it may be overkill.

	# YYY: various names in linux, like interface names, are obliged
	# to be short, so alas, probably can't reproduce entropy from
	# vm.id to be collision free and there will need to be a second
	# addressing scheme scoped to each VmHost. But for now, assume
	# entropy.

	# YYY: Use in-database jsonb prepend rather than re-rendering a
	# new value doing the prepend.
	fail Hop.new(old_prog, old_label,
	{prog: Strand.prog_verify(prog), label: label,
	stack: [new_frame] + strand.stack, retval: nil})

	# YYY: we should check against digests of each artifact, to detect and
	# report any unexpected content changes (e.g., supply chain attack).

	# YYY: Need to replace this with something that can handle
	# customer images. As-is, it does not have all the
	# synchronization features we might want if we were to keep this
	# code longer term, but, that's not the plan.

	# YYY: These are not enough capabilties, at least CAP_NET_RAW is
	# needed, as well as more for setgid
	# CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_NET_ADMIN
	# AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_NET_ADMIN

	# YYY: Do something about systemd escaping, i.e. research the
	# rules and write a routine for it. Banning suspicious strings
	# from VmPath is also a good idea.

	# YYY: Should make this static and saved by control plane, it's
	# not that hard to do, can spare licensed software users some
	# issues:
	# https://stackoverflow.com/questions/55686021/static-mac-addresses-for-ec2-instance
	# https://techcommunity.microsoft.com/t5/itops-talk-blog/understanding-static-mac-address-licensing-in-azure/ba-p/1386187
	#
	# Also necessary because Cloud Hypervisor, at time of writing,
	# does not offer robust PCIe slot mapping of devices. The MAC
	# address is the most effective stable identifier for the guest in
	# this case.

	# YYY: Hacked up to pretend Ampere Altras have hyperthreading
	# for demonstration on small metal instances.

ubicloud / ubicloud Goto Github PK

ubicloud's Introduction

Ubicloud

Quick start

Managed platform

Build your own cloud

Why use it

Status

FAQ

Do you have any experience with building this sort of thing?

How is this different than OpenStack?

ubicloud's People

Contributors

Stargazers

Watchers

Forkers

ubicloud's Issues

Additionally

Serial log

gdb

strace output

SPDK

VM's cpu, memory, and disk config

Why use Ubicloud?

What's wrong?

Things I have tried

Web

Clover

Rhizome

Tests

Recommend Projects

Recommend Topics

Recommend Org