1) I am actually curious how IPA is deployed to the ramdisks. Any pointers?

2) The turn around time for provisioning is now dependent on download speed etc. When provisioning batches this could be a problem, right?

3)Did you use any kind of CDN (for image persistence) when dealing with provisioning in different availability zones?

4) Does IPA also implement SSL/Auth?

1) We boot a CoreOS image over PXE. IPA is built using Docker, exported as a filesystem, and runs in a linux container via systemd-nspawn. It can take config options via command line or kernel command line. The build system is here. [1]

2) It could, yes. Images are downloaded directly from Swift, and both the client and the server has 10gig links. We're also investigating multicast and bittorrent as alternatives for image distribution.

3) Not sure if you mean agent images or OS images... regardless, at Rackspace, each region runs as its own standalone cloud - so there shouldn't be any communication between data centers when provisioning. Does that answer your question?

4) We're working on implementing client certificate checking for communication between IPA and Ironic. The agents also live on an isolated VLAN that is only accessible by Ironic and Swift.

[1] https://github.com/openstack/ironic-python-agent/tree/master...

Of course you can also look at the code we used to implement it, which jroll linked above.

As a general principle we will add more form factors.

For your specific example hardware, that kind of specification could be achieved using the Open Compute Micro Servers / Server Card designs, instead of the full-on 2 processor windmill designs:

http://www.opencompute.org/assets/motherboardandserverdesign...

As you make smaller servers, things like HA-Networking become a higher portion of the cost too, so it might be more feasible if we dropped the 2x10g Bond and went to a single 10g port for example, would losing the HA networking but having those kinds of specs be interesting to you?