Enabling Controlled Access to Physical Cloud Resources in a Bare Metal Cluster

The growing demand for computational resources in academic research environments has led to an increasing need for efficient sharing of high-performance computing infrastructure across multiple institutions. Traditional approaches to bare-metal resource access in academic settings rely heavily on manual coordination through email requests and ticketing systems, creating significant bottlenecks and limiting visibility into resource availability. These fragmented workflows result in suboptimal utilization of expensive hardware assets, inconsistent handover procedures, and lack of standardized audit trails that complicate accountability and cross-institutional collaboration. Current resource management solutions face several critical challenges in multi-institutional academic environments. Commercial cloud platforms, while offering sophisticated virtualized resource allocation, lack the governance models necessary for institutional autonomy and struggle with bare-metal management requirements common in research settings. High-Performance Computing schedulers excel at batch job management but are inadequate for calendar-based reservations and multi-site federation. Existing academic platforms like TensorHive demonstrate fundamental limitations including single-node focus, legacy technology stacks, and absence of multi-tenancy support required for federated research environments. This thesis presents a comprehensive cloud resource reservation system developed for the RESTART partnership, addressing these challenges through two independent but complementary solutions. The first system, Prognose, is a user-facing portal that enables researchers to discover availability and book physical resources including bare-metal servers, storage, and network ports across multiple sites while maintaining institutional autonomy. The second system provides on-demand GPU sharing through Kubernetes and KubeRay, creating isolated Ray clusters for GPU-intensive workloads with automatic resource reclamation upon job completion. The implemented architecture leverages modern web technologies including Spring Boot and React to create an intuitive multi-tenant platform with hierarchical role-based access control spanning Users, Site Administrators, and Global Administrators. The system employs an event-driven architecture and a webhook-based integration patterns to coordinate complex provisioning workflows across diverse institutional systems. A sophisticated hierarchical resource model enables automatic conflict resolution and dependency management through parent-child relationships between resources, while custom parameter systems allow institution-specific data collection during booking without modifying core schemas. The solution addresses the identified challenges through several key innovations. Self-service discovery and booking capabilities provide researchers with global visibility into resource calendars, capabilities, and constraints across consortium members. Site-scoped multi-tenancy ensures institutional data isolation while enabling selective resource sharing for collaborative projects. Integration with Metal3 and Kubernetes enables Infrastructure as Code practices for physical server management, bridging cloud-native technologies with traditional academic infrastructure. The webhook architecture provides language-agnostic extensibility, allowing institutions to implement custom provisioning logic without modifying core system components.