[frequent]

I'll also chip in. I'm working for Nexedi in France and we're probably one of Europe's largest open source publishers.

We're doing strictly FLOSS software and earn our living by (1) customizing solutions for industrial clients and (2) participating in R&D projects. Our main product is ERP5 (think open source SAP) - https://lab.nexedi.com/nexedi/erp5. Other solutions are built on top, such as SlapOS (ERP for cloud orchestration) - https://lab.nexedi.com/nexedi/slapos or Wendelin (ERP for big data)- https://lab.nexedi.com/nexedi/wendelin

We're recruiting mostly for our R&D projects, since it's a good way to familiarize yourself with our stack - https://stack.nexedi.com/

One project is https://www.osie-project.eu/ - building an open source/open hardware framework for industrial automation and robotics Another one is https://www.cython.plus/ - trying to port multi-core concurrent programming from Golang to Python. Third project about deploying SlapOS on swarms of drones has no site online yet as we just started.

We have also launched a hyper-open cloud provider, called https://www.rapid.space/ - hyper-open meaning open source, open hardware & open service. One other notable for Rapid.Space is the upcoming release of our openRRH project through the free software endowment fund we're working to establish - https://www.fdl-lef.org/

Albeit all of this, we're still only a small team of about 40 scattered across the globe. Our main offices are in Lille, Munich and Tokio. Our learning curve is quite steep, so pre-Covid it always helped to have new Nexedians start out in one of our offices or at least spent a few months with us. Depending on your topic and Covid, remote work is not a problem. Aside from this, we have a flat hierarchy and expect everyone to be able to work autonomously. If this is not your thing, you'll have a hard time here. We're also obviously opinionated about open-source, our stack is mostly Python and Javascript and we only use Chromebooks (with our own OS). We're free of VC-funding to keep our solutions free, the downside being that we don't have the marketing budget for flashy sites and large communities. C'est la vie as we say in France :)

If you're interested, our current offers are on https://nexedi.com/jobs , my mail is on my profile. Thanks!

[RaitoBezarius]

What does that mean to have an open hardware cloud when your CPUs looks like to be Intel hardware which AFAIK is not open ? Do you have RISC-V or any open ISA CPU servers? Is secure boot / TPM available with open implementations on your machines?

[frequent]

We distinguish between must vs should.

Open Service means we must be transparent about what suppliers, components and procedures are used to provide a cloud (or any other) service, so that anyone can use/study/copy/operate the service. Used components should be open-source on the other hand. We cannot guarantee them to be in order to provide the service.

Open Hardware is the same. It must be transparent regarding components being used, so bill of materials, PCB design files etc must be available so that anyone can rebuild a product. All components then should be open-source, but it cannot be guaranteed that they are.

When you instead insist on "must be open-source" you may end up without a solution or something very expensive or very slow for which there may be no market. Or you can make a competitive product, which must be transparent, can be replicated and should be open. Then invest over time to open-source the remaining non-open components. The openRRH project fits into this principle.

More info on https://www.fdl-lef.org/FDL-Hyper.Open.Initiative

[RaitoBezarius]

The question was more like, have you explored running servers with actual open hardware such as RISC-V CPUs, Alibaba seems to be putting out a non-toy RV64GC (https://conferences.computer.org/isca/pdfs/ISCA2020-4QlDegUf...), and I guess they will want to apply it for their clouds. At least, it is based on an open source ISA, that's closer to open hardware than Intel CPUs, AFAIK.

Also, it's unclear whether secure boot / TPM are available on your servers based on your website.

[frequent]

re Alibaba: We're aware of the Alibaba CPU and are following it. It is indeed very interesting. But we also visited one of the factories where their servers are produced. Everything is secret and there seems to be no open-source culture, so we don't have much hope. We tried working with OpenPower servers, but when testing with real workloads, they were ~4x slower than x86 or ARM.

re Secure Boot: We use secure boot / TPM only in Capri servers and it causes of lot of work with suppliers. We are working on a drakut uefi boot with secure boot and are slowly sloving BIOS issues. Linuxboot bios is used on some servers, but it's not maintained and no secure boot, plus the information from Intel to maintain linuxboot is secret with NDA. In general, securing the boot process requires hopping piggyback on larger companies with the same issues and the bargaining power to speak with AMD or Intel, because NDAs are a dead end and without bargaining power, your mileage is short.

If you're interested to discuss in more detail, send me an email and I'll connect you with my boss who knows a lot more.