tfgrid/docs_tfgrid4_tech
11
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

refactor

Browse Source
This commit is contained in:
despiegk
2025-01-20 09:26:33 +01:00
parent 18c5403fa2
commit fd9c86c743
207 changed files with 46 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/main/key_innovations_overview/compute/_category_.json Normal file
View File

@@ -0,0 +1,7 @@
{
"label": "Compute",
"position": 5,
"link": {
"type": "generated-index",
}
}

38
docs/main/key_innovations_overview/compute/cloud.md Normal file
View File

@@ -0,0 +1,38 @@
---
title: Geo-Aware Cloud
sidebar_position: 3
---
## Zero OS as a generator for Compute, Storage, Network capacity
### Compute (uses CU)
- ZKube
- kubernetes deployment
- Zero VM
- the container or virtual machine running inside ZOS
- CoreX
- process manager (optional), can be used to get remote access to your zero_vm
A 3Node is a Zero-OS enabled computer which is hosted with any of the Cloud Providers.
### There are 4 storage mechanisms which can be used to store your data:
- ZOS FS
- is our dedupe unique filesystem, replaces docker images.
- ZOS Mount
- is a mounted disk location on SSD, this can be used as faster storage location.
- Quantum Safe Filesystem
- this is a super unique storage system, data can never be lost or corrupted. Please be reminded that this storage layer is only meant to be used for secondary storage applications.
- ZOS Disk
- a virtual disk technology, only for TFTech OEM partners.
### There are 4 ways how networks can be connected to a Z-Machine.
- Mycelium = Planetary network
- is a planetary scalable network, we have clients for windows, osx, android and iphone.
- ZOS NIC
- connection to a public ipaddress
- WEB GW
- web gateway, a secure way to allow internet traffic reach your secure Z-Machine.

22
docs/main/key_innovations_overview/compute/compute_compare.md Normal file
View File

@@ -0,0 +1,22 @@
---
title: 'Compare'
sidebar_position: 30
description: The computer layer compared.
---
| | Zos Compute Layer Benefits | Default |
|----------------|--------------------------------------------------------------------------------|------------------------------------------------------------------|
| Management | Full P2P, done by 3bot Agents, blockchain IT contract | Centralized e.g. Kubernetes, ... |
| OS Deploy | Stateless, there are no files copied on local HDD/SSD. | Deploy image or execute installer on a physical server |
| OS Upgrade | Seamless, rolling upgrades, 100% modular and pre-deterministic, decentralized | Difficult and error prone + vulnerable from security perspective |
| Tamperproof | If file gets modified Zero-OS will not boot the file. | No, man in middle is possible. |
| Scalability | To the world | Expensive and depending on lots of capital |
| Security | A lot of effort went into the capability to deploy for high security usecases. | Very hard to deploy securely, and expensive |
| Green | For certain workloads we can safe upto 10x on power usage | Super power hungry. |
| Liquid Cooling | Easy to do because of autonomous behavior no need to replace HW. | Hard to do, how to do maintenance. |
| Sovereign | Yes | Mostly not. |
| Complexity | Anyone can do it, we made it to allow everyone to be a provider. | Real experts needed. |
> We do not compare our system with those that claim to be full cloud solutions but merely deploy containers using other management systems and optionally connect to a blockchain for billing purposes. Nor do we compare with marketplace systems that simply act as frontends for other systems. We believe these systems, while visually impressive, lack substantial technological foundations and cannot serve as a fundamental base layer for others.

14
docs/main/key_innovations_overview/compute/for_everyone.md Normal file
View File

@@ -0,0 +1,14 @@
---
title: 'For Everyone'
sidebar_position: 2
description: 'Everyone can build on top of the ThreeFold new internet'
# hide_title: true
---
## Zero-OS is easy to dploy
![](img/zos_simple.png)
## Everyone Can Build
![](img/for_everyone.png)

BIN
docs/main/key_innovations_overview/compute/img/deterministic.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 70 KiB

BIN
docs/main/key_innovations_overview/compute/img/for_everyone.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 233 KiB

BIN
docs/main/key_innovations_overview/compute/img/smart_contract_it.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 142 KiB

BIN
docs/main/key_innovations_overview/compute/img/superhub.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 481 KiB

BIN
docs/main/key_innovations_overview/compute/img/zos_intro.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 134 KiB

BIN
docs/main/key_innovations_overview/compute/img/zos_simple.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 307 KiB

16
docs/main/key_innovations_overview/compute/super_hub.md Normal file
View File

@@ -0,0 +1,16 @@
---
title: 'Super HUB'
sidebar_position: 20
description: 'Ultra scalable architecture.'
hide_title: true
---
## Superhub Architecture
![](img/superhub.png)

50
docs/main/key_innovations_overview/compute/zero_deploy_inno.md Normal file
View File

@@ -0,0 +1,50 @@
---
title: Deterministic Deploy
sidebar_position: 5
hide_title: true
---
# Deterministic Deployment
![](img/deterministic.png)
The concept of Zero-Deploy is a key component of the **Smart Contract for IT** framework, which can be applied to any type of workload—whether it's containers, virtual machines (VMs), network gateways, volumes, Kubernetes resources, or other network elements. This framework serves as a formal agreement between a farmer (provider) and a user regarding the deployment of an IT workload.
### Process
1. **Build Your Code**
2.
Develop and prepare your application (AI agents, web 2, web 3) code.
3. **Convert to Zero-Image**
Use a CI/CD solution to convert your Docker build (or other format) into a Zero-Image format. The 3Bot will do this on behalf of the user in the future.
4. **Define the Workload**
Specify all the details of your workload, including network bridges, web gateways, required machines, and more.
5. **Register and Sign**
Register the workload and sign it with your private key.
6. **Automatic Detection**
All necessary Zero-OS nodes (our infrastructure) will detect that a new workload needs to be deployed.
7. **Deployment Process**
The nodes will pull down the formal workload descriptions and initiate the deployment process.
8. **Validation**
Every step of the deployment is verified by Zero-OS (ZOS) to ensure that the intended result is accurately replicated. If any discrepancies are detected, ZOS will halt the deployment and provide an error message.
### Benefits
- **Deterministic Deployment**: There is no dynamic behavior during deployment at runtime, ensuring a consistent and predictable outcome.
- **Strict Compliance**: No process can start unless all files and configurations are fully described at the flist level.

40
docs/main/key_innovations_overview/compute/zero_image_inno.md Normal file
View File

@@ -0,0 +1,40 @@
---
title: Zero-Images
sidebar_position: 3
---
![](../../img/zos_images.jpg)
### The Problem
The current method of deploying workloads in the cloud using Docker containers and virtual machine images has inherent issues. These images consume significant storage space, result in slow and bandwidth-intensive transfers to the internet's edge, drive up costs, introduce complexity, and pose security risks due to difficulties in tracking their contents over time.
For instance, a complete Ubuntu image can easily be 2 GB in size, comprising millions of files. In contrast, the Flist (metadata for Zero-Image) for a full Ubuntu image is less than 2 MB (1000 times smaller). Based on this flist only the required files will be dowbloaded which can easily be 10x less compared to the original image size. These downloaded files (or subparts of files) are identified by a fingerprint (hash) and will only boot once authenticity can be verified.
### Process
- Zero-OS or the Zero-Image Command Line (works on linux) gets informed to provision a virtual filesystem based on a Zero-Image URL.
- The Zero-Image Metadata is stored on e.g. an S3 Server or our Zero-Hub.
### Introducing Flist
A new image format that separates the image data (comprising files and subfile parts) from the metadata describing the image structure.
An Flist's format uniquely encompasses comprehensive file descriptions along with all relevant metadata such as size, modification and creation timestamps, and POSIX attributes. Additionally, it incorporates a fingerprint for each component, ensuring deterministic behavior—a crucial feature for security focused use cases.
Flists provide the flexibility to manage metadata and data as separate entities, offering a versatile approach to handling various build and delivery scenarios.
### The Benefits
- **Rapid deployment:** Zero-OS enables containers and virtual machines to launch up to 100 times faster, especially in decentralized scenarios.
- **Enhanced security:** Zero-OS prevents tampering with images, ensuring higher security levels.
- **Reduced storage and bandwidth:** Zero-OS significantly reduces storage and bandwidth requirements, potentially achieving up to a 100-fold improvement.
- **Deterministic deployments:** engineers can precisely define deployments beforehand, ensuring predictable outcomes without changes during deployment.
- **100% compatible:** with existing standards, docker and virtual machines. The same format is useful for VM's as well as any container technology.
### Status
Usable for years, see Zero-OS.

32
docs/main/key_innovations_overview/compute/zero_install_inno.md Normal file
View File

@@ -0,0 +1,32 @@
---
title: Zero-Install
sidebar_position: 4
---
![](../../img/boot.png)
The Zero-OS is delivered to the 3Nodes over the internet network (network boot) and does not need to be installed.
### 3Node Install
1. Deploy a computer
2. Configure a farm on the TFGrid explorer
3. Download the bootloader and put on a USB stick or configure a network boot device
4. Power on the computer and connect to the internet
5. Boot! The computer will automatically download the components of the operating system (Zero-OS)
The actual bootloader is very small, it brings up the network interface of your computer and queries TFGrid for the remainder of the boot files needed.
The operating system is not installed on any local storage medium (hard disk, ssd), Zero-OS is stateless.
The mechanism to allow this to work in a safe and efficient manner is an innovation called our container virtual filesystem.
### Process
- optionally: configure booting from secure BIOS
- optionally: install signing certificate in the BIOS, to make sure that only the right bootloader can be started
- the bootloader (ISO, PXE, USB, ...) get's downloaded from Internet (TFGrid CDN or private deployment)
- core-0 (the first boot process) starts, self verification happens
- the metadata for the the required software modules is downloaded and checked against signature and hashes
- the core-0 zero_image service

67
docs/main/key_innovations_overview/compute/zos_compute.md Normal file
View File

@@ -0,0 +1,67 @@
---
title: 'ZOS - geo-aware OS'
sidebar_position: 1
description: The computer layer
hide_title: true
---
![](img/zos_intro.png)
# ZOS - geo-aware OS
ThreeFold has developed its own operating system, Zero-OS, which is based on the Linux Kernel. The purpose of Zero-OS is to strip away the unnecessary complexities commonly found in contemporary operating systems.
### Imagine An Operating System With The Following Benefits
- Up to 10x more efficient for certain workloads (e.g. storage)
- No install required
- All files are deduped for the VM's, containers and the ZOS itself, no more data duplicated filesystems
- The hacking footprint is very small which leads to much safer systems
- Every file is fingerprinted and gets checked at launch time of an application
- There is no shell or server interface on the operating system
- The networks are end2end encrypted between all Nodes
- It is possible to completely disconnect the compute/storage from the network service part which means hackers have a lot less chance to access the data
- A smart contract for the IT layer allows groups of people to deploy IT workloads with consensus and full control
- All workloads which can run on linux can run on Zero-OS but in a much more controlled, private and safe way
> We have created an operating system from scratch. We used the Linux kernel and its components and then built further on it. We have been able to achieve all of the above benefits.
## Requirements:
- **Autonomy**: TF Grid needs to create compute, storage and networking capacity everywhere. We could not rely on a remote (or a local) maintenance of the operating system by owners or operating system administrators.
- **Simplicity**: An operating system should be simple, able to exist anywhere for anyone, and be good for the planet.
- **Stateless**: In a grid (peer-to-peer) set up, the sum of the components provides a stable basis for single elements to fail and not bring the whole system down. Therefore, it is necessary for single elements to be stateless, and the state needs to be stored within the grid.
## Key Features of Zero-OS:
Zero-OS is designed with minimalism in mind, supporting only a few fundamental primitives that handle essential low-level functions:
1. **Storage Capacity**
2. **Compute Capacity**
3. **Network Capacity**
Default features:
- Compatible with Docker
- Compatible with any VM (Virtual Machine)
- Compatible with any Linux workload
- Integrated unique storage & network primitives
- Integrated smart contract for IT layer
## benefits
- No need to work with images, we work with our unique ZOS FS
- Every container runs in a dedicated virtual machine providing more security
- The containers talk to each other over a private network (Mycelium)
- The containers can use a web gateway to allow internet users to connect to the applications which are running in their secure containers
- Can use core-x to manage the workload
**Security and Simplicity:**
Zero-OS provides a Autonomous Decentralized Cloud.
This not only blocks hacker access but also eliminates human error, enhancing both security and reliability.

35
docs/main/key_innovations_overview/compute/zos_contract_for_it.md Normal file
View File

@@ -0,0 +1,35 @@
---
title: 'Smart Contract for IT'
sidebar_position: 3
description: 'How smart contract tech can be used to deploy IT workloads.'
hide_title: true
---
## Deployment of Workloads Using Secure Smart IT Contracts
![](img/smart_contract_it.png)
Workloads can be deployed through a secure and decentralized system enabled by **smart IT contracts**.
These contracts ensure the following:
1. **Multi-Signature Authorization**
Before a workload is deployed, multiple authorized individuals must sign off on the deployment contract. This ensures a consensus-driven process, adding a layer of security and accountability. No single individual has unilateral control over the process.
2. **Immutable and Autonomous Deployment**
Once the deployment is signed and approved, the workload is executed as defined in the smart IT contract. The system ensures that:
- No party, including the signers, can alter the deployed workload or access the stored data.
- The deployment process is verified, authenticated, and recorded immutably on the blockchain, guaranteeing transparency and trust.
3. **Managed by Virtual Administrators (3BOTs)**
The workloads can optionally be autonomously managed by virtual administrators, known as **3BOTs**. These bots operate as trustworthy system administrators and ensure the deployed solution adheres strictly to the agreed-upon parameters.
4. **Registered on a Decentralized Geo-Aware Ledger**
Once the contract is finalized and deployment occurs, the details are permanently registered in the **TFChain blockchain**, providing an immutable record of the transaction. This further enhances security and transparency.
By leveraging these mechanisms, the system ensures that IT workloads are deployed securely, remain tamper-proof, and operate in a decentralized, autonomous manner. This approach eliminates risks of unauthorized changes and protects the integrity of deployed solutions.