Skip to main content

Onboarding Guide: SECA API for Cloud Providers

This guide outlines the direct steps and requirements for Cloud Service Providers (CSPs) looking to onboard and integrate with the SECA Open Source Project.

1. Why Onboard SECA?

By adopting SECA, the CSP, can:

  • Achieve Interoperability: Seamlessly integrate with other European public clouds, enabling multi-cloud configurations for your customers.
  • Attract Developers: Become a magnet for third-party developers and applications that align with the standardized API.
  • Reduce Lock-in for customers: Offer a solution that counters vendor lock-in, providing low migration costs and faster response to market changes for your users.

2. Your Onboarding Checklist: What You Must Do

To successfully onboard the SECA Open Source Project, you must undertake the following actions and adhere to these requirements:

  • Follow Open API Standard: You are required to implement your API strictly following the specifications set by the Open API Initiative, which the SECA API is built upon.
  • Adopt JWT Tokens for Authentication: You must integrate and utilize JSON Web Tokens (JWT) for all authentication processes within your SECA API implementation to ensure robust and verifiable access control.
  • Pass Conformance Tests: You must pass the official SECA conformance tests to validate your implementation's adherence to the standard.
  • Submit Results: The results of these conformance tests must then be submitted to the SECA community for assessment and verification using a PR to the SECA GitHub repository. If the results get merged, your acceptance is verified.

3. Implementation Guidelines

Implementing the API and related processes can be difficult. Thus the SECA community maintains a Common API Server called ECP (European Control Plane) that can be deployed on a kubernetes infrastructure to facilitate the implementation.

To utilize the ECP the CSP has to implement a number of plugins that translate the resources from the SECA api into the provider specific resources.

Understanding kubernetes and kubernetes control plane concepts is crucial for successful implementation, since the plugins work within this architecture. Crossplane can be utilized to manage the lifecycle of these resources effectively and be a good reuse option, if the provider already built a Crossplane provider.

4. Opportunities for Extension and Community Engagement

Beyond the mandatory requirements, you are encouraged to:

  • Implement Optional Extension Providers: While foundation providers are mandatory, you can optionally implement extension providers (also via your CSP plugin) to offer additional services or features beyond the core IaaS layer, expanding your offerings within the SECA framework.
  • Engage with the Community:
    • Submit Proposals: The SECA API framework is open to proposals. You can submit suggestions for new features, enhancements, or extensions to the API council.
    • Collaborate: Participate in the community to jointly identify gaps and contribute to the continuous evolution of the SECA API, helping to shape the future of sovereign cloud services.

5. Conclusion

By following these direct steps, you can successfully onboard the SECA Open Source Project, enhancing your interoperability, attracting new users, and contributing to a more resilient and innovative European cloud ecosystem.