Multi-Site design requirements

I would like to start gathering design requirements for multi-site support in Merge. I will start off with a set of questions, some of which may have already been thought through.

The assumption is that there will be a single Merge portal, and multiple facility sites with resources that can be allocated for user experimentation.

Do we expect multiple organizations to control the various sites, or is it the same organization with perhaps multiple data centers?

Currently the merge portal talks to the single API server in the facility. For multi-site experiments, will there still be a single api server, or is there one per site (along with the other services like etcd and minio).

The idea is that completely disconnected/disparate facilities ( for example, Cyber class at UCLA ) would be able to join the portal, and use the portal, and existing class experiments/templates (created by, for example, MIT) to teach their classes, without allowing the portal administrators full operational access to the facility, and without having full operational control of the portal itself.

There should be one API server per facility – where the facility manager account can operate on portal resources within a facility (probably mostly using mrs/mars), but also “owns” the resource pools in a facility and can reserve some local nodes for facility-specific use, and allow some resources to enter the general/shared resource pool.

Basic requirements as I understand them are AAA (authentication, authorization, accounting) through the API, routing via bgp, expected/real link characteristics (modeled connectivity vs monitored usage). Whatever the actual requirements are should probably be documented and itemized for appropriate explosion into branches/MRs.