NASA Cloud Architect Forms Company for Private Cloud
The lead architect of NASA's cloud platform, which spun off into the open-source OpenStack cloud operating system, is launching a new company and product aimed at helping enterprises more easily build private clouds.
Piston Cloud Computing will sell an OpenStack distribution that offers automation for easy deployment, security features to meet the needs of security-conscious businesses and interoperability with public clouds that are also built on OpenStack.
"The rationale for starting the company is that the options for deploying private clouds are complicated, hard to configure, time-intensive to maintain and don't necessarily scale terribly well," said Joshua McKenty, CEO of Piston Cloud and formerly cloud architect and technical lead at NASA.
While many of the contributors to OpenStack have started businesses around public clouds, McKenty wanted to be sure that enterprises could also use OpenStack so that public and private clouds could be interoperable. He also wanted to be sure there were products meeting the unique challenges that enterprises face around security, regulatory compliance and integration with other enterprise systems. "It's a different beast than a public provider," he said.
PentOS is designed to include all the software required to run a private cloud, from the "bare metal" up, he said. It starts with a Linux distribution that only includes the components required to run OpenStack, an OpenStack distribution and a suite of automation tools.
It's designed to be used with low-cost server and hardware components, he said.
Typically, enterprises that are building private clouds on OpenStack hire professional services groups that deploy high-available, load-balanced nodes including blade servers for computing and storage nodes for storage, he said. "But you're not really taking advantage of the elasticity of the cloud," he noted.
With PentOS, users can buy a single class of server and use the software to automate things like running a database that requires high reliability on any server depending on available capacity and hard drive reliability. "We're automating away the reliance on high-availability hardware," he said.
PentOS also automates the installation process. PentOS is packaged onto a USB stick that an administrator can plug into a laptop to configure.
Administrators don't have a lot to choose from when configuring their systems, however. They input the IP (Internet Protocol) range used, select groups of users from Active Directory that should have permissions in the cloud environment, adjust settings around VLANS and configure the switch itself, such as setting administrative passwords for it.
"We tried to make the software as opinionated as possible," he said. "There aren't options around what database would you like to use or hypervisor."
PentOS works with the KVM hypervisor and MySQL. "We didn't want to get people tied into a whole bunch of licensing discussions," he said. "It's always a challenge. If you give people a ton of options, you're giving them lots of ways to reduce the performance of the system and few ways to improve it."
Once an administrator sets the configurations, the USB stick can be plugged into the server rack. PentOS detects the hardware and installs and configures the operating system.
The setup process can eliminate one important vulnerability: the insider attack. Because all the hardware is configured from the USB stick, an enterprise can give only the most trusted administrator the password. Additional administrators don't need logins to any of the hardware because the setup happens automatically, he said.
PentOS also allows enterprises to add as few as five servers at a time.
Enterprises can buy additional PentOS modules that ensure compliance with certain regulations, like HIPAA for health-care organizations and FISMA for government agencies.
Piston plans to make a limited offering of a preview version of PentOS Monday, followed by general availability Nov. 29.
McKenty claims that PentOS is the first enterprise implementation of CloudAudit, a set of common interfaces for automating cloud functions like audit and assurance. That means enterprise users can decide to work with a public cloud provider that also complies with CloudAudit and be assured that all of their cloud operations meet necessary requirements like HIPAA.
McKenty isn't the only former developer of the NASA cloud to try to build tools to help enterprises build private clouds. Chris Kemp, the former CTO of NASA who also helped build its cloud, started a company called Nebula that is developing an appliance aimed at making it easier for enterprises to build private clouds.