Venyu Blog

Paralleling almost anyone’s grandfather’s tall tale of having to slog through six miles of snow, uphill, wearing threadbare mittens and porous “galoshes” just to get to school each day, the story of how computers once filled up a complete room — wall to wall and end to end — was another one of those, ahem, urban legends I grew up hearing about. Ok, there was some truth about the size of those computers. Take the example on this Computer History site which includes a photo of the 1944 Harvard Mark-1 that’s described in the following passage:

Conceived by Harvard professor Howard Aiken, and designed and built by IBM, the Harvard Mark-1 was a room-sized, relay-based calculator. The machine had a fifty-foot long camshaft that synchronized the machine’s thousands of component parts. The Mark-1 was used to produce mathematical tables but was soon superseded by stored program computers.

Of course with all the advancements since then we now have a host of tablets, notebooks and other take-with-us devices that often weigh less than a few pounds yet deliver all the computing power, wireless connectivity, on-demand services and then some of those first room-sized computers back in the 1940’s and 1950’s. 

 Ah, the march of technology and the non-stop progression of innovation

I bring all this to your kind attention because I recently came across a headline – “Piston Puts Enterprise Cloud on a Memory Stick” – that not only intrigued me in the context of cloud computing, but also from a security standpoint. I just had to know more.

It turns out that a California-based startup, Piston, has fabricated for developers a USB device or what they call a “cloud key” with OpenStack cloud software preloaded onto it, as well as its enterprise operating system for the Cloud, PentOS.

Charles Babcock who wrote the piece for Information Week reports the company, which was founded by Joshua McKenty, a veteran of NASA’s Nebula cloud project, quotes McKenty’s cloud USB device as “taking the complexity of configuring cloud services out of the hardware and putting it into software,”

To configure rack-mount servers for a cloud, the enterprise cloud manager will plug the cloud key into his PC or laptop and set parameters in configuration files for the types of cloud servers that he wants, a task he can do outside the data center. Inside the data center, an authorized administrator can then plug the device into the network switch at the top of a server rack. The software on the device automatically loads into the switch, where PentOS discovers the servers in the rack and configures them into a cloud system in a “hands-free” implementation.

In addition, PentOS is meant to leverage OpenStack’s ability to use the on-premises, enterprise Active Directory Server to authenticate administrators for the enterprise cloud. It won’t allow an IT staffer with administrative privileges to log in and take over the cloud servers on a local basis, the way a consultant or knowledgeable IT staffer with administrator privileges might do in other circumstances, McKenty said. Rather, each administrator must use a centralized login process that can be monitored by IT managers more easily and where (hopefully) the wrong party would be more easily spotted and halted.

Using OpenStack, the PentOS operating system is able to provision and track virtual machines, assign networking and storage as well as CPU and memory, and supply high availability through automated failover of virtual servers. The system maintains distributed backup copies of data so that a server loss will not result in a long-term outage.

In addition, McKenty said it supplies one of the first implementations of CloudAudit, a draft standard of the Internet Engineering Task Force (IETF) determining how a cloud configuration may be designated as meeting HIPAA, FISMA, PCI, or other regulatory and compliance standards. By creating an infrastructure that meets the standard, events in the cloud become auditable and able to meet the compliance requirements, he said. The draft of the 1.0 standard was released in July 2010 for public comment.

No pricing on PentOS has been set, with McKenty claiming only that it will be priced comparable to competing private cloud software products.

Whether this so-called “cloud on a stick” catches on I can’t yet say one way or the other. Personally I’ve read too many incidents of USBs being like those porous “galoshes” I alluded to at the beginning of this piece. Too easily lost or too easily compromised by “misadventure” (e.g. embittered employees wishing to sell a company’s secrets, even their configurations, to the highest bidder), built-in security features notwithstanding.

I suppose the only place to go after this is for scientists and other technology fabricators to come up with the “foldable” space car (ala George Jetson), that shrinks a vehicle down to the size of an attaché case. If that ever becomes a reality, then I’ll really be impressed. And of course it will save me time getting through all that snow my grandfather (or yours) really hated but somehow never could stop talking about.