The Case for a Micro-OS
Iocane Micro-OS™ is a hardened Linux operating system, built from the upstream source. It’s minimal (just a few hundred packages), which reduces the security footprint of your entire system. And it’s also transient; because it boots off of the network into a RAM disk, it’s never installed to disk. So an Iocane Micro-OS upgrade is always a reboot, never a patch.
Piston’s CTO and co-founder, Joshua McKenty, has spoken about the micro-OS at length. When implemented properly, a micro-OS can provide many of the same security benefits as a hardware appliance, but without the additional lock-in.
Built on Linux
The current version of Iocane Micro-OS is built on the 3.10.31 Linux kernel. It provides containers, network namespaces, resource limiting and network traffic shaping to Moxie RTE™. And because it can guarantee that there are no processes running in the OS that aren’t managed by Moxie RTE, Piston can orchestrate otherwise destructive system functions (such as formatting and partitioning drives or powering off physical equipment) without risk.
The New “Ring-Zero”
This separation of concerns between the server-level operating system (Iocane Micro-OS), and the multi-server runtime environment (Moxie RTE) is one of the key ways that Piston can use a non-deterministic, distributed systems model and produce reliable, deterministic behavior. It extends the protection ring concept of operating system design (often simplified to “kernel space” and “user space”), to encompass the reality of service-based architectures that necessarily span multiple physical machines. In cloud computing, the entire operating system should be considered “ring 0.”
What’s in a Name?
And yes, in case you were wondering, the name “Iocane” comes from the cult classic 1987 movie “The Princess Bride”. In the movie, Iocane powder is an odorless, colorless, and tasteless substance. Piston’s Iocane Micro-OS is an expression of that philosophy – it’s a server operating system that is intended to serve transparently as a platform for running distributed services. Quite literally, it’s an OS that you can’t log into. And we think that’s a very good thing.
Plan Your Pilot
Ready to plan your deployment? Click below to view hardware specs, access reference architectures, and plan your Piston OpenStack deployment, down to the last detail.Start Now