It will include a "fine grained" user identification and authorization system that makes use of Microsoft Active Directories and LDAP-based identity management directories. For each action that a user attempts to take, Director will check and see whether he has permission to take it. An already identified user might be initially authorized to delve into a product and parts database. When he later attempts to check into the customer database for those parts, Director will run another check to the appropriate director to see whether he's authorized to go in there as well.
"Every action against an object is policy based and permission tested," said Pinkham, as opposed to a user being recognized and then assigned one permission level based on his role. It may be that managers are allowed to view customer information in one part of the quarter but not another. The permissions-based approach keeps a constant check at work on user actions, he said.
Likewise, policies can be set on which virtual machines may talk to each other in a multi-tenant environment.
Director will also enforce identities, authorizations, and policies set for the internal, enterprise environment on a workload if it moves beyond the enterprise perimeter into a public cloud. Nimbula is trying to enable the working together of public and private clouds, with Amazon's EC2 used as the public host in Monday's demonstration.
Demonstration engineer Kuyper Hoffman started a server in EC2 and illustrated that it was working through the Director control panel. The amount of information on the EC2 instance was limited and the initiator of workload sharing between an enterprise cloud and EC2 would have to eventually move into EC2's control panel, he conceded. But Director can do the mapping between the two that enables the workload move, he said.
The set of servers that Nimbula officials used to demonstrate their cloud operating system was mixed four- and eight-core Intel rack mount servers. "Back in the lab, we have a mix of AMD and Intel," noted Hoffman.
He illustrated how a user might configure four Web servers, each to be launched on a different node in the EC2 cloud to ensure continued operation. At the same time the user might need three application servers with 10-Gb Ethernet, and three database servers with both 10-Gb Ethernet and Fibre Channel and double the RAM of the web servers. The set could be launched in EC2 together instead of each server being configured separately through the Amazon EC2 console, Hoffman said.
"The virtual machines can come from the same base image. We have a mechanism to translate them from the format of one cloud to another," he said during the demonstration.
Nimbula was founded in 2009 and has a fresh $15 million in venture capital funding, after a previous $5 million investment. It has expanded its ranks from 19 to 22 people in the course of the last two weeks; it is currently looking for more employees. It will move out of Sequoia Capital offices into its own space in Mountain View, Calif., in two weeks. "I just signed the lease and ordered some office furniture," Pinkham said before the event got underway.
IT Service Management Must EvolveThe idea of technology being delivered as a service appeals to the 409 IT pros responding to our Service-Oriented IT Survey. But cloud providers are competing for that work, and CIOs are being selective.