Department Of Defense Pursues Private Cloud

This week, the Defense Information Systems Agency took a step toward making its own data center act more like a cloud computing environment.

The agency is launching new software development and testing tools that eventually will make it easier for military developers to test and deploy software themselves without the red tape usually required to provision new computing power.

"There are incredibly expanding capabilities on the Internet that because of security and stability requirements, we can't use," Rob Vietmeyer, Forge.mil's project director, said in an interview. "We want to take the things that Amazon and Google are showing us are possible and take our assets to the next level, to allow rapid innovation of [Department of Defense] technology."

DISA, the central IT arm of the Department of Defense, has been working for more than a year to build the Rapid Access Computing Environment (RACE), which will eventually become a private cloud for the military. RACE will be used to host all sorts of production software for the military, but one of the ways DISA hopes to increase its usability within DoD is through the launch of the first piece of Forge.mil, a new collaborative software development tool and repository called SoftwareForge.

Though it doesn't do so today, Forge.mil ultimately will allow rapid self-service testing and self-service deployment of new software and services on RACE from within the Forge.mil site and even from within development environments like Eclipse. One of the technologies that might help make that happen is a feature in the latest version of CollabNet's application life-cycle management software called Lab Management.

Forge.mil takes its inspiration from SourceForge, the popular open source software repository online. Its goal is to make it easier for the DoD to more quickly develop, test, and deploy software and services. SoftwareForge -- launched this week for unclassified use only -- is a software repository and collaboration site that includes version control, issue tracking, wikis, discussion forums, and document repositories to accelerate development, based on collaborative development tools from CollabNet.

SoftwareForge will require open source or "Department of Defense community source" and promote modular software development in order to encourage collaboration and reuse of code across branches of the military and regardless of location, thus enabling much easier distributed software development by combining these development techniques with a distributed infrastructure.

The site is catching on quickly, with 1,300 DoD developers signed up and 60 development efforts under way in just three months of beta testing, including everything from system utilities to embedded systems on unmanned aerial vehicles. Next up is a classified and proprietary code version of the site called ProjectForge, and sites called TestForge and CertificationForge that will help -- through automation and repositories -- test and certify software developed on Forge.mil to make sure meets required DoD specs.

Once the testing environment is up, DISA hopes to move onto full, self-service, production software deployment functionality by the summer of 2010, depending on the evolution of partnerships DISA has under way with agencies and vendors to make that happen. Forge.mil may also find a home as enabler of other private cloud efforts under way by the Air Force, Navy, and Army.

RACE won't just be for Amazon-style software development and deployment. It's already running instances of RightNow's CRM software, and DISA has noted the possibility of its use to deliver virtual desktops.

Harry Sienkiewicz, RACE's program director, sees his team as a hosting company and service provider inside the Department of Defense, as DISA itself is in some ways as well. "We would really like to have abilities much like a Rackspace or a 1&1 to allow users to provision an environment when, where and how they need it," he said in an interview. "We want to be like the ISP or hosting company behind the scenes."

Already, RACE allows self-service provisioning of approved Windows Server and Red Hat Enterprise Linux applications, like Exchange servers or Apache Web servers. Though applications won't come online immediately for now, anyone with a Common Access Card (a form of military identification and authentication) can request computing resources and can pay online if they have a government-issued credit card. "You just enter the portal, say you want this type of environment, this type of server, this type of security," Sienkiewicz said.

However, paying for rented space on RACE isn't as granular as doing so on Amazon Web Services, and the private cloud isn't yet multitenant, though it is possible DISA will eventually move in that direction if the technology gets better. Instead of paying for traffic, storage and CPU usage separately, RACE developers pay $500 per month for a virtual machine that includes 1 GB of memory and comes with 50 GB of storage. More storage per image will be available by May or June, and DISA is looking at ways to make costs look more like they do on Amazon and elsewhere online.

Provisioning isn't immediate, either. RACE allows for 24-hour provisioning of computing resources in some cases, but typical requests for entirely new software take 14 to 30 days to stand up. Eventually, as systems come on to certify applications automatically, that time lag could decrease greatly. "Certification and accreditation is the longest pole in the tent right now," Sienkiewicz said.

Right now, though DISA makes a "secure, compliant system image" available to users and gives them access to a patch repository, RACE requires users to manage their own security. As part of the next phase of build-out, DISA will offer a service that will validate security against a set of standard practices and do penetration testing. The system is built for stability: RACE's data center environment includes backup power, redundant cooling, secure facilities, multiple network paths, multiple load-balanced DMZs and redundant power at the blade, rack, and data center level.

RACE is being built with help from a number of vendors, key among them Hewlett-Packard (including ProLiant blades for the data center infrastructure and HP Service Manager and HP Operations Orchestration for management) and VMware. Others include IBM, Sun, Moab (which provides resource workflow and scheduling capabilities) and Vion (which provides storage services and capacity). Sienkiewicz is especially interested in some of the ideas VMware raises as part of its V-Cloud initiative, though he said that's not an endorsement or an acknowledgment that DISA will end up a V-Cloud customer.

DISA's program has attracted the interest of many of the top names in cloud computing. VMware CEO Paul Maritz was at DISA's offices talking about RACE earlier this month, and both Amazon CTO Werner Vogels and Salesforce.com CEO Marc Benioff were keynote speakers at DISA's partner conference this week.

InformationWeek Analytics has published an independent analysis on government IT priorities. Download the report here (registration required).