The ‘Big Bang’ of USAF application modernization
Public sector agencies that may still be wondering if open source software is the key to application modernization can simply look at the U.S. Air Force, which recently used Kubernetes to manage the weapons systems on the 65-year old U-2 spy plane.
Nicolas Chaillan, former Chief Software Officer for the Air Force, said the service was able to deploy new software services on the U-2 in less than two weeks. “In just 12 days with [artificial intelligence machine learning] containers on that legacy hardware, we were able to manipulate the sensors on the jet so the pilot could focus on doing other stuff,” Chaillan said, speaking during a panel session at the 2021 Public Sector Innovation Summit sponsored by VMware. (Watch the full panel discussion here.)
The new software was able to receive over-the-air updates of the container, “ensuring that we could be decoupled from the hardware and not put the jet at risk in terms of airworthiness and making sure that the pilot is safe,” Chaillan said.
The test flight, which took place late last year, was a first for the Defense Department. Since then, however, Kubernetes has become the central nervous system of the Air Force’s Platform One initiative. Platform One allows users to deploy a DevSecOps Software Factory and start solving software problems with a 90% solution immediately, instead of starting from scratch.
“For us, Kubernetes is becoming the foundation of all the software we do on jets to bombers to ships, and, let’s face it, to nuclear,” Chaillan said. “We have Kubernetes running across embedded systems at the edge on clouds, on classified clouds, and air-gapped environments. So it’s really kind of the enabler for us not to get locked into a single tech stack, and to be able to have a diversity of options.”
Leveraging a project called Platform One Big Bang, the Defense Department can install an instance of Platform One, called the Customer DevSecOps Platform, on behalf of other organizations. Big Bang is the Platform One Infrastructure as Code / Configuration as Code package that deploys a software factory in a customer owned environment.
“We open-source the entire Big Bang platform, which is a full DevSecOps platform,” Chaillan said. “A lot of people think of DevSecOps as a [development] platform, but for us, it runs in run-time on the weapon, on the device, on the jet, on the system with Zero Trust baked.”
“When I look at open source, it’s really an opportunity for collaboration writ large,” said Craig McLuckie, Vice President at VMware, who also spoke on the panel. But there can be challenges, he said. “Culture really matters. Culture is effectively the operating system of the organization,” McLuckie said.
For the Defense Department, those challenges range from ensuring the security of open source code to modernizing the way the department thinks about managing large programs, said Chaillan.
“It’s important to realize that open source does not mean it is something that is safe or it’s going to last. You have to look at the community behind it. That’s why we like the [Cloud Native Computing Foundation (CNCF)] because we know to get to a certain stage you have to demonstrate some maturity and diversity of contributors,” Chaillan said.
“I love that some teams in CNCF are actually pushing for pen tests,” he said. “And for us in Platform One we actually have seven people full-time continuously pen-testing the stack. It’s not a once a quarter or once a year thing, it’s continuously.”
Just as important as security, however, is the ability to move at what Chaillan calls the pace of relevance. “No one wants to waste time and taxpayer money and reinvent the wheel. But we also design in a way that’s very siloed and you end up with a lot of people having to be convinced to make meaningful changes,” he said.
The other challenge is that the DOD doesn’t always control everything, like funding, he said. “If it’s cut into tiny silos, how do you do enterprise services well? In fact, I would argue that the Department is not really good at building enterprise IT because of that,” he said. “Because big programs get a lot of money and they don’t like having dependencies on others. That’s why we created Cloud One and Platform One.”
Learn more about “Application Modernization” and how VMware is helping to accelerate public sector innovation