Parinita  /  Products  /  Parinita Instrument
Foundation Layer

Parinita Instrument

The FIPS-Hardened Immutable OS Every Parinita Workload Boots On

12 factory images. Sub-12-minute bootstrap. 10-year CVE lifecycle. Immutable A/B partitions.

Instrument is a FIPS 140-3 hardened, DISA STIG-compliant Ubuntu 24.04 LTS image with kernel 6.18, augmented by Kairos for immutable A/B partition management. It ships in 12 factory images — one per silicon type — and is the only OS certified to run uniformly across this many silicon types simultaneously with zero-touch provisioning.

101
Sites Worldwide
12
Factory Images
<12min
Bootstrap Time
10yr
CVE Lifecycle
01 / The Problem

Heterogeneous AI Fleets Boot Inconsistent OS Images With No Measurement Chain

When different nodes in a multi-silicon AI fleet run different OS images with different security configurations, 'what was actually running on this node' cannot be answered with a measurement chain.

Generic enterprise Linux distributions are not designed for heterogeneous silicon, do not enforce immutability, and cannot prove what was running on a node at a given time with a tamper-proof record.

  • Multi-Silicon Fleets Have No Consistent OS Image

    Different silicon types (MI350P, NVIDIA Blackwell, EPYC Turin, AmpereOne) typically run different OS configurations — inconsistency makes security controls non-uniform.

  • Generic Linux Has No Measurement Chain

    Standard enterprise Linux distributions do not enforce immutability and cannot prove what was running on a node at a given time with a tamper-proof cryptographic record.

  • Ad-Hoc Package Installs Break Security Baselines

    When operators install packages, modules, or patches outside the defined image, the security baseline breaks and the measurement chain is invalidated.

Capability
Current / legacy
What's needed
OS consistency
Different OS images per silicon type — inconsistent security baselines across the fleet
12 silicon-specific factory images on one consistent Ubuntu 24.04 LTS baseline — uniform security controls across all silicon types
Measurement chain
No TPM measurement — cannot cryptographically prove what ran on a node at a given time
TPM measurement from firmware to initramfs — cryptographic proof of every boot step, Chrysalis-anchored
Immutability
Mutable OS — package installs and module loads alter the security baseline post-deployment
Immutable A/B partitions — arbitrary installs and modules are policy-blocked by architecture
FIPS compliance
Post-deployment FIPS configuration — error-prone, inconsistent across nodes
FIPS 140-3 mode activated at first boot — factory-baked, never a configuration step
CVE lifecycle
Upstream distribution lifecycle — silicon drivers may lose support before infrastructure is replaced
10-year Parinita-owned CVE maintenance — kernel, userspace, and silicon drivers maintained independently of upstream
Zero-touch provisioning
Manual OS installation and configuration at each node — high labor, high error rate at scale
Factory pre-flash or PXE boot — no manual OS configuration, sub-12-minute bootstrap from power-on to workload-ready
02 / Core Capabilities

One immutable OS. Every silicon type. Cryptographic measurement chain.

Instrument's measurement chain runs from firmware through bootloader through kernel through initramfs into the TPM — every step recorded. What ran on which node at which time is cryptographically verifiable, not screenshot-based.

Arbitrary kernel modules, custom firmware, and ad-hoc package installs are policy-blocked by design — that is what makes the measurement chain meaningful.

  • 12 Factory Images

    One image per silicon type — AMD Instinct MI350P, NVIDIA Blackwell, AMD EPYC Turin, Sierra Forest, Qualcomm IQ-9075M, AmpereOne ARM64, AMD Alveo FPGA, NVMe storage, Qualcomm Cloud AI 100 edge, video, orchestration — all Cosign-signed.

  • Sub-12-Minute Bootstrap

    PXE boot, FIPS-mode activation, measured-boot via TPM, Maestro registration, fabric join — power-on to workload-ready in under 12 minutes across all 12 silicon types.

  • Immutable A/B Partitions

    New images write to the inactive partition, validate, flip the boot target, and auto-rollback on any boot or health failure. Every push anchors on Chrysalis.

  • TPM Measurement Chain

    Measured-boot chains firmware, bootloader, kernel, and initramfs into the TPM — every step recorded. What ran on which node at which time is cryptographically verifiable.

  • FIPS 140-3 and DISA STIG Compliance

    Ubuntu 24.04 LTS with kernel 6.18, FIPS mode activated at first boot, pre-applied DISA STIG hardening — compliance is factory-baked, not post-deployment configured.

  • 10-Year CVE Lifecycle

    Long-term security maintenance for kernel, userspace, and silicon drivers on a Parinita-owned cadence — independent of upstream distribution lifecycle.

  • Pre-Hardened at Boot

    Encrypted root and data partitions, secure-boot certificates, Wazuh agent factory-integrated, ConnectX-7 drivers with eBPF/XDP, hardware IPsec/AES-GCM crypto — all present at first boot.

  • Chrysalis-Anchored Image Pushes

    Every image push records on Chrysalis as a signed artifact lineage record — cryptographic proof of what image was pushed to which node, when, by whom.

  • Zero-Touch Provisioning

    Factory image at the manufacturing line or PXE push at the POP. No manual OS configuration step. The runtime agent registers automatically with Maestro on first boot.

03 / Architecture

The Plane Model

Orchestra introduces "planes" — logical groupings of hardware optimized for a specific workload class. Unlike Kubernetes node pools, planes represent fundamentally different hardware architectures with different drivers, network requirements, and scheduling semantics.

The plane model is what makes Orchestra different from every other orchestration tool. Kubernetes sees nodes. Orchestra sees purpose-built hardware tiers and routes workloads accordingly.

P1
Reasoning Cortex
AMD Instinct MI350P
Primary AI inference · LLM serving
1,450+ nodes · 288GB HBM3e · high-bandwidth accelerator
P2
Training & Generation
NVIDIA RTX PRO 6000 Blackwell
Training · TTS · creative compute
950+ nodes · 96GB GDDR7
P3
Chain & CPU Compute
AMD EPYC Turin 9005
Chrysalis validators · CPU inference
700+ nodes · Zen 5c
P4
Knowledge & Retrieval
Intel Sierra Forest
Almanac vector search · RAG anchor
1,250+ nodes · 144 E-cores
P5
Long-Term Memory
NVMe Storage
Enclave · Stratum immutable object
850+ nodes · ransomware-resistant
P6
Media & Acceleration
RTX 4500 BSE · Alveo MA35D
Four tiers · GPU + FPGA + CPU
2,150+ nodes · 4K/8K hardware acceleration
P7
Edge Reflex
Qualcomm Cloud AI 100 Ultra
Ultra-low-latency edge inference
2,000+ nodes · sub-10ms response
P8
Coordination Layer
AmpereOne A128
Orchestra · Chorus routing · agents
2,400+ nodes · 128 ARM cores
P9
Nervous System
Cisco 8000 · Palo Alto · Arista
Routing · firewall · dual fabric
3,500+ devices · ConnectX-7 NICs
04 / Boot and Measurement Model

Cosign-signed image. TPM measurement chain. Under 12 minutes.

PXE boot or factory image, FIPS mode activation, measured-boot chain from firmware to initramfs via TPM, registration with Maestro, fabric join — power-on to workload-ready in under 12 minutes.

  1. 01
    Silicon type
    12 factory images, one per silicon — MI350P, Blackwell, EPYC Turin, Sierra Forest, IQ-9075M, AmpereOne, Alveo FPGA, NVMe, Cloud AI 100, video, orchestration.
  2. 02
    Boot path
    PXE boot or factory pre-flash at manufacturing line. FIPS mode activates at first boot. TPM measurement chain records every boot step.
  3. 03
    Partition model
    Immutable A/B partitions via Kairos — new image writes to inactive partition, validates, flips boot target. Auto-rollback on any boot or health failure.
  4. 04
    Measurement chain
    Firmware through bootloader through kernel through initramfs — each step extends into the TPM. The full chain is cryptographically verifiable and anchors on Chrysalis.
  5. 05
    Policy enforcement
    Arbitrary kernel modules, custom firmware, and ad-hoc package installs are policy-blocked. The measurement chain is only meaningful if the baseline is enforced.
  6. 06
    Registration
    Runtime agent registers with Maestro on first boot — silicon ID, plane type, POP location, FIPS status reported automatically. Bootstrap completes in under 12 minutes.
  7. 07
    CVE maintenance
    10-year security maintenance cadence for kernel, userspace, and silicon drivers — independent of upstream Ubuntu or silicon vendor lifecycle.
  8. 08
    Image signing
    All 12 factory images Cosign-signed. Every push to a node records on Chrysalis as a signed artifact lineage record — what ran where and when is independently verifiable.
python
import instrument

client = instrument.Client(seat_token='your_seat_token')

# List all nodes with their image version and FIPS status
for node in client.nodes.list(pop_id='ord-t1-01'):
    print(f"Node: {node.id}, Silicon: {node.silicon_type}, Image: {node.image_version}, FIPS: {node.fips_active}")

# Query TPM measurement chain for a specific node
chain = client.nodes.measurement_chain(node_id='node-mi350p-042')
for step in chain.steps:
    print(f"Step: {step.name}, Hash: {step.hash}, Chrysalis: {step.chrysalis_tx}")
05 / Proof

Proven at scale. Not in a lab.

Parinita AI Edge is the production deployment of the Parinita platform and the largest heterogeneous AI infrastructure deployment in the United States.

Reference Deployment

Parinita AI Edge

The most complex heterogeneous AI infrastructure in the United States. 101 sites, 9 planes, 12,000+ nodes, 4 accelerator vendors, dual network fabrics, four-layer tenant isolation — all through a single sovereign control plane.

101
Points of Presence
4 tiers: T1 (32), T2 (29), T3 (19), T4 (21)
909+
K8s Clusters
101 sites x 9+ plane types
12K+
Compute Nodes
Supermicro, Dell, Ampere, Cachengo
4
Accelerator Vendors
Intel Habana, NVIDIA, AMD, Qualcomm

Network & Security Infrastructure

2,491+
Cisco Switches
+ 303 routers (EVPN-VXLAN)
1,734+
Arista Switches
Lossless GPU backend fabric
367+
Palo Alto Firewalls
PA-5580/PA-5560 series
152+
Petabytes Storage
NVMe over RDMA
  • Multi-vendor accelerators
    Four accelerator vendors — Intel Habana, NVIDIA, AMD, Qualcomm — orchestrated through one control plane with unified scheduling, monitoring, and lifecycle management.
  • Dual-fabric networking
    Cisco production fabric and Arista GPU backend fabric operating as a coordinated system, bridged by identity-aware routing.
  • Nationwide scale
    101 sites across 42 U.S. states, each operating autonomously with a local control agent and a sovereign cross-site routing plane.
  • Multi-tenant isolation
    Four-layer defense-in-depth: VXLAN VNIs, identity-routing, Palo Alto firewalls, and Cilium eBPF — validated across every plane and site.
  • Compliance readiness
    FIPS 140-2 at launch, with FedRAMP Moderate, CJIS, and IL4/IL5 certification paths active through Parinita compliance profiles.
  • Sub-millisecond routing
    Every request classified and dispatched in under 1ms, enabling real-time SLA enforcement without perceptible overhead.
06 / Use Cases

For deployments where 'what was running' must be answered with a measurement, not a screenshot.

Instrument is most valuable when multi-silicon consistency is a hard requirement and the measurement chain has regulatory or legal significance.

Not a general-purpose distribution — arbitrary kernel modules and ad-hoc package installs are policy-blocked. That constraint is what makes the measurement chain trustworthy.

  • Multi-Silicon AI Infrastructure

    Instrument is the only OS certified to run uniformly across MI350P, Blackwell, EPYC Turin, AmpereOne, and Qualcomm silicon simultaneously — one consistent security baseline.

  • Regulated and Audited Environments

    Deployments where 'what was actually running on this node' needs a measurement chain answer — not a screenshot, not a log, but a TPM-recorded cryptographic proof.

  • Large-Scale Edge Fleets

    Zero-touch provisioning via PXE or factory pre-flash scales across 12,000+ nodes without manual OS configuration. Sub-12-minute bootstrap from power-on to workload-ready.

  • Long-Lived Infrastructure

    10-year CVE lifecycle on kernel, userspace, and silicon drivers — infrastructure deployed today stays maintained for the decade without upstream distribution lifecycle risk.

  • FIPS and STIG Compliance

    FIPS 140-3 mode and DISA STIG hardening factory-baked at first boot — compliance is architectural, not a post-deployment configuration project.

07 / Getting Started

Deployment Models

Factory images provision at the Supermicro, Dell, or Qualcomm Cloud AI 100 manufacturing line or pushed over PXE at the POP.

Factory Pre-Flash
Supermicro, Dell, Qualcomm Manufacturing

Factory images apply at the Supermicro, Dell, or Qualcomm Cloud AI 100 manufacturing line. Nodes arrive at the POP pre-configured — PXE not required.

PXE Boot at POP
For Field Provisioning

PXE boot pushes the correct silicon-specific factory image at the POP. FIPS activation, measured boot, and Maestro registration complete automatically. Under 12 minutes total.

Ongoing Image Lifecycle
Canary, Staged, Fleet Rollout

New Instrument image versions roll out via Opera's coordinated canary, staged, and fleet deployment process — with automatic rollback on attestation failure or SLO breach.

08 / Get Started

Talk to Us

Our infrastructure team can walk through Instrument's factory image selection and bootstrap process for your specific silicon and POP configuration.