← All products
Infrastructure & Operations

Parinita Instrument

The FIPS-hardened, immutable OS that every Parinita workload boots on.

Instrument is a FIPS 140-3 hardened, DISA STIG-compliant Ubuntu 24.04 LTS image with kernel 6.18 — augmented by Kairos for immutable A/B partition management. It ships in 12 factory images, one per silicon type, and is the only OS in production today certified to run uniformly across this many silicon types simultaneously with zero-touch provisioning.

Talk to us See the platform
Capabilities

What it does

  • 12 factory images

    One image per silicon type — Intel Gaudi 3, NVIDIA Blackwell, AMD EPYC Turin, Sierra Forest, Qualcomm IQ-9075M, AmpereOne ARM64, AMD Alveo FPGA, NVMe storage, Qualcomm Cloud AI 100 edge, video, orchestration — all Cosign-signed.

  • Sub-12-minute bootstrap

    PXE boot, FIPS-mode activation, measured-boot via TPM, register with Maestro, join the fabric — power-on to workload-ready in under 12 minutes.

  • Immutable A/B partitions

    New images write to the inactive partition, validate, flip the boot target, and auto-rollback on any boot or health failure. Every push is anchored on Chrysalis.

  • 10-year CVE lifecycle

    Long-term security maintenance baked in — kernel, userspace, and silicon drivers patched on a Parinita-owned cadence regardless of upstream.

  • Pre-hardened beneath the workload

    Encrypted root and data partitions, secure-boot certificates, Wazuh agent factory-integrated, ConnectX-7 drivers with eBPF/XDP, hardware IPsec/AES-GCM crypto.

How it works

Instrument boots from a Cosign-signed factory image — pre-applied at the Supermicro / Dell / Qualcomm Cloud AI 100 manufacturing line or pushed over PXE at the POP. Kernel 6.18 is required for stable eBPF CO-RE; FIPS mode activates at first boot; measured-boot chains firmware → bootloader → kernel → initramfs into the TPM. The runtime agent registers with Maestro on first boot, reporting plane type, silicon ID, POP location, and FIPS status.

Image lifecycle uses Kairos’s immutable A/B partition model: new images write to the inactive partition, validate, the boot target flips, and a boot or health failure reverts automatically. Image pushes are coordinated as canary → staged → fleet rollouts across all 101 POPs with zero downtime, and every push is recorded on Chrysalis as a signed artifact lineage record.

When to use it

  • Any deployment where “what was actually running on this node” needs to be answered with a measurement chain, not a screenshot.
  • Multi-silicon AI fleets where consistency across heterogeneous hardware is a hard requirement.

What it isn’t

A general-purpose distribution. Arbitrary kernel modules, custom firmware, and ad-hoc package installs are policy-blocked by design — that’s what makes the measurement chain meaningful.

More from the fabric

Related products

Part of the Parinita AI Edge

Bring Parinita Instrument into your stack.

Every Parinita product runs on the same 9-plane fabric across 101 edge POPs. Talk to us about a pilot, or see how the pieces fit together.

Talk to us See the infrastructure