Mission Capabilities
What is a UDS Mission Capability?
UDS Mission Capabilities consist of a wide range of tools and resources essential for our Mission Heroes to achieve their mission objectives. UDS Mission Capabilities are securely and reliably packaged, deployed, and operated in the environments needed by your teams.
Mission Capabilities encompass various mission-specific resources, including AI models, databases, specialized configurations, and more. These packages are optional components of UDS, designed to support mission-critical operations effectively. They are preconfigured and packaged in a consistent and repeatable manner to ensure secure and reliable operation.
Secure and Reliable Operation
UDS Mission Capabilities are securely and reliably packaged, deployed, and operated in the environments needed by our Mission Heroes. Security and reliability are at the core of UDS, ensuring that mission-critical operations are executed with confidence.
Ready-to-Use Packages
UDS Mission Capabilities ensure that teams have the right tools at their disposal, securely and consistently packaged, to accomplish their missions successfully. These capabilities are ready-to-use, minimizing the setup time and ensuring that Mission Heroes can focus on their mission-critical tasks right from the start. UDS simplifies the mission environment, allowing Mission Heroes to work efficiently.
Reusability and Dependability
Mission Capabilities are designed for reusability and dependability. Once created and validated, these capabilities can be leveraged across multiple missions, reducing redundancy and development effort. The proven reliability of these capabilities ensures that teams can depend on them for mission-critical tasks without hesitation.
1 -
Software Factory
The Software Factory platform is a comprehensive solution designed to simplify and secure the software development process. It offers a package of software development tools, and extensible preconfigured DevSecOps pipelines, built on top of the UDS Core common baseline to enable Mission Heroes to focus on meeting their mission objectives. Software Factory is designed for the rapid deployment of secure Continuous Integration/Continuous Delivery (CI/CD) pipelines. Software Factory is engineered to operate in any environment, making it the ideal choice for on-premises, cloud, or tactical edge systems. The core purpose is to safeguard development environments while automating the software delivery workflow.
Software Factory introduces a declarative packaging of tools for source code management, CI/CD, value stream metrics, artifact repository, team collaboration and identity management. This all-in-one solution enables users to create secure and efficient CI/CD pipelines wherever and whenever needed. The integration of these tools ensures that every stage of the software delivery pipeline becomes an automated safeguard, ensuring that code and applications are ready for secure deployment in production environments. Software Factory equips Mission Heroes with an out-of-the-box, secure solution to meet their software delivery objectives, simplifying the path to secure and efficient software development.
Key Features
Faster Authorization: Helps you meet most NIST controls by default, reducing compliance overhead. This accelerates the Authorization process, enabling you to focus on mission critical tasks.
Portability: Deploy anywhere and produce application artifacts that are deployable across different environments. This versatility allows you to build on the low side and seamlessly deploy to the high side, enhancing flexibility and mission adaptability.
Data Independence: You have full ownership of the environment and the data within it. You can extend the solution to meet bespoke mission needs, giving you the freedom to choose your support providers. This competitive approach helps control costs and ensures data sovereignty.
Extensibility: Software Factory offers an open architecture and pipeline templates aligned with supply chain best practices. This flexibility allows you to customize SWF to fit your specific mission or application requirements. You can tailor the platform to align with your unique needs and workflows.
Software Factory UDS Packages
| UDS Package | Functionality |
|---|
| Gitlab | Source Code Management: A DevOps software package that can develop, secure, and operate software. GitLab offers robust version control for your source code, making it easy to collaborate, track changes, and maintain a secure codebase.
Container Registry: It provides a centralized location for storing and managing container images, facilitating seamless deployment and version control.
Secret Storage: Securely manage and access sensitive data like credentials and configurations. |
| GitLab Runner | Continuous Integration: GitLab Runner is a Continuous Integration runner that integrates with GitLab, facilitating automated builds, testing, and deployment of your applications. |
| Mattermost | Online Chat Service: Mattermost is an open-source, self-hostable online chat service, providing a platform for real-time communication and collaboration within teams. |
| SonarQube | Code Quality: SonarQube continuously evaluates code quality and identifies issues, helping maintain code integrity and reduce technical debt. |
Note
If you are interested in learning more about Software Factory or would like to receive a demo, please contact us!
1.1 -
Software Factory Bundles
Note
The following UDS Bundles are designed specifically for development and testing environments and are not intended for production use.
Bundle Overview
This bundle is primarily for development purposes and requires an existing K3d cluster to deploy.
System Requirements
This bundle requires 9 CPUs and 28GB of memory available to run effectively.
Bundle Applications
| Application | Description |
|---|
| Minio | In-cluster S3 Object Storage solution. |
| Postgres Operator | In-cluster PostgreSQL Database management tool. |
| GitLab | A comprehensive DevOps software package facilitating software development, security, and operational tasks. |
| GitLab Runner | A Continuous Integration (CI) runner tightly integrated with GitLab, streamlining automation of build, test, and deployment workflows. |
| Mattermost | An open-source, self-hostable online chat service empowering real-time communication for teams and organizations. |
| SonarQube | An open-source platform developed by SonarSource, dedicated to the continuous inspection of code quality, ensuring adherence to high standards across the software development lifecycle. |
Bundle Overview
Demo bundle of Software Factory deployed on top of UDS Core that includes the deployment of an underlying K3d cluster.
System Requirements
- This bundle requires a minimum of
11 CPUs and 32GB of memory available to run effectively. - This bundle is best deployed on an adequately sized Linux machine with Docker or equivalent installed.
Bundle Applications
| Application | Description |
|---|
| UDS-K3d | Containerized K3s with opinionated deployment for UDS development. |
| Minio | In-cluster S3 Object Storage solution. |
| Postgres Operator | In-cluster PostgreSQL Database management tool. |
| UDS Core | Comprehensive suite including Service Mesh, IdAM, Monitoring, Logging, Metrics, UDS Policy Engine and Operator, Container Security, Backup and Restore functionalities. |
| GitLab | A comprehensive DevOps software package facilitating software development, security, and operational tasks. |
| GitLab Runner | A Continuous Integration (CI) runner tightly integrated with GitLab, streamlining automation of build, test, and deployment workflows. |
| Mattermost | An open-source, self-hostable online chat service empowering real-time communication for teams and organizations. |
| SonarQube | An open-source platform developed by SonarSource, dedicated to the continuous inspection of code quality, ensuring adherence to high standards across the software development lifecycle. |
1.2 -
Deploy Software Factory
Prerequisites
Apple Silicon Mac Users
When deploying on an Apple Silicon Mac, you have the option to utilize Colima, an open-source alternative to Docker Desktop, for deploying this bundle. You can install Colima via Homebrew by executing the command brew install colima.
To set up an appropriately configured Colima virtual machine, run the following command:
colima start --cpu 11 --memory 32 --disk 100 --vm-type vz --vz-rosetta --arch aarch64 --profile uds
Certain configurations must be set on the host to ensure a smooth deployment of SonarQube and UDS Core. Note: From our testing these steps are not required with Docker Desktop.
SSH To the colima VM:
Then run the following commands:
sudo sysctl -w vm.max_map_count=1524288
sudo sysctl -w fs.file-max=1000000
ulimit -n 1000000
ulimit -u 8192
sudo sysctl --load
sudo swapoff -a
sudo sysctl fs.inotify.max_user_instances=8192
sudo sysctl -p
exit
Linux Users
Depending on your Linux distribution and its configuration, you may need to execute the following steps to ensure the proper deployment of Software Factory and/or UDS Core:
sudo sysctl -w vm.max_map_count=1524288
sudo sysctl -w fs.file-max=1000000
ulimit -n 1000000
ulimit -u 8192
sudo sysctl --load
sudo swapoff -a
sudo sysctl fs.inotify.max_user_instances=8192
sudo sysctl -p
Quickstart
**Step 1: Install UDS CLI
brew tap defenseunicorns/tap && brew install uds
Step 2: Deploy
To experiment with the UDS Software Factory, you can use the k3d-swf-demo bundle to create a local K3d cluster featuring complete installations of UDS Core and Software Factory.
To deploy this bundle, run the following command:
uds deploy k3d-swf-demo:0.2.2
Optional:
Use the following command to visualize resources in the cluster via K9s:
Step 3: Clean Up
Upon completion of the Software Factory demo bundle, execute the following command to tear down the K3d cluster:
Alternatively, you have the option to deploy the swf-dev bundle, designed to be deployed atop k3d-core-slim-dev. This bundle encompasses the entire Software Factory, while leveraging only a portion of the underlying UDS Core baseline. This design allows the bundle to run on a broader range of hardware, specifically tailored for local development environments.
If using the swf-dev bundle, users have two options for deployment:
- Build and deploy directly from the source.
- Deploy the pre-built artifacts hosted in the GHCR OCI registry.
OCI
Run the below command to deploy the k3d-core-slim-dev bundle:
uds deploy k3d-core-slim-dev:0.22.0
Then run the following command to deploy the swf-dev bundle on top of the development cluster:
You can then configure keycloak. Use zarf connect to establish a connection to the keycloak admin endpoint:
uds zarf connect keycloak
Refer to the UDS Core documentation for more details on how to configure keycloak users and groups.
Source
Step 1: Clone the Software Factory Repository
git clone https://github.com/defenseunicorns/uds-software-factory.git
To build and deploy from the source you can utilize the UDS tasks by running:
If you need to create a test user in keyloak you can then run:
uds run setup:create-doug-user
2 -
LeapfrogAI
LeapfrogAI enhances the capabilities of the UDS platform by providing mission-specific opinionated AI capabilities. The seamless integration of LeapfrogAI within UDS offers an end-to-end solution for mission-critical operations. The LeapfrogAI mission capability comes complete with a variety of predefined AI models, databases, frontends, and configurations that are designed to align with the user’s mission objectives. These predefined capabilities are then deployed within UDS’s secure and declarative baseline, ensuring the safety and consistency of AI-driven operations.
LeapfrogAI introduces unique configurations tailored specifically for national security applications. With stringent security requirements in mind, LeapfrogAI provides a trusted environment, ensuring compliance with the highest standards of national security. The platform also provides an API surface for extensibility, allowing users to deploy additional mission-specific capabilities as needed. Open-source Large Language Models (LLMs) form the backbone of LeapfrogAI, ensuring transparency, flexibility, and accessibility for national security users.
Key Features
Predefined AI Resources: Equipped with a set of predefined AI models, databases, frontends, and configurations tailored to fit specific mission requirements. These resources serve as ready-to-use building blocks for quick and effective AI application deployment.
Secure and Declarative Integration: When LeapfrogAI is leveraged within the UDS platform, mission-specific AI resources are deployed within a secure and declarative environment. This ensures the safety and consistency of AI-driven operations, maintaining alignment with UDS’s best practices.
Informed Decision-Making: Enhances the decision-making process with AI-driven insights and analyses. By utilizing this capability, teams gain access to valuable data-driven support for mission-critical actions, empowering users to make informed choices.
End-to-End Mission Solution: LeapfrogAI is a comprehensive, end-to-end opinionated AI mission solution. Its AI features extend across various aspects of mission tasks, offering a holistic solution to mission objectives, whether requiring analysis, data insights, or decision support.
Mission Support
| Feature | Description |
|---|
| Multimodal Support | Offers comprehensive multimodal support, accommodating various data types such as text, images, translations, summarizations, and more. This versatility ensures adaptability to diverse mission objectives. |
| Data Privacy and Security | Prioritizes data privacy and security, eliminating the need to transfer data to third-party systems. Users maintain control over sensitive information, ensuring mission-critical data stays within the secure boundaries of the UDS platform. |
| Customization | Provides extensive customization capabilities, enabling users to tailor model outputs to leverage data specifically relevant to their unique use case. This customization ensures seamless alignment with mission objectives, delivering precise and targeted insights. |
| Cost Reduction | By removing dependence on costly pay-as-you-go APIs and services, LeapfrogAI contributes to significant cost reduction. Mission Heroes can leverage the platform’s capabilities without incurring unnecessary expenses, making it a cost-effective solution for mission-critical operations. |
| Localization | Supports localization by enabling users to host models locally. This minimizes latency and delays, ensuring efficient and responsive AI capabilities within the mission environment. Running models locally enhances performance and responsiveness. |
| CPU Support | Designed to run on both GPU and CPU instances, providing flexibility in deployment options. Users can choose the hardware configuration that best suits their mission requirements, ensuring optimal performance and resource utilization. |
| Edge Deployments | Extends its reach to edge devices, allowing deployment on devices as small as laptops. This UDS Package is crucial for scenarios where edge computing is essential, ensuring that LeapfrogAI can operate in resource-constrained environments without compromising functionality. |
Note
If you are interested in learning more about LeapfrogAI or would like to receive a demo, please contact us!
3 -
Your App Your Environment
Your App Your Environment revolutionizes application deployment for Mission Heroes, providing a seamless process for selecting, deploying, and managing mission-critical software on a Kubernetes cluster. Leveraging UDS and an array of open-source projects, Your App Your Environment is engineered to handle complex challenges, including egress-limited or air-gapped software delivery, ensuring robust and efficient deployment solutions. Offering flexibility, Your App Your Environment delivers cloud-native applications tailored to the unique needs of mission teams, empowering them to succeed in any environment, whether in the cloud, on-premises, or at the tactical edge.
By integrating with Defense Unicorns’ recommended DevSecOps Reference Guide compliant architecture, Your App Your Environment ensures compliance and security by default, providing a secure baseline with documented NIST 800-53 controls. Your App Your Environment meets 70% of technical security controls out of the box, significantly accelerating application delivery timelines towards achieving Authority to Operate (ATO).
With Your App Your Environment, teams maintain ownership and independence over their applications, avoiding reliance on vendor-locked solutions, and can package and deploy applications across various environments, guaranteeing compatibility and adaptability to diverse operational scenarios.
Key Features
Accelerate Authorization: Leverage Defense Unicorns’ recommended DevSecOps Reference Guide compliant architecture to integrate your app with a secure baseline that comes with documented NIST 800-53 controls.
Mission Ownership: Your App Your Environment enables teams to maintain ownership of their application, preventing reliance on vendor-locked solutions.
Deploy Anywhere: Your App Your Environment packages and delivers your mission application across multiple environments, including cloud, on-premises, and tactical edge.
Note
If you are interested in learning more about Your App Your Environment, please contact us!