Blog Tags: 

Launching TurnKey Hub into private beta: cloud deployment simplified

Towards the end of last year we decided it was time to start working on an idea we've been toying with for a while. Mapping out the feature set was fun, and a lot of the current and future features are based on feedback we received from you guys and gals, as well as many related questions and comments from around the net.

Today after a last round of internal testing we are pleased to announce that we've launched TurnKey Hub into private beta:

We've just sent out the first batch of invites. If you've already requested an invite, you should receive one as we roll them out. Please be patient. We initially have limited capacity so it's first come, first served.

What is this TurnKey Hub?

  • The short version: TurnKey cloud deployment: simplified.
  • The slightly longer version: An easy way to launch and manage TurnKey Linux appliances in the Amazon EC2 cloud (more clouds and VPS providers on the way).

A simple Amazon EC2 console optimized for TurnKey

Hub Servers

  • Launch TurnKey appliances in the click of a button.
  • TurnKey optimized firewall templates.
  • Configure custom passwords on launch.
  • Authenticate with personal SSH key in addition to EC2 keypairs.
  • Automatically setup EBS devices and Elastic IP's on launch.
  • Easier management with descriptive labels for all assets.
  • Unified interface for all regions and all your EC2 accounts.

And that's just the tip of the iceberg. There's much more in development...

Upcoming features

  • More clouds: Support all clouds and VPS providers.
  • Backup: Automatic encrypted appliance backups.
  • Migration: Automatically restore backups anywhere.
  • You decide: Suggest features and help us prioritize.

In other words this is just the first modest step in a much more ambitious plan to continue making TurnKey easier to use, as Liraz recently explained:

"Imagine being able to develop your site on a locally running appliance (e.g., running in VirtualBox or VMWare). Then, when you're ready you can automatically migrate your appliance, with all your customizations to a cloud hosting provider of your choice."

So once you receive your invite, take the Hub for a spin, let us know what you think. We'd like to know how to make this better. What new features you'd like to see implemented. That sort of thing.

Remember, you can request an invite here.


David Hall's picture

Thanks Turnkey Gang for a very very easy to use Virtual Appliance deployer!

In less than 30 minutes, I created my Amazon EC2 account, setup a Media Wiki and was off and running.

I'm sure there is more to work out - ie. something tells me that when I terminate the host, the data goes with it.  Or is the state preserved / snap shotted.

When does one need to use S3? 

All that can be worked out later.  I'm impressed!  I must say it makes me nervous to put my Amazon keys into your hub as that gives one access to run up a fierce bill..  What makes Hub Secure enough to do this?

Liraz Siri's picture

Currently, if you want your data to survive instance termination you should store it in an EBS volume. But it's not automatic.. yet. The next major feature we'll add into the Hub is automatic backup and migration which will take care of that usage scenario and many others.

Regarding security, that's a good question. I think it would make a good idea to dedicate a blog post to this but I'll cover the main points right now:

  • Security background: We, the developers, come from a computer security background. You can Google us to find the full details. For example, Alon, which is the lead developer for the Hub founded a computer security training company. Before that he worked as a penetration tester, and before that he was responsible for network security in the Israeli air force. My background is similar. Security is a big priority for us and we are not naive regarding the risks.
  • High-level language and webapp framework: The Hub is implemented in a high-level language (Python) using the Django framework.  which contains a range of security mechanisms you can use to protect from all sorts of common web application attacks (e.g,. SQL injection, XSS, XSRF, etc.). Using a high-level language wipes out a large class of security vulnerabilities (e.g., issues with out-of-bound pointers, etc.)
  • Encryption: All of your network traffic to and from the Hub is encrypted.
  • Isolation: We've setup the Hub to run in a separate server from the rest of our network infrastructure. It's isolated.  If the CMS that runs this web site is compromised, or our mail server, etc, that doesn't effect the Hub.
  • Security audits: We've run extensive security audits on the Hub prior to launch including manual code inspection AND a gauntlet of automatic tools.
  • Reputation: We have a reputation to maintain and understand the consequences of failure. If the Hub's security fails that will be a huge setback for the viability of the service. This is a risk we take very seriously.

The precautions we're taking, coupled with our background mean that it's far more likely in my opinion that your access keys / credit card / bank account credentials will be stolen via  malware running on your PC (for example). Nothing is perfect but if you already accept the risk of doing any sort of commerce on the Internet you shouldn't loose any sleep over the Hub storing your AWS keys.

Note that Amazon allows you to create a separate set of Amazon keys you can use just for the Hub if you believe this reduces your risk. You can then revoke the keys at any time.

bmullan's picture

Growth in private clouds based on canonical/ubuntu's UEC/eucalyptus based cloud architecture is on fire.  

I've signed up and used Canonical's Landscape application and it works well and it does let you manage both your private UEC cloud as well as AWS VMs.... but I think their pricing of it makes it prohibitive (at least to me) as there is a subscription cost for every machine/vm managed.    Which can climb in $ rapidly.

I'd like to see an alternative Open Source application that provides an intelligently integrated combination of something like the core capabilities of:

  • ebox - for network, security, ddns, printer, AD, etc. mgmt/reporting
    • ebox already integrates a great deal of this from various GPL projects
  • integrated with -- chef/puppet/cfegine - some provisioning mgmt tool with a Gui front-end?

I think in a cloud environment, people would be willing to pay a decent subscription for this type  of cloud manager application.  

I think Canonical's UEC marketing plan approach requirement to pay for cloud controller, cluster controller, storage controller, node controller ... and ... vms is too much.

bmullan's picture

I don't think its amazon as I've been bringing up/down instances for the past 2 days.

Have you tried to launch any AMI's from the AWS Console instead just to see if the Instance starts?


Joey Gartin's picture

I have an existing Turnkey Instance running, can I add this to the Cloud app so I can view/manage it?


Add new comment