跳转至

Integrated platforms: AIP, Foundry, and Apollo(集成平台:AIP、Foundry 和 Apollo)

The standard Palantir architecture consists of three integrated platforms: AIP, Foundry, and Apollo.

Apollo is the continuous delivery platform that manages the underlying infrastructure that hosts both Foundry and AIP services. Apollo enables the orchestration of thousands of zero-downtime upgrades across hundreds of services and assets every day.

Foundry is the foundational data operations platform, which provides the core capabilities for data management, logic authoring, Ontology development, analytics, and workflow development.

AIP is the generative AI platform, which provides secure connectivity to large language models through the “k-LLM” paradigm, a development toolchain for building agents and automations, an array of AI-enabled end user applications, a comprehensive Evals framework for governing AI workflows in production, and more.

Foundry, AIP, and Apollo make up the Enterprise Operating System.

AIP, Foundry, and Apollo: An Enterprise Operating System

The integrated AIP + Foundry + Apollo architecture is designed to function as an Enterprise Operating System.

When taken together, AIP + Foundry can be conceptually mapped into nine capability sets, as shown in the diagram below:

  • The Ontology Language, Ontology Engine, and Ontology Toolchain, which collectively constitute the Ontology system;
  • The Data Services, Logic Services, and Workflow Services that power the Ontology system;
  • The Analytics & Applications, Automations, and a Product Delivery toolchain which users can wield to achieve their goals.

Each of these nine capability sets holistically leverage six mesh-wide components: Storage, Compute, Networking, Security, Governance, and the Workspace. All of these components are powered by Apollo.

This comprehensive architecture powers AI-enabled care operations at major hospital systems, integrated network planning for major airlines, electric operations and wildfire response for America’s largest utilities, full spectrum military operations across the United States and allied nations, and thousands of other use cases. To solve the world's hardest problems, Palantir's customers use the Enterprise Operating System to connect data, analytics, and AI with mission-critical operations.

Illustration showing the 9 capability sets and six lateral categories of AIP+Foundry.

Unified security architecture

A unified security architecture spans all three platforms (AIP, Foundry, and Apollo) in three main spheres: infrastructure security, platform security, and enterprise security.

At an infrastructure level, every component in the Palantir service mesh operates with zero trust (meaning that all elements are access-gated based on identity, device health, and verification) and with an expectation of hostile attacks and the need for autonomous enforcement (for example, through Apollo-mandated encryption, firewalls, and runtime configurations).

At a platform level, both Foundry and AIP provide the full range of controls required to enable trustworthy collaboration. These controls include strict enforcement of access scopes for both humans and agents, granular role-based, marking-based, and purpose-based access controls which connect with automated lineage and auditing, and a range of in-platform applications for interdisciplinary teams.

These foundational controls are extended by enterprise security controls, which enable encryption, audit logging, authorization, and authentication configurations to be deeply integrated with an organization’s existing identity providers, information security tools, and architectural patterns.

Illustration of platform security architecture: enterprise security, platform security, and infrastructure security.

Extensibility and interoperability

The standard AIP + Foundry + Apollo architecture is designed to be extended and deeply integrated with other services and applications.

On the "tactical" level, Palantir's Compute Modules framework allows developers to securely bring their own containers (such as containerized LLMs, optimizers, data processing runtimes, or end-to-end applications) into the Apollo-managed mesh.

A broader example is Palantir’s own defense offerings; their first components were developed before the standard AIP + Foundry + Apollo architecture, but all of the offerings are now completely integrated with the standard architecture. This includes Palantir Gotham's core set of multimodal applications and tools that are powered by the Foundry-managed Ontology.

Other examples can be seen in the Commercial sector, such as Airbus powering an entire Aviation ecosystem (Skywise) through custom offerings that extend the standard architecture, Fujitsu building and delivering a set of specialized agentic applications that use Foundry and AIP’s developer toolchains; or Andretti Racing’s development of a "RaceOS" which connects real-time car performance into a range of rich, AI-powered applications.

The diagram below shows how this works for hospitals building applications on top of the Palantir architecture.

Illustration of "Palantir for Hospitals" offering.

Below is an illustration of Palantir's "Warp Speed", an operating system for manufacturing.

Illustration of "Palantir Warp Speed" offering.

The defense applications below are built on top of the same core architecture as Palantir's commercial offerings, but specialized for some of the world's most demanding and high-stakes use cases.

Illustration of "Palantir Defense" offering.

Pursuing alpha

The goal of the standard architecture is deliver non-standard results: extreme differentiation through maintainable customization.

In the best case, a customer organization should be wielding the constellation of Apollo-managed AIP and Foundry services to build the applications, integrations, and fleets of agents that allow them to address their most important problems.

A successful Palantir deployment is one where the enterprise is pursuing "alpha", in investing parlance; in other words, generating outsized returns by building around their differentiation, infusing their particularities into their ontology, and adapting in real-time to complex operational conditions to pursue their strategic objectives.

To continue the analogy, the investing concept of "beta" would be the pursuit of low-hanging fruit, like the basic solutions in a one-size-fits-all SaaS deployment. The wide range of capabilities in Palantir’s architecture can support these use cases, but ideally only as byproducts of pursuing alpha.

Illustration of how Palantir provides products for "alpha".

Forward Deployed Engineering

The dynamism of AIP, Foundry, and Apollo collectively reflect a product development paradigm known as Forward Deployed Engineering, which can be thought of as the human equivalent of backpropagation. Palantir engineers are deeply embedded in critical environments around the world, from war zones to factory floors, walking many miles alongside customers, and tirelessly working to build and ship new features. Palantir is driven by the missions of our customers, and at the limit, we see the ambition of every deployment of the standard architecture as becoming the enterprise’s unique, one-of-one, ever-evolving operating system.


中文翻译

集成平台:AIP、Foundry 和 Apollo

标准 Palantir 架构由三个集成平台组成:AIP、Foundry 和 Apollo。

Apollo 是持续交付平台,负责管理托管 Foundry 和 AIP 服务的基础设施。Apollo 每天能够编排数百项服务和资产中的数千次零停机升级。

Foundry 是基础数据运营平台,提供数据管理、逻辑编写、本体论(Ontology)开发、分析和工作流开发等核心能力。

AIP 是生成式 AI 平台,通过"k-LLM"范式提供与大型语言模型的安全连接、用于构建智能体(Agent)和自动化的开发工具链、一系列 AI 驱动的终端用户应用,以及用于在生产环境中治理 AI 工作流的全面评估框架(Evals framework)等。

Foundry、AIP 和 Apollo 共同构成企业操作系统。

AIP、Foundry 和 Apollo:企业操作系统

集成的 AIP + Foundry + Apollo 架构旨在作为企业操作系统(Enterprise Operating System)运行。

整体来看,AIP + Foundry 可以概念性地映射为九个能力集,如下图所示:

  • 本体论语言(Ontology Language)本体论引擎(Ontology Engine)本体论工具链(Ontology Toolchain),共同构成本体论系统
  • 为本体论系统提供动力的数据服务(Data Services)逻辑服务(Logic Services)工作流服务(Workflow Services)
  • 用户可用来实现目标的分析与应用(Analytics & Applications)自动化(Automations)产品交付(Product Delivery) 工具链。

这九个能力集各自全面利用六个网格级组件:存储(Storage)计算(Compute)网络(Networking)安全(Security)治理(Governance)工作空间(Workspace)。所有这些组件均由 Apollo 提供支持。

这一全面架构为大型医院系统的 AI 驱动护理运营、主要航空公司的综合网络规划、美国最大公用事业公司的电力运营和野火响应、美国及盟国的全频谱军事行动,以及数千个其他用例提供支持。为解决世界上最棘手的问题,Palantir 的客户使用企业操作系统将数据、分析和 AI 与关键任务运营连接起来。

图示展示了 AIP+Foundry 的 9 个能力集和六个横向类别。

统一安全架构

统一安全架构贯穿所有三个平台(AIP、Foundry 和 Apollo),涵盖三个主要领域:基础设施安全、平台安全和企业安全。

基础设施层面,Palantir 服务网格中的每个组件都采用零信任(Zero Trust)原则运行(即所有元素均基于身份、设备健康和验证进行访问控制),并预期遭受恶意攻击,需要自主执行(例如,通过 Apollo 强制执行的加密、防火墙和运行时配置)。

平台层面,Foundry 和 AIP 都提供实现可信协作所需的全面控制。这些控制包括对人员和智能体(Agent)的访问范围严格强制执行、基于角色、标记和目的的细粒度访问控制(与自动化的血缘关系和审计功能相连接),以及一系列面向跨学科团队的平台内应用。

这些基础控制通过企业安全控制得到扩展,使加密、审计日志记录、授权和身份验证配置能够与组织现有的身份提供商、信息安全工具和架构模式深度集成。

平台安全架构图示:企业安全、平台安全和基础设施安全。

可扩展性与互操作性

标准 AIP + Foundry + Apollo 架构设计为可扩展,并能与其他服务和应用程序深度集成。

在"战术"层面,Palantir 的计算模块(Compute Modules)框架允许开发者安全地将自己的容器(例如容器化的 LLM、优化器、数据处理运行时或端到端应用)引入 Apollo 管理的网格中。

一个更广泛的例子是 Palantir 自身的国防产品;其最初组件是在标准 AIP + Foundry + Apollo 架构之前开发的,但现在所有产品都已完全与标准架构集成。这包括 Palantir Gotham 的核心多模态应用和工具集,这些应用和工具由 Foundry 管理的本体论(Ontology)提供支持。

其他例子可见于商业领域,例如空客(Airbus)通过扩展标准架构的定制产品构建了整个航空生态系统(Skywise);富士通(Fujitsu)使用 Foundry 和 AIP 的开发者工具链构建并交付了一套专门的智能体应用;或者 Andretti Racing 开发的"RaceOS",将实时赛车性能连接到一系列丰富的 AI 驱动应用中。

下图展示了医院在 Palantir 架构之上构建应用的工作原理。

"Palantir for Hospitals"产品图示。

以下是 Palantir "Warp Speed"的图示,这是一个面向制造业的操作系统。

"Palantir Warp Speed"产品图示。

下面的国防应用建立在与 Palantir 商业产品相同的核心架构之上,但针对世界上一些要求最高、风险最高的用例进行了专门化。

"Palantir Defense"产品图示。

追求阿尔法(Alpha)

标准架构的目标是交付非标准的结果:通过可维护的定制化实现极致差异化。

在最佳情况下,客户组织应运用由 Apollo 管理的 AIP 和 Foundry 服务集群,构建能够解决其最重要问题的应用、集成和智能体舰队。

一个成功的 Palantir 部署,是企业在投资术语中追求"阿尔法(Alpha)"的部署;换句话说,通过围绕自身差异化进行构建,将其特殊性注入本体论(Ontology),并实时适应复杂运营条件以追求其战略目标,从而产生超额回报。

继续这个类比,投资概念中的"贝塔(Beta)"将是追求唾手可得的成果,比如一刀切的 SaaS 部署中的基本解决方案。Palantir 架构中的广泛能力可以支持这些用例,但理想情况下,它们只是追求阿尔法过程中的副产品。

图示展示了 Palantir 如何为"阿尔法"提供产品。

前向部署工程(Forward Deployed Engineering)

AIP、Foundry 和 Apollo 的活力共同反映了一种称为前向部署工程(Forward Deployed Engineering)的产品开发范式,这可以被视为人类版本的逆向传播(Backpropagation)。Palantir 工程师深入嵌入全球各地的关键环境,从战区到工厂车间,与客户并肩前行,不懈地构建和交付新功能。Palantir 由客户的使命驱动,最终,我们期望标准架构的每一次部署都能成为企业独一无二、量身定制、持续演进的操作系统。