Skip to content

Backend Federation #8

@Exeteres

Description

@Exeteres

The one of the most ambitious tasks that Highstate wants to tackle is to provide a single point of infrastructure management.
But single point of anything also means single point of failure, single point of performance issues and most importantly single springboard for cyber attacks.

The Highstate backend becomes the most sensitive part of the infrastructure management since it:

  • knows all the infrastructure designed, deployed and managed by this backend;
  • knows all the secrets needed to access this infrastructure;
  • launches Pulumi all operations related to this infrastructure;
  • runs all terminals and workers spawned by instances.

Real production workloads are often launched in separate isolated environments and such limitations are simply unacceptable for them.
To try to get around them, we are planning a so-called Backend Federation feature, allowing several backends to manage the infrastructure independently of each other. At the same time, users of one backend will be able to manage unlocked projects of another (with authentication and access control, of course).

Related to #5

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions