The one of the most ambitious tasks that Highstate wants to tackle is to provide a single point of infrastructure management.
But single point of anything also means single point of failure, single point of performance issues and most importantly single springboard for cyber attacks.
The Highstate backend becomes the most sensitive part of the infrastructure management since it:
- knows all the infrastructure designed, deployed and managed by this backend;
- knows all the secrets needed to access this infrastructure;
- launches Pulumi all operations related to this infrastructure;
- runs all terminals and workers spawned by instances.
Real production workloads are often launched in separate isolated environments and such limitations are simply unacceptable for them.
To try to get around them, we are planning a so-called Backend Federation feature, allowing several backends to manage the infrastructure independently of each other. At the same time, users of one backend will be able to manage unlocked projects of another (with authentication and access control, of course).
Related to #5
The one of the most ambitious tasks that Highstate wants to tackle is to provide a single point of infrastructure management.
But single point of anything also means single point of failure, single point of performance issues and most importantly single springboard for cyber attacks.
The Highstate backend becomes the most sensitive part of the infrastructure management since it:
Real production workloads are often launched in separate isolated environments and such limitations are simply unacceptable for them.
To try to get around them, we are planning a so-called Backend Federation feature, allowing several backends to manage the infrastructure independently of each other. At the same time, users of one backend will be able to manage unlocked projects of another (with authentication and access control, of course).
Related to #5