mainasara.dev / at-rund
Social cloud hosting
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

at-rund / ROADMAP.md
at main 5.3 kB view raw view code
neutrino2211 docs: add multi-backend isolation design
5a6964a4

Roadmap#

This document outlines the development roadmap for at-rund.

Current Status: Alpha (Under Heavy Construction)#

The core architecture is in place. Dev mode works on macOS/Linux with Nix. Production isolation is being implemented with multiple backends.

See DESIGN.md for architectural decisions.

Phase 1: Core Functionality ✅#

Goal: A working end-to-end system where bundles can be fetched from a PDS and executed.

ATProto Integration#

  • DID resolution (did:plc, did:web)
  • PDS client for fetching bundle records
  • Bundle blob fetching and caching
  • Manifest parsing (permissions, runtime, limits)

Bundle Execution#

  • Wire up executor to HTTP routes
  • Permission enforcement (net, read, write, env)
  • Resource limits (memory, CPU, timeout)
  • Secrets decryption and injection

Dev Mode#

  • Nix-based execution (NixPool)
  • Auto-detection of capabilities
  • Runtime executor pattern (at-run-exec)
  • Hot reload for local development
  • Better error messages

Phase 2: Production Isolation#

Goal: Multiple isolation backends to balance security vs. accessibility.

isolation = "auto" | "none" | "container" | "firecracker"

Container Backend (In Progress)#

  • ContainerPool executor implementation
  • OCI image building via Nix (debian-slim base)
  • Docker/Podman runtime detection
  • seccomp profiles for syscall filtering
  • Network namespace isolation
  • Permission enforcement via container config

Firecracker Backend (Future)#

  • FirecrackerPool executor implementation
  • Kernel + rootfs image building via Nix
  • VM lifecycle management (spawn, stop, reuse)
  • virtio-fs for bundle mounting
  • vsock for host ↔ guest communication
  • Guest agent (Go binary inside VMs)

Shared Infrastructure#

  • Auto-detection logic (KVM → container → none)
  • Pre-warming (configurable per runtime)
  • Idle timeout and reclamation
  • Max instance limits
  • Graceful drain on shutdown
  • Network proxy with permission enforcement

Phase 3: Observability#

Goal: Operators can monitor their runners effectively.

Metrics#

  • OpenTelemetry integration
  • Request count, latency, error rate
  • Per-bundle, per-DID breakdowns
  • VM pool utilization
  • Resource usage (memory, CPU)

Logging#

  • Structured JSON logs
  • Request tracing (trace IDs)
  • Bundle execution logs (opt-in)

Dashboard#

  • Example Grafana dashboard
  • Prometheus scrape endpoint (/metrics)

Phase 4: Operator Experience#

Goal: Make it easy to run a production at-rund instance.

Deployment#

  • systemd service support
  • Docker image
  • Nix flake for NixOS deployment
  • Ansible/Terraform examples

Configuration#

  • Config validation on startup
  • Reload config without restart (SIGHUP)
  • Environment variable overrides

Security#

  • Security hardening guide
  • Firewall recommendations
  • TLS termination examples (nginx, caddy)

Phase 5: Advanced Features#

Goal: Features for larger-scale or specialized deployments.

Tasks & Jobs#

  • Port task queue from at-run v1
  • Background job execution
  • Cron scheduling
  • Result caching

Multi-Node#

  • Shared state (Redis, SQLite)
  • Load balancing considerations
  • Sticky sessions for stateful bundles

Custom Runtimes#

  • Runtime marketplace/registry (community-contributed)
  • Documentation for writing runtimes
  • Testing framework for runtimes

Phase 6: Ecosystem#

Goal: at-rund becomes part of a thriving ecosystem.

Discovery#

  • Runner announcement protocol (optional)
  • Capability advertisement (runtimes, limits)
  • Uptime/health signaling

Developer Experience#

  • at-run test --runner <url> for testing against remote runners
  • Bundle compatibility checker
  • Performance profiling

Documentation#

  • Operator guide
  • Security model explanation
  • Troubleshooting guide
  • Video tutorials

Non-Goals (For Now)#

These are explicitly out of scope for the initial releases:

  • Automatic runner discovery — Trust is social; discovery is manual
  • Payment/billing integration — Use middleware if needed
  • Multi-region orchestration — Each runner is independent
  • Bundle validation/signing — Trust the author, not the code
  • Centralized registry — Bundles live on user PDSes

Contributing#

We welcome contributions! Areas where help is especially appreciated:

  1. Runtime definitions — Create Nix configs for new runtimes
  2. Testing — Run at-rund and report issues
  3. Documentation — Improve guides and examples
  4. Firecracker expertise — Help with VM integration

See CONTRIBUTING.md for guidelines.

Version History#

Version Status Notes
0.1.0 Alpha Initial scaffolding, dev mode works
0.2.0 ATProto integration, bundle execution
0.3.0 Firecracker production mode
0.4.0 Observability (OTLP, metrics)
1.0.0 Production ready