Audience

Engineers, Architects, and Tinkerers already running a home lab as a self-hosted project or for profit. With a sharded TenantID plus shared Postgres DB, admission+registration service, and query isolation, you can evolve a single cloud service into a horizontally scalable clustered service with strong multi-tenancy.

Current Problems

In many deployments, there are problems at each layer which prevent true multi-tenancy that scales securely. The main issue is *weak tenant isolation at either the control, compute, storage or network layers.

HCP architecture aims to rectify each of these problems by utilizing:

1. A multi-tailnet approach using headscale VPN coordinator and Postgres Database
2. Centralized and distributed Open vSwitch setup with VXLAN and Virtual Routing Forwarding (VRF)
3. Sharded Ceph file and object storage
4. Minimal operating system using Yocto embedded building framework
5. eBPF security built in

Architecture