coulomb/railiance-fabric
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ab7e0ccab1df6a9fcf331a9589cebea44915c8a8
railiance-fabric/docs/FabricDiscoveryAndUpdate.md

11 KiB
Raw Blame History

Fabric Discovery And Update

Intent

railiance-fabric models the durable infrastructure-responsibility graph of the Railiance netkingdom.

A fabric is not a repository, environment, cluster, deployment scenario, or security zone. A fabric is the financial and operational responsibility boundary around infrastructure: who pays for it, who is accountable for it, and who has the authority to keep it alive.

The graph exists to answer:

  • what infrastructure, services, repositories, deployables, endpoints, and machines exist;
  • who owns or pays for each node;
  • which fabrics and subfabrics contain those nodes;
  • which durable interfaces cross ownership boundaries;
  • which cross-boundary interfaces provide utility that may carry business value.

Fabric intentionally stays out of live operational telemetry. It may represent that a service, host, endpoint, or deployment exists because durable automation or configuration proves it. It should not represent whether that thing is currently healthy, loaded, failing, or profitable in the accounting sense.

Financial Boundary Terms

Fabric uses financial responsibility terms for fabric boundaries.

King

The king is responsible for the whole netkingdom.

The king has the key to the netkingdom. Literally, this means the master key or at least a relevant key component for secrets, backups, and recovery paths across the infrastructure under the netkingdom.

The king also holds the legal and contractual relationship with all lords and tenants. Even when responsibility is delegated, the king remains the actor that can ultimately restore, recover, govern, or terminate the netkingdom.

Lord

A lord pays for a fabric.

A lord is accountable for a durable infrastructure-responsibility boundary. In the current Railiance setup there is one effective fabric because one actor pays for all infrastructure. Additional fabrics appear when the responsibility to pay for a coherent infrastructure boundary changes.

Tenant

A tenant pays for restricted use of a subfabric.

A tenant is not the root payer for the whole fabric. A tenant receives bounded access to utility inside a subfabric and may consume services or interfaces provided by a lord, by the king, or by another tenant-facing utility.

Fabrics, Subfabrics, And Views

Fabric

A fabric is a durable responsibility boundary. Membership changes when financial or operational responsibility changes, not when a service is redeployed, a repo is refactored, a host is replaced, or an environment name changes.

Criteria for establishing a fabric:

  • there is a lord who pays for the infrastructure in that boundary;
  • the boundary can be discovered from durable infrastructure, deployment, or contractual evidence;
  • the boundary remains stable across ordinary deployment and development churn;
  • ownership changes imply a meaningful change to who is accountable for cost, continuity, recovery, and utility delivery.

Subfabric

A subfabric is a delegated responsibility or tenancy partition within a fabric.

Subfabrics are useful when a tenant receives restricted access to infrastructure or utility while the parent fabric remains under a lord or king. A subfabric may eventually become a separate fabric if payment, control, recovery, and legal responsibility move to another lord.

View

A view is a diagnostic or informational slice through the graph.

Views can filter by repository, service, environment, machine, endpoint, tenant, workstream, deployment stack, or business capability. Views do not define fabric membership and should not mutate fabric boundaries.

Environment

An environment such as local, dev, staging, production, or lab is a deployment classification inside a fabric. It is not a fabric by itself.

Deployment Scenario

A deployment scenario is a realized or planned arrangement of services, machines, endpoints, automation, and configuration. It belongs inside a fabric or subfabric but does not define the financial boundary.

Ownership Rule

Every node in the Fabric graph must carry owner information.

Ownership may be explicit on the node or inherited from the containing fabric or subfabric, but it must be resolvable. Nodes without resolvable ownership are incomplete because Fabric cannot explain who is accountable for their cost, continuity, recovery, or utility.

Ownership should identify the relevant king, lord, tenant, or delegated operator where applicable. Operators and maintainers may be represented as supporting actors, but they do not replace the financial boundary terms unless they also pay for or legally own the responsibility boundary.

Cross-Boundary Edges

Edges may cross fabric and subfabric boundaries.

These edges are especially important. They are where one owned boundary consumes utility from another owned boundary. They are also where business value can appear: paid access, cost recovery, shared platform utility, tenant-facing interfaces, or contractual service delivery.

Fabric should treat cross-boundary interfaces as first-class graph facts. A cross-boundary utility edge should be able to identify:

  • provider owner;
  • consumer owner;
  • provider fabric or subfabric;
  • consumer fabric or subfabric;
  • exposed endpoint, contract, service, or utility;
  • durable evidence for the relationship;
  • expected payment or business model when known;
  • metering basis when known.

The existence of a cross-boundary interface belongs in Fabric. Live usage, current health, latency, revenue events, and incident state belong to telemetry, accounting, or operational systems outside the Fabric core.

Cost And Profit Center Attribution

Cost centers and profit centers are accounting attributions. They are not fabric boundaries by themselves.

A cost center may be evidence that a responsibility boundary exists, especially when it corresponds to a lord who pays for infrastructure. However, the fabric boundary is still established by financial and operational accountability, not by the accounting label alone.

Cost and profit center attribution may overlap with fabrics and subfabrics:

  • one fabric may contain many cost centers;
  • one tenant may span several cost centers;
  • one cost center may include nodes from multiple subfabrics;
  • one shared service may allocate cost across several tenants or cost centers;
  • one cross-boundary utility may be cost-bearing for one actor and profit-bearing for another.

Fabric should therefore support optional accounting attribution on nodes and edges without allowing that attribution to redefine containment:

  • node cost center;
  • node profit center;
  • edge cost allocation model;
  • edge profit attribution;
  • payment schema;
  • metering or allocation basis when known;
  • attribution validity period when known.

This lets Fabric build cost-center and profit-center views while preserving the durability of fabric membership. A node moving from one cost center to another does not necessarily move fabrics. A node moves fabrics only when financial or operational responsibility for the infrastructure boundary changes.

Useful accounting views include:

  • all infrastructure attributed to a cost center;
  • all cross-boundary utility edges attributed to a profit center;
  • tenant-facing utilities without a payment schema;
  • shared services with unresolved allocation;
  • owned nodes without cost-center attribution;
  • expensive or critical infrastructure with no visible value interface.

Discovery Approach

Fabric discovery should start from accountability roots, not from arbitrary repo ownership declarations.

Useful roots include:

  • the king and current netkingdom inventory;
  • lords and their fabrics;
  • tenants and their subfabrics;
  • State Hub attached repositories and known host paths;
  • Gitea organizations and repository URLs;
  • deployment automation repositories;
  • Docker, Compose, Kubernetes, systemd, reverse proxy, and infrastructure manifests;
  • backup, recovery, and secret-management evidence;
  • service endpoint and API specifications;
  • CI/CD and release automation that proves deployables and deployment targets.

The scanner follows these roots outward to discover durable evidence of nodes and edges. Repository-local facts can still help identify deployables, APIs, and artifacts, but repository-owned declarations should not be the default source of truth for external fabric relations.

Rebuild From Scratch

A full rebuild should be deterministic enough to repeat and provenance-rich enough to review.

Recommended phases:

  1. Establish the netkingdom root and current king.
  2. Register known lords, fabrics, tenants, and subfabrics.
  3. Register durable discovery roots for each fabric and subfabric.
  4. Crawl deployment automation, infrastructure manifests, repo inventories, service configs, and endpoint contracts.
  5. Store raw evidence with source paths, URLs, timestamps, scanner versions, and content hashes.
  6. Normalize identities across host paths, repository URLs, image names, service names, endpoint names, and deployment names.
  7. Build candidate graph nodes and edges.
  8. Resolve or flag ownership for every node.
  9. Promote accepted candidates into a versioned fabric snapshot.
  10. Export the accepted snapshot to State Hub as a read model.

Keeping The Model Up To Date

Fabric freshness should be based on durable configuration and automation changes, with scheduled rescans as a safety net.

Rescan triggers include:

  • deployment automation changes;
  • infrastructure manifest changes;
  • State Hub attached repository inventory changes;
  • repository changes that affect deployables, APIs, images, service names, endpoint contracts, ports, or deployment configuration;
  • tenant or lord changes;
  • backup, recovery, or secret-root changes;
  • manual operator requests;
  • scheduled periodic rebuilds.

Normal source-code edits do not necessarily change the Fabric graph. Fabric should focus on changes that alter durable topology, ownership, deployment, interfaces, or cross-boundary utility.

Each update should compare new discovery output with the previous accepted snapshot and produce a delta. The delta should distinguish:

  • added, changed, and removed nodes;
  • added, changed, and removed edges;
  • changed ownership;
  • changed fabric or subfabric membership;
  • new or removed cross-boundary utility interfaces;
  • ambiguous identity merges that need review;
  • discovered nodes without resolvable ownership.

Boundary With Security Terms

Fabric should avoid using security-zone language for its core concepts.

Terms such as realm, domain, tenant realm, identity realm, and security domain are useful in systems such as Microsoft environments or Keycloak, but they carry security and identity-management semantics. Fabric may later relate to those systems as discovered evidence, but the core Fabric concept is financial and operational responsibility, not identity or access-control topology.

For now, use:

  • king, lord, and tenant for financial responsibility actors;
  • fabric and subfabric for durable responsibility boundaries;
  • view for diagnostic graph slices;
  • environment for deployment classification.

State Hub Role

State Hub coordinates work and stores a readable projection of the Fabric graph. It should not be the primary author of Fabric topology.

railiance-fabric discovers, normalizes, versions, and exports Fabric snapshots. State Hub imports those snapshots so agents and operators can ask practical questions about work, ownership, dependencies, and cross-boundary utility.

Reference in New Issue View Git Blame Copy Permalink