Skip to content

The Spine

Frank Yglesias Bertheau edited this page Jul 7, 2026 · 1 revision
<h1>ᚾ&nbsp;NornGate — The Spine</h1>

Yggdrasil is the shared control spine for all traffic. There is no side path around it — which gives one place to enforce policy, meter traffic, and capture traces, from ingress to audit.


ᛖ Overview — why a single spine

Yggdrasil is the single control path every request must traverse. Every inter-realm call rides the trunk — from a user-facing agent to a build system, including retrieval into archival storage. There is no second trunk and no path around it.

The rationale. If there is exactly one path between worlds, that path can be watched, metered, and refused. A side channel is a second tree, and the cosmology permits no second tree — this eliminates routing bypasses, simplifies the security argument, and guarantees complete observability (see Security & Fail-closed → total mediation).

The Spine gives one place to authenticate, authorize (Policy gate), meter (rate limits at Ingress), trace (every hop), audit (every decision to Urd), and route (subdomain → realm).


ᚦ The gate pipeline — full request path

Every request follows the exact same enforcement path. Each gate has a configured timeout; if any gate cannot explicitly approve, the request is denied.

Five-gate pipeline — an agent request passes G0 Ingress, G1 Policy, G2 Approval, G3 Sandbox, and G4 Commit/Arbitration to a committed side effect; any gate that cannot ALLOW denies, writing the verdict to Urd.

Two failure modes, both fail-closed. A rule denial returns the gate's semantic code (401 / 403 / 409 …); a timeout or dependency failure trips the circuit breaker and returns a 5xx / 408. Either way the request stops and the verdict is logged — there is no fallback allow and no silent bypass.

Gate Timeout On timeout HTTP
G0 Ingress 5s Circuit breaker trips 503 Service Unavailable
G1 Policy 10s Circuit breaker trips 503 Service Unavailable
G2 Approval 30s Workflow timer fires 408 Request Timeout
G3 Sandbox 60s Firecracker kills the VM 500 Internal Server Error
G4 Arbitration 10s Lock acquisition fails 409 Conflict

References. SPIFFE/SPIRE (workload identity), Istio istiod + Telemetry v2 (Mixer removed in Istio 1.5), Envoy (Wasm filters), Firecracker (microVM sandbox), Jaeger / OpenTelemetry, W3C Trace Context. Naming doctrine: Prose Edda / Poetic Edda, per Norse Cosmology & Platform Design.

ᚾ NornGate — The Spine

Yggdrasil is the shared control spine for all traffic. There is no side path around it — which gives one place to enforce policy, meter traffic, and capture traces, from ingress to audit.


ᛖ Overview — why a single spine

Yggdrasil is the single control path every request must traverse. Every inter-realm call rides the trunk — from a user-facing agent to a build system, including retrieval into archival storage. There is no second trunk and no path around it.

The rationale. If there is exactly one path between worlds, that path can be watched, metered, and refused. A side channel is a second tree, and the cosmology permits no second tree — this eliminates routing bypasses, simplifies the security argument, and guarantees complete observability (see [Security & Fail-closed](Security-and-Fail-Closed) → total mediation).

The Spine gives one place to authenticate, authorize (Policy gate), meter (rate limits at Ingress), trace (every hop), audit (every decision to [Urd](Urd-Ledger)), and route (subdomain → realm).


ᚦ The gate pipeline — full request path

Every request follows the exact same enforcement path. Each gate has a configured timeout; if any gate cannot explicitly approve, the request is denied.

Five-gate pipeline — an agent request passes G0 Ingress, G1 Policy, G2 Approval, G3 Sandbox, and G4 Commit/Arbitration to a committed side effect; any gate that cannot ALLOW denies, writing the verdict to Urd.

Two failure modes, both fail-closed. A rule denial returns the gate's semantic code (401 / 403 / 409 …); a timeout or dependency failure trips the circuit breaker and returns a 5xx / 408. Either way the request stops and the verdict is logged — there is no fallback allow and no silent bypass.

Gate Timeout On timeout HTTP
G0 Ingress 5s Circuit breaker trips 503 Service Unavailable
G1 Policy 10s Circuit breaker trips 503 Service Unavailable
G2 Approval 30s Workflow timer fires 408 Request Timeout
G3 Sandbox 60s Firecracker kills the VM 500 Internal Server Error
G4 Arbitration 10s Lock acquisition fails 409 Conflict

Rule-based denial codes (401/429 ingress, 403 policy, etc.) are in [The Five Gates](The-Five-Gates).


ᛜ Architecture — data plane and control plane

A service mesh with a clean split: the data plane carries traffic; the control plane holds configuration, identity, and policy.

Data plane

  • Proxy — Envoy (v1.28+) as a sidecar on every pod.
  • Gates — each gate is a WebAssembly filter inside Envoy, so a gate adds no network hop.
  • L7 — HTTP/1.1, HTTP/2, gRPC, WebSocket.
  • Load balancing — round-robin, least-request, and consistent-hash (for stateful services).
  • Circuit breaking — per-gate timeouts and connection limits.

Control plane — istiod (unified)

Modern Istio consolidates the old Pilot / Galley / Citadel components into a single istiod binary; its responsibilities:

  • Config / xDS (ex-Pilot) — streams routing, VirtualService, and DestinationRule config to every Envoy.
  • Validation (ex-Galley) — an admission webhook validates Istio CRDs before they are applied.
  • CA / identity (ex-Citadel) — issues SPIFFE SVIDs and manages the mTLS trust chain.
  • Telemetry — Envoy-native (Telemetry v2); Mixer has been removed and is not used.
apiVersion: networking.istio.io/v1
kind: VirtualService
metadata:
  name: midgard
  namespace: istio-system
spec:
  hosts: ["app.norngate.com", "*.app.norngate.com"]   # app.* → Midgard
  gateways: ["asgard/yggdrasil-gateway"]
  http:
    - route:
        - destination:
            host: midgard-cluster.midgard.svc.cluster.local
      timeout: 30s        # per-realm upstream route timeout — NOT a gate timeout

ᛟ Routing — subdomain-to-realm mapping

The Spine routes by subdomain = realm: app.* always reaches Midgard, jotun.* always reaches Jotunheim.

Realm Subdomain Cluster Route timeout
Asgard asgard.* asgard-cluster 5s
Vanaheim vanir.* vanaheim-cluster 10s
Alfheim alfheim.* alfheim-cluster 5s
Midgard app.* midgard-cluster 30s
Jotunheim jotun.* jotunheim-cluster 60s
Muspelheim muspel.* muspelheim-cluster 300s
Niflheim nifl.* niflheim-cluster 30s
Svartalfheim forge.* svartalfheim-cluster 300s
Hel hel.* hel-cluster 60s
Valhalla valhalla.* valhalla-cluster 30s

Route timeout ≠ gate timeout. The values above are the upstream request timeouts for each realm's backend — Muspelheim and Svartalfheim allow 300s because GPU jobs and builds are long-running. They are independent of the fixed per-gate deny ceilings above. (Ten realms: nine Eddic worlds + Valhalla, the archive.)

DNS. ExternalDNS creates records per realm automatically — provisioning a new realm creates app.workspace.norngate.com with no manual DNS. See [The Nine Worlds (Trust Zones)](The-Nine-Worlds).


ᛗ Identity — mTLS with SPIFFE

All in-mesh communication is authenticated and encrypted with mTLS and SPIFFE identities; every service can verify every other.

  • SVID formatspiffe://<trust-domain>/ns/<namespace>/sa/<service-account> Example: spiffe://norngate.com/ns/midgard/sa/midgard-agent
  • Attestation — bound to the Kubernetes service account (workload attestation).
  • Rotationworkload SVIDs are short-lived (≤24h, auto-rotated hourly) by istiod's CA; the root/intermediate CA is long-lived and rotated on a separate, much slower schedule. Short workload certs are the SPIFFE/SPIRE norm and keep a leaked cert's blast radius to hours.
# mesh-wide STRICT mTLS
apiVersion: security.istio.io/v1
kind: PeerAuthentication
metadata: { name: default, namespace: istio-system }
spec:
  mtls: { mode: STRICT }
---
# deny-by-default: ALLOW with no rules => nothing is permitted
apiVersion: security.istio.io/v1
kind: AuthorizationPolicy
metadata: { name: deny-all, namespace: istio-system }
spec: { action: ALLOW }
---
# narrow allow: only the Asgard gateway may call Midgard
apiVersion: security.istio.io/v1
kind: AuthorizationPolicy
metadata: { name: midgard-ingress, namespace: midgard }
spec:
  action: ALLOW
  rules:
    - from:
        - source:
            principals: ["norngate.com/ns/asgard/sa/gateway"]

Performance. The mTLS handshake adds ~5–10ms to initial connection setup; session resumption (TLS tickets) drops subsequent overhead to <1ms — negligible against the security benefit.


ᛉ Observability — distributed tracing

End-to-end tracing across the full path: every gate, service call, and side effect is traceable.

  • Tracer — Jaeger, OpenTelemetry-compatible.
  • Sampling — 100% for errors, 1% for successful requests (configurable).
  • Propagation — W3C Trace Context and B3 headers.
  • Tags — gate name, decision, request ID, realm, agent ID.
apiVersion: telemetry.istio.io/v1
kind: Telemetry
metadata: { name: tracing, namespace: istio-system }
spec:
  tracing:
    - providers: [{ name: jaeger }]
      randomSamplingPercentage: 1.0   # 1% of success; errors escalated at the collector

Why it matters: debugging (which gate failed and why), performance (latency bottlenecks), security (chain of custody per request), compliance (audit traceability). The trace ID is the request's identity through all five gates and into Urd.


ᛁ The main property — consistency

Every request follows the same enforcement path — regardless of source (user, agent, system), destination (any realm), action (read/write/delete/execute), or time. The same five gates, the same deterministic logic, the same ledger.

Aspect Consistency ensures
Policy No request bypasses policy; every action meets the same rules.
Audit All decisions logged to Urd; no invisible operations.
Debugging Every failure is traceable through one pipeline.
Performance Predictable latency because the path is fixed.
Security No implicit trust; every request is explicitly verified.

No exceptions. There is no bypass mode, no debug flag, and no internal shortcut that skips gates. Even health checks and internal cron jobs traverse the full pipeline. This is non-negotiable — it is the platform's foundation ([Security & Fail-closed](Security-and-Fail-Closed) → total mediation).


ᛋ Performance and SLOs

Reference numbers (internal benchmark, not SLAs — validate on your workload):

  • ~150ms — full pipeline latency at p95 (automated path)
  • <1ms — Wasm filter overhead per gate
  • ~12ms — average per-gate latency
  • ~50K — requests/second per cluster

The ~150ms p95 is the automated path; when G2 requires a human, the request enters an async pending state (up to 30s, then 408) and is excluded from the hot-path p95.

Component Latency (p95) Availability Alert
Data plane (Envoy) <5ms 99.99% >10ms for 5m
Control plane (istiod) <100ms (config push) 99.95% >1s for 5m
mTLS handshake <10ms 99.99% >50ms for 5m
Distributed tracing <5ms (export) 99.9% >20ms for 5m
Routing (VirtualService) <1ms 99.99% >5ms for 5m

Optimizations. Gates run as Wasm inside Envoy (no network hop, ~10ms saved/gate); mTLS session resumption; Envoy connection pooling; Alfheim edge caching for read-only responses (50–100ms saved).


ᚱ Next steps


Iconography

Section glyphs are Elder Futhark runes (Unicode Runic block, U+16A0–U+16FF) — semantic, not emoji. Full set on [Home](Home#iconography):

Rune Name Gloss Marks
Nauðiz need, constraint the platform mark
Ehwaz conveyance, movement between the single spine
Thurisaz thorn, gateway the gate pipeline
Ingwaz enclosure, framework architecture
Othala enclosed estate, boundary routing to realms
Mannaz the self, identity mTLS / SPIFFE identity
Algiz the sentinel, awareness observability
Isa ice, the fixed and uniform consistency
Sowilō the sun — energy, throughput performance & SLOs
Raidō the ride, the road next steps

References. [SPIFFE](https://spiffe.io/)/SPIRE (workload identity), Istio istiod + Telemetry v2 (Mixer removed in Istio 1.5), Envoy (Wasm filters), Firecracker (microVM sandbox), Jaeger / OpenTelemetry, [W3C Trace Context](https://www.w3.org/TR/trace-context/). Naming doctrine: Prose Edda / Poetic Edda, per [Norse Cosmology & Platform Design](Norse-Cosmology-and-Platform-Design).

Clone this wiki locally