Building Infrastructure from First Principles

Origin

Why Basalt Exists

Enterprise HCI has been shaped by platforms that predate today's hardware density, security expectations, and automation workflows. Operators inherited per-socket procurement, feature gates, upgrade choreography, and control planes where every capability becomes another service to deploy, monitor, and debug.

The founding thesis behind Basalt is that infrastructure can be rebuilt around a smaller set of primitives: Rust binaries, a single source of truth in Postgres, host agents that reconcile desired manifests, and APIs that expose the reasons behind placement and capability decisions. The technical bet is not a thinner wrapper around an aging stack; it is a from-scratch control plane built to make the cluster understandable again.

Architecture

Three Components, One Database

“Three components, not thirty” means the operational surface is intentionally constrained. The gateway serves the API and UI, the per-host agent reconciles local work against desired state, and the image-service handles blob storage for images and release artifacts. Operators can reason about the control plane because there are only a few moving parts with clear responsibilities.

• Gateway: API, UI, authentication, audit trails, RBAC decisions, and cluster-level intent.
• Agent: host-local reconciliation for workloads, storage, networking, and manifest application.
• Image-service: content-addressed image and artifact handling without a separate service mesh.

Basalt uses one Postgres database as the authoritative record instead of spreading state across distributed consensus systems, sidecar stores, and service-specific databases. That choice keeps failure modes legible: desired state is written once, agents converge toward it, and operators can inspect the same records the system uses to act.

Systems foundation

Built in Rust

Basalt is written in Rust because infrastructure software sits on fault lines where memory safety, concurrency, and predictable resource usage matter. Rust provides memory safety without a garbage collector, zero-cost abstractions for systems code, and a strong type system for representing cluster state and transitions.

The gateway uses async I/O patterns built on Tokio and Axum, and the platform compiles into deployable binaries instead of a web of language runtimes. Cryptography is built on aws-lc-rs for FIPS 140-3 alignment, making the security posture part of the foundation rather than an integration bolted on after the control plane is designed.

Trust boundary

Row-Level Security for Multi-Tenancy

Basalt treats tenant isolation as a database invariant, not just an application convention. Postgres row-level security policies enforce which customer, account, cluster, product, license, ticket, or audit record a caller can access before application code can accidentally return the wrong row.

The authorization model includes roughly two hundred RBAC permissions across customer and staff workflows. Application-layer checks still matter, but RLS means a missing filter in a handler is not the only thing standing between tenants. For infrastructure that manages entitlements, API keys, support history, registry access, and operational audit trails, that defense-in-depth is a product requirement.

Operational intelligence

Intelligence-Native Design

Basalt is designed so infrastructure state can be queried, explained, and acted on by both operators and AI systems. The built-in MCP server exposes operational tools through a structured interface, while capability reasoning such as pool_capabilities explains which storage pools can support specific workload and snapshot behaviors.

Manifest-driven reconciliation is the other half of that thesis. Imperative orchestration asks operators to reconstruct what happened from a sequence of commands. Basalt records desired state, projects it into host-local work, and reports structured reasons when reconciliation cannot proceed. That gives future AI agents the same grounded model that humans use: intent, current state, constraints, and the reason a decision was made.

Commercial model

Capacity Licensing

Basalt's commercial model follows the resource operators actually plan around: cluster capacity. Customers do not need to translate infrastructure value into per-socket math or buy separate feature editions to unlock the capabilities that make the platform useful.

Capacity-based licensing aligns product and engineering decisions. The same platform includes the control plane, storage orchestration, networking, registry integration, RBAC, audit, MCP tools, and support workflows; the license measures the footprint rather than fragmenting the product behind gates.