Skip to main content

Concepts

Because StateMesh shares a lot with Kubernetes, running customer workloads borrows some of the concepts from it, but there are some notable differences. Read below to understand how deployments work and how to create and manage them.

StateMesh is a platform for managing containerized workloads and services. Like Kubernetes, it's natively a container platform with many enhancements to support edge deployments, permissionless access, confidential computing and more.

Containers are a good way to bundle and run your applications. In a production environment, you need to manage the containers that run the applications and ensure that there is no downtime. For example, if a container goes down, another container needs to start. Wouldn't it be easier if this behavior was handled by a system?

That's where StateMesh comes in play. It provides you with a framework to run distributed systems resiliently. It takes care of scaling and failover for your application, provides deployment patterns, and more.

StateMesh and its Kubernetes core provides you with:

  • Service discovery and load balancing: StateMesh can expose a container using a public DNS name. If traffic to a container is high, StateMesh is able to load balance and distribute the network traffic so that the deployment is stable.
  • Storage orchestration: it allows you to automatically mount storage volumes sourced directly from StateMesh or from the network.
  • Self-healing: StateMesh restarts containers that fail, replaces containers, kills containers that don't respond to your user-defined health check, and doesn't advertise them to clients until they are ready to serve.
  • Secret and configuration management: StateMesh lets you store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys. You can deploy and update secrets and application configuration without rebuilding your container images, and without exposing secrets to the outside world.
  • Horizontal scaling: Scale your application up and down or automatically based on CPU usage.

What StateMesh is not

StateMesh is more than a traditional IaaS (Infrastructure as a Service) system. It operates both at the container and hardware levels, providing some generally applicable features common to IaaS offerings, such as deployment, scaling, load balancing, storage and virtual machines, but it also provides higher-level features that allow you to define your own application environment quickly and easily.

Having an interplay of hardware and software, StateMesh is able to offer dozens of value-added services that are not typically found in traditional IaaS systems, but more commonly found in PaaS systems like AWS/GCP/Azure etc.. These services are designed to help you build and manage complex applications that are composed of many microservices.

StateMesh:

  • Does not limit the types of applications supported. StateMesh aims to support an extremely diverse variety of workloads, including stateless, stateful, and data-processing workloads. If an application can run in a container, it should run great on StateMesh.
  • Does not deploy source code and does not build your application. Continuous Integration, Delivery, and Deployment (CI/CD) workflows are determined by organization cultures and preferences as well as technical requirements.
  • Offers logging, monitoring, and alerting solutions and provides mechanisms to export metrics.
  • Does not provide nor adopt any comprehensive machine configuration, maintenance, management, or self-healing systems.

Nodes

Nodes are the compute resources that run your workloads. Nodes can be classified into different classes based on the resources they can provide to the network: CPU, GPU, and storage. Nodes are run by node operators in a permissionless manner. Anyone can be a node operator, there are no practical limitations to join the network, only a minimum hardware requirement.

This makes StateMesh unique in the cloud computing space, as it is the first decentralized cloud infrastructure that replaces traditional data centers with a global network of crowd-sourced node operators, maintaining functionality, security, and resilience similar to AWS/GCP/Azure.

Containers and Virtual Machines

StateMesh can run containers on virtual machines. A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another. A virtual machine (VM) is a software computer that, like a physical computer, runs an operating system and applications. The virtual machine is comprised of a set of specification and configuration files and is backed by the physical resources of a host.

Containers are more lightweight than VMs and are designed to be portable. Containers are run by a container runtime, which is responsible for running the container and managing things like networking and storage.

Containers and VMs work well together. They share the same network and storage and ingress infrastructure. This means that an application running on StateMesh can be an interplay of containers and VMs.

Applications

Applications in StateMesh work like a combination of Deployment, Service and Ingress in Kubernetes. An application is a collection of containers that work together. Applications are the highest-level concept in StateMesh, and they are the unit of deployment.

Read the Introduction to Applications to understand how applications work in StateMesh.

Virtual Machines

Virtual Machines allows you to run and manage virtual machine workloads alongside container workloads. Virtual Machines run on only on the following node types: *Bare-metal nodes, and Datacenter nodes.

info

This feature is in Early Access Preview.

Blockchain

StateMesh uses a blockchain to store the state of the network. The blockchain is a decentralized, distributed ledger that records the origin of every transaction. The blockchain is used to store the state of the network and its nodes.

Nodes record their presence using Verifiable Delay Functions (VDFs). Basically nodes mine a proof every N number of seconds and submit it to the blockchain. Blockchain validators verify the proof and update the state of the network. Proof submitted by nodes are chained together, to create a consistent timeline of each node, which is the actual Time Tower.

Time Towers are used to determine the set of nodes that will be running customer workloads in the next epoch. Some nodes will be jailed, some will be promoted, and some will be demoted.

Because they don't involve any financial commitments (other than the cost of the node itself), Time Towers facilitate the bootstrapping of nodes without reliance on traditional mechanisms such as token sales, node sales or airdrops, while simultaneously mitigating vulnerability to attacks.

More information on how this works is detailed in the Time Towers section.

The blockchain is also the centerpiece for handling automated payments. Every user has a platform-managed wallet from where funds are transferred hourly to node operators based on the resources customers consume.

Platform Wallet

Any user that has a StateMesh account will have an associated wallet in the platform. The wallet is managed by the platform and private keys are split into pieces stored securely in a distributed MPC network that runs on StateMesh. Transaction signing is also distributed, meaning that a minimum number of nodes must sign a transaction. Even if a single node or a database is compromised, no funds can be stolen.