# Hachyderm Global Topology ## Overview We turn the new ICE datacenter into our primary home running on NixOS, and we replica the entire service over to Nova's rack for redundancy as needed. ### Types of Infrastructure - Tank (Large storage, very available, well connected primary) - PoP (Geographically located, cheap, cache node, IPv6) - Compute (Lots of cores, cheap) ---  ### ICE (Iceland) We move our "primary" headquarters to [1984 Hosting](https://1984.hosting) in Iceland. All new infrastructure comes online running NixOS and our soon-to-be-built provisioning stack. We only allow TCP 22 to ICE. Hachyderm owns the disks in Iceland, and we can retreive at any time. ### HQ (Seattle) We turn Nova's rack into a failover read-replica on a smaller scale than our infrastructure in Iceland. We re-provision our NixOS nodes in the rack with our soon-to-be-built provisioning stack. We only allow TCP 22 to HQ. Hachyderm owns the disks in Seattle, and we can retrieve them at any time. ### Edge PoP (Point of Presence) We should "get good" at setting up a lot of these around the world with IPv4 and IPv6 connectivity. We can experiment with GeoDNS and LoadBalancer technologies to get the reselliency "right". These are where we can ward-off a lot of our DDoS attacks and we can encourage trusted community members to spin up their own copies of Hachyderm as needed. - Iceland (DDoS up 2tb) - Seattle - Frankfurt - Newark The "edge" or "PoP" instances should be as isolated as possible from HQ and ICE and should only have access at a very very as-needed basis. We should feel confident that we can destroy one of these devices at any time.