Multitenancy is a key property of most cloud computing service models, which makes isolation a critical component of most cloud computing security models.
Aptible Deploy customers often need to explain to their own customers what kinds of isolation they provide, and what kinds of isolation are possible on the Aptible Deploy platform.
The Reference Architecture Diagram helps illustrate some of the following concepts.
All Aptible Deploy resources are deployed using Amazon Web Services. AWS operates and secures the physical data centers that produce the underlying compute, storage, and networking functionality needed to run your Apps and Databases.
An Aptible Deploy each Stack is an AWS Virtual Private Cloud provisioned with EC2, ELB, and EBS assets and Aptible Deploy platform software.
When you provision a Dedicated Stack on Aptible Deploy, you receive your own VPC, meaning you receive your own private and public subnets, isolated from other Aptible Deploy customers..
Each host is deployed in a single VPC. On a Dedicated Stack, this means you are the only Aptible Deploy customer using those EC2 virtual servers. The AWS hypervisor enforces isolation between EC2 hosts running on the same underlying hardware.
Within a Stack, the EC2 hosts are organized into Aptible Deploy services layers. Each EC2 instance belongs to only one layer, isolating against failures in other layers:
Because Aptible Deploy may occasionally need to rotate or deprovision hosts in your Stack to avoid disruptions in service, we do not expose the ability for you to select which specific hosts in your Stack will perform a given workload.
Aptible Deploy Environments are used for access control.
Each environment runs on a specific Stack. Each Stack can support multiple Environments. Note that when you use Environments to separate Apps or Databases, those resources will share networks and underlying hosts if they are on the same Stack.
Aptible Deploy uses Docker to build and run your App and Database Containers.
Each container is a lightweight virtual machine that isolates Linux processes running on the same underlying host. Containers are generally isolated from each other, but are the weakest level of isolation.