Instance Isolation
How each user gets complete isolation with a dedicated EC2 instance.
Every SkyKoi user gets their own dedicated EC2 instance. This provides the strongest possible isolation β separate process, filesystem, network, and IAM scope.
Isolation Model
text
User A User B User C
β β β
βΌ βΌ βΌ
ββββββββββββ ββββββββββββ ββββββββββββ
β EC2 #1 β β EC2 #2 β β EC2 #3 β
β t3.small β β t3.small β β t3.small β
β β β β β β
β Gateway β β Gateway β β Gateway β
β Agent β β Agent β β Agent β
β Workspaceβ β Workspaceβ β Workspaceβ
β Sessions β β Sessions β β Sessions β
ββββββββββββ ββββββββββββ ββββββββββββ
β β β
ββββββββββ No cross-talk between instances ββββββWhat's Isolated
- β’Process isolation β Each user's Koi Gateway runs as its own systemd service on a separate EC2 instance
- β’Filesystem isolation β Own workspace (
/home/ubuntu/koi/), sessions, config, and all files - β’Network isolation β Separate EC2 instance with its own security group and IP address
- β’IAM isolation β Instance profile
skykoi-tenant-agent-profilescopes AWS access (Bedrock, etc.) - β’Memory isolation β Separate RAM and CPU β no shared resources between users
- β’Auth isolation β Each Gateway has its own unique auth token
Security Group
Each EC2 instance uses a security group with the following ports open:
- β’Port 22 β SSH (for maintenance)
- β’Port 80 β HTTP (redirect to HTTPS)
- β’Port 443 β HTTPS/WSS (nginx with self-signed TLS β Gateway)
- β’Port 8080 β Reserved
- β’Port 18789 β Gateway WebSocket API (localhost only, proxied via nginx)
π‘Dedicated EC2 instances provide stronger isolation than container-based multi-tenant architectures. Each user's data, processes, and network traffic are completely separate.