Secrets and Volumes

Kindling ships both secret management and a current-generation persistent volume path, but they have different maturity and constraints.

Secrets

Project and service secrets are managed through the dashboard and API. Important properties:

secret values are write-only in the product surface
values are encrypted at rest before deploy-time injection
service-level configuration can override shared defaults where the product model allows it

Volumes

Persistent volumes are currently more constrained than stateless workloads. Current volume model:

Cloud Hypervisor only
one volume per project
single writer
not for preview deployments
cold backup, restore, move, and repair flows exist
scheduled backups are still future work

Design Advice

For early usage:

treat persistent state as an explicit opt-in
keep replica count and writer expectations aligned with current limitations
prefer stateless services unless your workload clearly needs attached storage

Production SetupThe main production shape for a public Kindling deployment.

⌘I

Secrets and Volumes
Secrets
Volumes
Design Advice