kisenon

Projects

The unit of tenant isolation in Kisenon — naming, lifecycle, and cascade semantics.

A project is the top-level container in Kisenon. Every branch, endpoint, role, and database lives under exactly one project.

What a project owns

  • A main branch, auto-created at project creation time.
  • A logical pageserver tenant — copy-on-write storage scoped to this project. No other project can read its pages.
  • The Postgres major version pinned at creation.
  • A region. Today every project lives in the single home-cluster region (US, bare metal); multi-region is roadmap.

Tenant isolation

Each project maps to a distinct pageserver tenant_id. Storage, WAL, and caches are partitioned by tenant; there is no shared write path between projects. Endpoints from different projects cannot reach each other's storage even if their compute pods are scheduled on the same node — the per-tenant network policy and the pageserver authentication token gate every page request.

This is the boundary you can rely on for compliance and noisy-neighbour isolation. Branch boundaries within a project are softer: branches share storage and inherit the parent's pages until they diverge.

Naming

Project names are user-visible labels. They:

  • Must be 1–63 characters.
  • Match ^[a-zA-Z][a-zA-Z0-9_-]*$. Letters, digits, _, -; must start with a letter.
  • Are not required to be globally unique; unique-per-tenant is enough.

The internal project id (prj_<24 hex>) is what every other resource references. The label is for humans.

Postgres version

You pick the major version at creation time. The default is 17. Once set, it cannot be changed in place — major-version upgrade is an out-of-band migration that we will document when it lands. For alpha, treat the version as immutable.

Create

From the web console, click New project, enter a name, pick the Postgres major version, click Create. From the CLI:

keon projects create --name my-app --pg-version 17

The control plane provisions the pageserver tenant, creates the main branch, and returns the project id. End-to-end this typically takes under two seconds.

Delete

Deleting a project cascades through every resource it owns:

  1. All endpoints on every branch are stopped and removed.
  2. All branches are torn down.
  3. The pageserver tenant is unloaded and its data is queued for asynchronous compaction and eventual removal from object storage.

The cascade is irreversible. There is no undelete, and the storage artefacts are not recoverable from the console after the cascade starts. Take a logical dump (pg_dump) before deleting if the data matters.

keon projects delete <project-id>

The CLI prompts for confirmation; pass --yes to skip when scripting.

CLI

Drop-in neonctl-shape client for the Kisenon platform.

Branches

Copy-on-write Postgres branches in Kisenon — fork-at-LSN, lifecycle, and cascade.

On this page

What a project ownsTenant isolationNamingPostgres versionCreateDeleteRelated