devopsellence

Solo mode: deploy with nothing but SSH

No control plane, no registry, no cloud services. Solo mode deploys your app to any server over SSH using docker save/load and a file-based desired state. Same zero-downtime rollouts, same reconciliation loop.

April 8, 2026 9 min read

Architecture

How the system is designed and why

Standalone mode: from GCP-only to run-anywhere 10 min read devopsellence vs. Kubernetes: a structural comparison 10 min read Why we built VM-native deployment tooling on GCP primitives GCP Primitives 5 min read One app per server: the power of a deliberate constraint Engineering Decisions 7 min read Why Docker and not Kubernetes Engineering Decisions 8 min read What's next: standalone mode and multi-provider support GCP Primitives 4 min read

Deploy pipeline

From git push to running containers

Pull, don't push: why agents fetch state instead of receiving commands Engineering Decisions 7 min read The 2-second reconciliation loop Engineering Decisions 7 min read Zero-downtime deploys without a central load balancer Engineering Decisions 8 min read Tamper-proof deploy delivery with GCS, Cloud KMS, and Artifact Registry GCP Primitives 8 min read

Security

Secrets, identity, and TLS

Secrets that never touch the database GCP Primitives 6 min read Zero-credential nodes with Workload Identity Federation GCP Primitives 7 min read TLS private keys that never leave your servers GCP Primitives 5 min read

Operations

Resilience, scheduling, and day-2 concerns

What breaks and what doesn't GCP Primitives 5 min read Label-based scheduling and the warm pool model Engineering Decisions 7 min read

Read end to end

These articles also form two multi-part series, designed to be read in order.

Building VM-native deployment tooling on GCP primitives 7 parts

Engineering decisions behind devopsellence 6 parts