Voidburn
Menu
HomeOperations LedgerInstallationCheckpointingPricingContactLog in

VOIDBURN // E2E PROOF

Karpenter Mode: breach → checkpoint → snapshot → terminate → resume

A real end-to-end run on AWS EKS + Karpenter demonstrating proof-gated enforcement and manual resume semantics.

View live operations ledger

Run metadata

Date (UTC)2026-02-18
EKS clustervb-karpenter-e2e-20260218024107
Regionus-east-1
TargetKarpenter NodePool vb-target
Release manifesthttps://voidburn.com/releases/v1.2.10/RELEASE_MANIFEST.json

What this proves

  • Budget breach triggers a strict checkpoint window and requires a valid receipt before termination.
  • Snapshot evidence is captured and verified before termination events are recorded.
  • Karpenter capacity is frozen by patching the target NodePool (taint-based no-schedule).
  • Manual resume restores capacity: NodePool unfreezes, nodes reprovision, workload runs.

Enforcement timeline (UTC)

UTC timestamp               status               instance         snapshot
2026-02-18 08:27:12.784081  checkpoint_confirmed  i-0693...46be    -
2026-02-18 08:31:54.670678  terminated            i-0693...46be    snap-055...2c03
2026-02-18 08:31:55.149664  checkpoint_confirmed  i-05a8...68f9    -
2026-02-18 08:37:52.422807  terminated            i-05a8...68f9    snap-075...18d6

Instance and snapshot IDs are masked. Full details are available to customers via the enterprise evidence bundle.

Sentinel log excerpt

2026/02/18 08:27:12 budget exceeded & enforcement enabled. engaging deep freeze on ip-192-168-14-54.ec2.internal (i-0693397fffe1346be)
EXECUTING DEEP FREEZE: i-0693397fffe1346be
Verifying integrity of snapshot snap-055d701e945aa2c03...
Target neutralized: i-0693397fffe1346be

2026/02/18 08:31:54 budget exceeded & enforcement enabled. engaging deep freeze on ip-192-168-4-154.ec2.internal (i-05a8a6918408268f9)
EXECUTING DEEP FREEZE: i-05a8a6918408268f9
Verifying integrity of snapshot snap-075a92d33589b18d6...

Karpenter freeze applied

During enforcement, Voidburn freezes the governed Karpenter NodePool by writing a deterministic marker and applying a NoSchedule taint.

apiVersion: karpenter.sh/v1
kind: NodePool
metadata:
  name: vb-target
  annotations:
    voidburn.com/karpenter-frozen: "true"
    voidburn.com/karpenter-frozen-ts: "2026-02-18T08:27:13Z"
spec:
  template:
    spec:
      taints:
      - effect: NoSchedule
        key: voidburn.com/frozen
        value: "true"
# Workload was forced Pending while frozen (no eligible target capacity)
$ kubectl -n vb-workloads get pods -o wide
NAME                                   READY   STATUS    NODE
voidburn-checkpoint-...                1/1     Running   ip-... (protected)
voidburn-workload-...                  0/1     Pending   <none>

Manual resume restored capacity

On manual resume with a healthy budget, Voidburn unfreezes the NodePool and Karpenter provisions new nodes.

apiVersion: karpenter.sh/v1
kind: NodePool
metadata:
  name: vb-target
spec:
  template:
    spec:
      taints: []
# After manual resume + healthy budget, Karpenter provisions nodes and workload runs again
$ kubectl -n vb-workloads get pods -o wide
NAME                                   READY   STATUS   NODE
voidburn-checkpoint-...                1/1     Running  ip-... (protected)
voidburn-workload-...                  1/1     Running  ip-... (target)

AWS snapshot evidence

AWS snapshot evidence (DescribeSnapshots)
Description                         SnapshotId             StartTime                       State      VolumeId
voidburn.com Deep Freeze: voidburn  snap-055d701e945aa2c03  2026-02-18T08:27:14Z            completed  vol-0cf5...624e6
voidburn.com Deep Freeze: voidburn  snap-075a92d33589b18d6  2026-02-18T08:31:56Z            completed  vol-0001...71f3a