herocode/horus
14
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
horus/docs/supervisor/supervisor.md
Timur Gordon c9c84676b3 revert: rename back to docs directory
2025-11-14 11:10:32 +01:00

2.3 KiB
Raw Permalink Blame History

Supervisor Overview

The Supervisor is the job dispatcher layer in Horus. It receives jobs, verifies signatures, and routes them to appropriate runners.

Architecture

Client → Supervisor → Redis Queue → Runner

Responsibilities

1. Job Admission

  • Receive jobs via OpenRPC interface
  • Validate job structure and required fields
  • Verify cryptographic signatures

2. Authentication & Authorization

  • Verify job signatures using public keys
  • Ensure jobs are from authorized sources
  • Reject unsigned or invalid jobs

3. Job Routing

  • Route jobs to appropriate runner queues
  • Maintain runner registry
  • Load balance across available runners

4. Job Management

  • Track job status and lifecycle
  • Provide job query and listing APIs
  • Store job results and logs

5. Runner Management

  • Register and track available runners
  • Monitor runner health and availability
  • Handle runner disconnections

OpenRPC Interface

The Supervisor exposes an OpenRPC API for job management:

Job Operations

  • create_job: Submit a new job
  • get_job: Retrieve job details
  • list_jobs: List all jobs
  • delete_job: Remove a job
  • get_job_logs: Retrieve job execution logs

Runner Operations

  • register_runner: Register a new runner
  • list_runners: List available runners
  • get_runner_status: Check runner health

Job Lifecycle

  1. Submission: Client submits job via OpenRPC
  2. Validation: Supervisor validates structure and signature
  3. Queueing: Job pushed to runner's Redis queue
  4. Execution: Runner processes job
  5. Completion: Result stored in Redis
  6. Retrieval: Client retrieves result via OpenRPC

Transport Options

The Supervisor supports multiple transport layers:

  • HTTP: Standard HTTP/HTTPS transport
  • Mycelium: Peer-to-peer encrypted transport

Configuration

# Start supervisor
supervisor --port 8080 --redis-url redis://localhost:6379

# With Mycelium
supervisor --port 8080 --mycelium --redis-url redis://localhost:6379

Security

  • All jobs must be cryptographically signed
  • Signatures verified before job admission
  • Public key infrastructure for identity
  • Optional TLS for HTTP transport
  • End-to-end encryption via Mycelium

→ Authentication Documentation