Armored Carrier — Zero Trust AI Pipeline¶
A sealed, AMTD-protected microservices mesh for AI agents. Pre-configured with a bounded ReAct orchestration loop, parallel LLM/tool execution legs, and NLP aggregation to structurally defeat prompt injection.
Tags: Armored Tunnel | Single Cluster | HTTP + WebSocket | 6 Pods
Overview¶
The Armored Carrier AI Pipeline is a six-pod network built for AI agent workloads where security and isolation are non-negotiable. The ai-orchestrator implements a bounded ReAct loop (MCP-style dispatch) that fans out to parallel llm-gateway and tool-executor pods, then aggregates results through an nlp-processor before the final ai-results-sink.
Armored Tunnel mode (xtra4) provides per-session key rotation. The mixed HTTP + WebSocket protocol supports both synchronous API calls and streaming responses within the same network.
flowchart TD
A["AI Gateway / Initiator\n(http-gateway)"]
B["AI Orchestrator\n(ai-orchestrator)"]
C["LLM Gateway\n(llm-gateway)"]
D["Tool Executor\n(tool-executor)"]
E["NLP Processor\n(nlp-processor)"]
F["AI Results Sink\n(http-sink)"]
A -->|"WoSP xtra4"| B
B -->|"WoSP xtra4"| C
B -->|"WoSP xtra4"| D
C -->|"WoSP xtra4"| E
D -->|"WoSP xtra4"| E
E -->|"WoSP xtra4"| FUse Cases¶
- AI agent networks requiring Zero Trust isolation between components
- Multi-model inference pipelines (parallel LLM calls with tool use)
- ReAct-loop orchestration with structural prompt injection prevention
- Secure agentic AI systems where agents act on behalf of humans and must be authorized at every step
Prompt injection prevention
WoSP networking prevents prompt injection by enforcing Zero Trust identity verification on every agent-to-agent message. No agent can reach another without being authorized by the blueprint design. Malicious payloads cannot traverse the network without a valid WoSP workload identity — which is ephemeral and unguessable.
Bundle Contents¶
armored-carrier-ai/
├── ai-gateway/ ← http-gateway (boundary)
├── ai-orchestrator/ ← ai-orchestrator (Distributor/Router variant)
├── llm-gateway/ ← llm-gateway (Relay/Processor variant)
├── tool-executor/ ← tool-executor (Relay/Processor variant)
├── nlp-processor/ ← nlp-processor (Aggregator variant)
├── ai-results-sink/ ← http-sink (boundary)
├── deploy.sh
├── teardown.sh
├── pinhole-setup.sh
├── blueprint.yaml
├── README.md
└── EULA.md
Deploy¶
Prerequisites: Docker Desktop, k3d >= 5.0, kubectl, valid Hopr license
The most common customization for this blueprint is replacing the LLM and tool stubs:
llm-gateway/app/app.py— replace the LLM stub with your provider SDK (OpenAI, Anthropic, AWS Bedrock, etc.)tool-executor/app/app.py— replace the tool stub with your MCP tool integrations
Verify¶
Expected output:
Confirm results at the sink:
kubectl port-forward -n armored-carrier-ai-sink-ns deployment/ai-results-sink 8000:8000
curl http://localhost:8000/output
Expected: {"count": 5, "results": [...]}.
Customize¶
Section 1 customization for the key AI pods:
on_trigger(payload, headers)— inai-gateway/app/app.py: accept and validate AI task requestson_receive_fan_out(payload)— inai-orchestrator/app/app.py: orchestration logic for the ReAct loopon_receive_relay(payload)— inllm-gateway/app/app.py: replace stub with your LLM provider SDKon_receive_relay(payload)— intool-executor/app/app.py: replace stub with your MCP tool integrationson_aggregate(partials)— innlp-processor/app/app.py: merge and process LLM + tool outputson_receive_terminator(payload)— inai-results-sink/app/app.py: deliver final AI response
Pricing¶
6 WoSP units (1 per pod). See Commercial Licensing.