There have been a couple instances in the past that I have been tasked with building an architecture where, we deploy one VM/container per user. This has been for reasons like: needing each user to run a private instance for remote virtual desktop applications.
Another reason has been for data isolation, where each customer would have their own APP/DB servers, rather than a central server. Is this even feasible, is the trade-off worth the extra workload? Do any enterprises compliances have any specifications for data isolation of this kind?
We have used pomerium as ingress and VM Orchestration using Terraform or Docker/K8s API for containerized workloads, and routing using users based on the requested domain/path after auth.
I couldn’t find any existing solutions for this and was thinking of open-sourcing what we have and working on this further. Has anyone else been in a scenario where they were forced to deploy a container/VM per user?
Would appreciate some thoughts.