Introducing Prospectr: The Part of Pioneer That Knows What Goes in the Box.
Deploying Kubernetes into a disconnected environment starts with a deceptively simple question. What, exactly, do we need to bring?
The answer is a compatibility problem wearing a logistics costume. A working cluster is a precise intersection of versions: this Kubernetes distribution needs these container images, which assume this container runtime, which requires these OS packages, which only exist for this kernel, on this operating system release. Get one edge of that graph wrong and the deployment fails on the far side of an air gap, where there is no pulling down the missing piece.
For years, the industry answer to this problem was a person. A senior engineer who kept the compatibility matrix in their head, maintained a JSON file of artifact versions, and ran a pile of bash scripts to collect everything into a tarball. It worked, in the sense that it usually worked. It also meant the program’s ability to deploy its own platform depended on institutional memory, and institutional memory walks out the door with the engineer who wrote the bash.
Prospectr is the replacement for that person’s spreadsheet, that JSON file, and that bash.
What Prospectr is
Prospectr is an integrated component of Pioneer, AlphaBravo’s Kubernetes lifecycle platform. It is not a separate product and not a separate purchase. It is the part of Pioneer that answers the “what goes in the box” question automatically, and proves the answer.
It takes two inputs, and they are the two things a program office actually cares about: the target Kubernetes version and the target operating system version. From those, Prospectr resolves the full compatibility graph, fetches every required artifact, and produces a signed bill of materials. Container images for the chosen Kubernetes distribution. OS packages for the host. Pioneer’s own platform components. The supporting infrastructure a working cluster requires. Every artifact, every version, every checksum, in one signed document.
That BOM is the single source of truth for what goes into the deployment bundle. Pioneer consumes it and produces the bundle itself: one tarball containing everything needed to bring a cluster up in a disconnected environment, with the signed BOM riding along inside it for audit. Nothing is assembled outside of Pioneer. There is no side CI pipeline gluing artifacts together with scripts. The bundle is a product of Pioneer, produced by Pioneer, verified by Pioneer.
Why determinism is the actual feature
Prospectr is much faster than the manual process it replaces. That is not why it matters.
It matters because it is deterministic. The same inputs always produce the same BOM. Run Prospectr in April against Kubernetes version X and OS version Y, run it again in October against the same selections, and the outputs are identical and provably so. The BOM is signed, so identical does not mean “looks the same.” It means cryptographically the same.
Think about what that property is worth in an accredited environment. A compliance assessor does not have to trust a narrative about how the bundle was assembled. They can evaluate a signed artifact that fully describes it. An authorizing official is not endorsing a process description. They are endorsing a document that maps one-to-one to what is actually deployed. When the continuous monitoring cycle comes around, the question “what is running at that site” has an answer with a signature on it.
Determinism also changes the multi-site math. Ten disconnected sites deployed from the same BOM are provably running the same platform. When a patch cycle produces a new BOM, the delta between old and new is explicit and reviewable. Configuration drift between sites stops being a standing investigation and becomes a comparison of two signed documents.
What it looks like in practice
The workflow is short enough to describe completely.
On the connected side, an operator gives Prospectr the target Kubernetes version and OS version. Prospectr resolves the graph, fetches the artifacts, and emits the signed BOM. Pioneer builds the bundle from the BOM.
The bundle crosses the air gap on approved media.
On the disconnected side, the operator runs a single Pioneer binary and points it at the bundle. Pioneer extracts the artifacts, stands up its own embedded registry, bootstraps the Kubernetes control plane, and brings the cluster to its declared state. No internet connection assumed at any step. No registry to hand-build. No image loading scripts. One binary, one bundle, one cluster.
The engineer who used to own the compatibility matrix is still valuable. They are just doing engineering now instead of librarianship.
Where Prospectr fits in the bigger picture
We recently published a four-part series on the full stack: containers, operationalizing hardened containers, securing Kubernetes, and automating infrastructure deployment. Prospectr is the answer to a question that series kept circling. Automation is only as trustworthy as its inputs, and in disconnected environments, the inputs are everything. Prospectr is how Pioneer knows, and can prove, that the platform it deploys is exactly the platform that was defined, down to the last package.
Programs do not fail at the air gap because their engineers are not smart enough. They fail because the artifact problem was solved with memory and bash. Prospectr solves it with a signed document and a deterministic build, inside the platform that consumes it.
That is the whole pitch. The box packs itself, and it can prove what’s inside.
Prospectr is an integrated component of Pioneer, AlphaBravo’s disconnected-first Kubernetes lifecycle platform for DoD and federal environments.