The study presents an analysis of the scientific and theoretical problems of information security in Hyper-Converged Infrastructure (HCI), which arise due to the deep integration of resources and the erosion of the traditional perimeter. An option for building an HCI is considered, which allows to increase the isolation level of workloads, in which containers are run inside virtual machines acting as hosts for container orchestration. The study of existing problems revealed a qualitatively new level of complexity: verification of isolation guarantees and ensuring the safe division of resources between independent consumers (tenants), formalization of trust boundaries of heterogeneous HCI, analysis of several levels of abstraction simultaneously. The theoretical analysis of the problems identified the need to build a cluster architecture as a complex object of protection, taking into account the structural and functional characteristics of HCI and Kubernetes orchestrator modules. The architecture of a heterogeneous hyperconverged infrastructure has been developed. Taking into account the requirements of regulators, the developed generalized HCI threat model is presented, which in each specific case can be detailed taking into account the technologies of hypervisor and container virtualization used.