Skip to content
/ control Public

InferaDB control plane — multi-tenant administration with WebAuthn

inferadb.com

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

inferadb/control

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

241 Commits
.config
.config
 
 
.github
.github
 
 
.serena
.serena
 
 
crates
crates
 
 
docker/ledger-integration-tests
docker/ledger-integration-tests
 
 
docs
docs
 
 
helm
helm
 
 
k8s
k8s
 
 
loadtests
loadtests
 
 
proto @ bd081e2
proto @ bd081e2
 
 
scripts
scripts
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
.mise.toml
.mise.toml
 
 
.rustfmt.toml
.rustfmt.toml
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
Cargo.toml
Cargo.toml
 
 
Dockerfile
Dockerfile
 
 
Dockerfile.integration
Dockerfile.integration
 
 
LICENSE-APACHE
LICENSE-APACHE
 
 
LICENSE-MIT
LICENSE-MIT
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
codecov.yml
codecov.yml
 
 
config.integration.yaml
config.integration.yaml
 
 
config.production.yaml
config.production.yaml
 
 
config.yaml
config.yaml
 
 
docker-compose.yml
docker-compose.yml
 
 
justfile
justfile
 
 
openapi.yaml
openapi.yaml
 
 
prometheus.yml
prometheus.yml
 
 
rust-toolchain.toml
rust-toolchain.toml
 
 

Repository files navigation

InferaDB Logo

InferaDB Control Plane

Discord License

Multi-tenant administration APIs with Kubernetes-native deployment and WebAuthn authentication

Important

Under active development. Not production-ready.

Quick Start

git clone https://github.com/inferadb/control && cd control
docker-compose up -d
export INFERADB_CTRL__AUTH__KEY_ENCRYPTION_SECRET=$(openssl rand -base64 32)
mise trust && mise install
cargo run --bin inferadb-control
Endpoint URL
REST API http://localhost:9090
gRPC API http://localhost:9091
Health http://localhost:9090/healthz
Metrics http://localhost:9090/metrics

Features

Feature Description
Authentication Password, passkey, OAuth, email verification
Multi-Tenancy Organization-based isolation with RBAC
Vault Management Policy containers with access grants
Client Auth Ed25519 certificates, JWT assertions
Token Issuance Vault-scoped JWTs for Engine API

Architecture

graph TD
    Bin[inferadb-control] --> API[inferadb-control-api]
    Bin --> Config[inferadb-control-config]
    API --> Core[inferadb-control-core]
    Core --> Config
    Core --> Storage[inferadb-control-storage]
    Storage --> SharedStorage[inferadb-common-storage]
    SharedStorage --> Memory[(Memory)]
    SharedStorage --> StorageLedger[inferadb-common-storage-ledger]
    StorageLedger --> Ledger[(InferaDB Ledger)]
Loading
Crate Purpose
inferadb-control Binary entrypoint
inferadb-control-api REST/gRPC handlers
inferadb-control-config Configuration loading
inferadb-control-const Shared constants
inferadb-control-core Business logic, entities
inferadb-control-storage Repositories + storage factory
inferadb-control-types Shared type definitions

Configuration

Environment variables use INFERADB_CTRL__ prefix with double underscores for nesting:

Variable Description
INFERADB_CTRL__LISTEN__HTTP HTTP listen address (default: 0.0.0.0:9090)
INFERADB_CTRL__STORAGE Storage backend: memory or ledger
INFERADB_CTRL__LEDGER__ENDPOINT Ledger server URL
INFERADB_CTRL__LEDGER__CLIENT_ID Client ID for idempotency
INFERADB_CTRL__LEDGER__NAMESPACE_ID Namespace for data scoping

See config.yaml for all options.

Development

# Setup
mise trust && mise install

# Common tasks (requires just)
just test      # Run tests
just lint      # Run clippy
just fmt       # Format code
just ci        # Run all checks

# Manual commands
cargo nextest run
cargo +1.92 clippy --workspace --all-targets -- -D warnings
cargo +nightly fmt --all

Deployment

Docker

docker run -p 9090:9090 inferadb/control:latest

Kubernetes

helm install inferadb-control ./helm \
  --namespace inferadb \
  --create-namespace \
  --set config.storage=ledger \
  --set config.ledger.endpoint=http://ledger.inferadb:50051

See helm/README.md for configuration options.

Documentation

Topic Link
Getting Started docs/getting-started.md
Authentication docs/authentication.md
Architecture docs/architecture.md
API Reference openapi.yaml

Community

Join us on Discord for questions and discussions.

License

Dual-licensed under MIT or Apache 2.0.

About

InferaDB control plane — multi-tenant administration with WebAuthn

inferadb.com

Topics

rust jwt multi-tenant rest-api permissions grpc authorization rbac access-control webauthn audit-logging fine-grained-access-control zanzibar passkeys rebac inferadb

Resources

Readme

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Contributors 4

  •  
  •  
  •  
  •  

Languages