Deployment

The entire platform runs on-premises on commodity hardware. No cloud accounts. No external API calls. No data leaves the network. Designed from day one for classified, air-gapped environments.

ON-PREMISES CLUSTER (AIR-GAPPED) APPLICATION SERVICES PHYSICS AI / REASONING KILL CHAIN INTEL C2 OT DATABASE MESSAGING CACHE SECRETS LOCAL LLM METRICS / TRACING / LOGGING CI/CD PIPELINE (SELF-HOSTED) SERVICE APIs STREAMING OT PROTOCOLS

Infrastructure

Orchestration Container orchestration (any standard distribution)
Container runtime OCI-compliant
Database Open source relational
Messaging Persistent pub/sub messaging
Cache Open source in-memory
LLM Local model inference — no external API calls
Key management Open source secrets management or HSM — classical and post-quantum keys
Observability Metrics, distributed tracing, structured logging
Terrain data Customer-provided DEM tiles, 10m or 30m (pre-loaded, no internet required)

Infrastructure

Commodity Hardware

All services are compiled Go binaries. No JVM, no Python runtime, no GPU requirement for core services. Runs on standard x86-64 servers. The physics engine is CPU-parallel across cores — more cores, more resolution.

Horizontal Scaling

The World Model partitions geographically — add nodes to cover more area at the same resolution. The kill chain services scale independently. The cognitive warfare mesh adds peers for distributed consensus. Scale each layer to the mission, not to a fixed capacity.

Air-Gapped by Default

No service phones home. No telemetry leaves the network. OSINT collection uses an optional internet-facing sidecar that can be physically separated. Everything else runs fully disconnected.

CI/CD Included

Self-hosted build pipeline with automated testing, container builds, and deployment. Push to the internal git server, containers build and deploy automatically. No external CI service required.

Services

Total services Microservice architecture
Language Go — single static binary per service
Inter-service protocol gRPC with mTLS
Async messaging Persistent pub/sub with guaranteed delivery
Viewer protocol WebSocket with binary protobuf + sparse delta encoding
Health probes /healthz (liveness), /readyz (readiness) per service

Two Deployment Configurations

The platform deploys in two configurations from the same codebase. The full military deployment includes the complete kill chain — targeting, fires management, weapon gateway, battle damage assessment. The civilian deployment excludes the entire engagement loop and deploys only the services relevant to civil operations — World Model, cognitive engine, autonomous operations, OSINT, command, and OT monitoring.

The civilian configuration has zero dependencies on engagement-loop services. No targeting concepts, no weapon interfaces, no fires management in the deployment. Civilian customers receive a system that was designed for their mission, not a military system with capabilities removed.

No Vendor Lock-In

Every infrastructure component is open source — database, messaging, caching, orchestration, secrets management, observability. All widely deployed, all with multiple commercial support options, none proprietary. The platform doesn't depend on any single vendor's cloud, runtime, or licensing model.

The entire stack is open source and runs on commodity hardware. No dependency that can be revoked or repriced. The customer owns the infrastructure and interoperates with partners on their own terms.