DataStrict
Integrations

Integrations

Kubernetes

The reference self-hosted deployment: run DataStrict as a scalable gateway with a Helm chart and mTLS.

Overview

Kubernetes is the reference way to self-host DataStrict. The gateway runs as a horizontally scalable Deployment behind a Service, wherever your cluster lives.

This is how DataStrict ships into on-premises, private-cloud, and air-gapped environments.

How it works

Install the Helm chart. The gateway runs as one or more replicas; application pods send model traffic to its Service, mTLS secures the hop, and the Ledger is a Postgres you run in or beside the cluster. Policy is mounted as versioned configuration and reloaded on change.

Connect

Add the Helm repo, install the chart with your model providers and Ledger connection, and point workloads at the gateway Service.

helm repo add datastrict https://charts.datastrict.com
helm install datastrict datastrict/gateway \
  --set ledger.dsn=postgres://ledger:5432/datastrict \
  --set providers.bedrock.enabled=true

What you can enforce

  • All model traffic in the cluster routed through one enforcement point.
  • mTLS between workloads and the gateway.
  • Policy as versioned configuration, reloaded without downtime.
  • A self-hosted Ledger that never leaves your infrastructure.

Tip · Runs offline

The gateway has no hard dependency on our cloud. It enforces and audits entirely within your cluster, which is what makes air-gapped deployments possible.

Was this page helpful?