Deployment Overview
Deployment Overview
Section titled “Deployment Overview”Architecture
Section titled “Architecture”┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ┌──────────┐│ Clients │──────▶│ Server │◀──────│ Agent │──────▶│ Database ││ (CLI / MCP) │ HTTP │ (REST API) │ poll │ (executor) │ SQL │(PG / MY) │└─────────────┘ └─────────────┘ └─────────────┘ └──────────┘- Clients never touch the database. They submit requests to the server and retrieve results.
- Server never touches the database. It manages approval state, audit logs, and routes requests.
- Agent polls the server. It runs in a network that can reach the database and fetches approved work via outbound HTTP.
Deployment models
Section titled “Deployment models”Separated
Section titled “Separated”Server on a central host, agent on a host with database access, CLI on developer machines.
Developer laptop ──▶ Server (cloud VM) ◀── Agent (DB subnet) ──▶ PostgreSQLMulti-agent
Section titled “Multi-agent”One server, multiple agents for different databases or environments.
┌── Agent (staging) ──▶ Staging DBServer ◀────────────────┤ └── Agent (prod) ──▶ Production DBAgents register with capabilities; the server matches requests to the appropriate agent.
Choose a deployment method
Section titled “Choose a deployment method”| Method | Page | Best for |
|---|---|---|
| Binary / systemd | server.md + agent.md | Bare metal / VM |
| Docker Compose | docker.md | Small teams, single host |
| ECS Fargate | ecs.md | AWS native |
| Kubernetes | kubernetes.md | K8s clusters |
| Helm | helm.md | GitOps / Helm-managed clusters |
Binary / systemd: Deploy the server first, obtain bootstrap tokens, then deploy the agent.
server.md and agent.md are component references. All platform-specific pages (Docker, ECS, K8s, Helm) link back to them for configuration details.
Network requirements
Section titled “Network requirements”| From | To | Port | Protocol | Purpose |
|---|---|---|---|---|
| Client | Server | 3000 | HTTP/HTTPS | Submit requests, get results |
| Agent | Server | 3000 | HTTP/HTTPS | Poll for work, report results |
| Agent | Database | 5432/3306 | PostgreSQL/MySQL | Execute queries |
The server needs no inbound access from the agent’s network — the agent initiates all connections outbound.
Transport security: The agent refuses to start if its
[server].urlis external HTTP (non-private IP, non-localhost). Use HTTPS for the agent→server connection, or setallow_insecure = trueif TLS is handled at a network layer not visible in the URL.
Security model
Section titled “Security model”- No DB credentials on clients — credentials exist only in the agent’s config
- Signed execution tokens — Ed25519 signatures prevent request tampering
- RBAC — admin, developer, readonly roles enforced by the server
- Audit log — every operation recorded with hash-chain integrity
- Fail-closed workflows — if policy evaluation fails, the request is denied (not auto-approved)
See also
Section titled “See also”- Server configuration — all server settings and operations
- Agent configuration — agent settings, capabilities, resilience
- Troubleshooting — common deployment issues