Core Concepts
Architecture Overview
Understanding Engrami's Control Plane + Data Plane architecture for enterprise deployments.
Architecture Overview
Engrami uses a unique split architecture that separates the management layer (Control Plane) from your sensitive data (Data Plane). This ensures complete data sovereignty while providing a seamless management experience.
Control Plane (SaaS)
- Dashboard & Management UI
- API Gateway & Authentication
- Billing & Usage Tracking
- Agent Definitions (Metadata Only)
- Workflow Orchestration
Data Plane (Your VPC)
- Agent Runtime Environment
- Vector Database (ChromaDB/Pinecone)
- Graph Database (Neo4j)
- All Sensitive Customer Data
- LLM API Connections
Data Flow
- Request arrives at the Control Plane API
- Authentication & authorization validated
- Request forwarded to your Data Plane via mTLS tunnel
- Agent processes request with access to local memory stores
- Response returned through the same secure channel
- Usage metrics sent to Control Plane (no sensitive data)
Security Model
- mTLS Encryption - All communication between planes is encrypted
- Zero Trust - Data Plane verifies all requests independently
- Data Isolation - Sensitive data never leaves your infrastructure
- Audit Logging - Complete audit trail of all operations
Component Overview
Control Plane Components
- FastAPI Backend - REST API with async support
- Next.js Dashboard - React-based management UI
- PostgreSQL - Metadata and configuration storage
- Redis - Caching and session management
- Stripe Integration - Billing and payments
Data Plane Components
- Agent Runtime - Python-based execution environment
- ChromaDB - Vector embeddings for semantic memory
- Neo4j - Graph database for procedural memory
- PostgreSQL - Episodic memory and event storage
- MinIO/S3 - Document and artifact storage