obsrv
Browse documentation
/docs/self-host

Self-host architecture

obsrv is hosted SaaS by default. Enterprise customers can deploy in their own VPC. This page describes the architecture you'll be running.

Components

  • Go ingest API — chi router, slog logging, pgx for Postgres, GCP SDKs for object storage and warehouse.
  • Next.js dashboard — App Router, NextAuth v5, server actions for mutations.
  • Postgres (pgvector) — control plane: orgs, projects, members, keys, metrics, clusters, embeddings.
  • Object storage — GCS by default; S3-compatible buckets supported on Enterprise.
  • Warehouse — BigQuery by default; Snowflake / DuckDB on Enterprise.
  • Embedding worker — long-running Go worker that extracts text and computes embeddings.
  • Cluster discoverer — k-means worker that produces clusters and labels them via Claude.

Required infrastructure

  • A Postgres 14+ instance with the pgvector, pgcrypto, and citext extensions.
  • An object storage bucket (GCS or S3-compatible).
  • A warehouse for trace indexes (BigQuery, Snowflake, or a DuckDB volume for smaller deployments).
  • A container runtime (Kubernetes, Cloud Run, ECS, Fly).

Threat model and isolation

Every artifact stored on disk lives under orgs/{org}/projects/{project}/…. API keys are bound to a project. Dashboard users are bound to org membership. Crossing tenants requires a deliberate, audited control plane action.

Previous
Attachments
Next
Deploy