Building Blocks

Container Diagram (C4 Level 2)

The container diagram shows the major deployable units inside the Akili platform.

C4Container
    title Container Diagram — Akili Platform

    Person(dev, "Developer", "CLI / CI")
    Person(ops, "Operator", "Portal UI")

    System_Boundary(akili, "Akili Platform") {
        Container(api, "Control-Plane API", "Rust / Axum", "REST API — products, tenants, executions, governance, serving")
        Container(portal, "Portal", "Next.js 15", "Developer and operator UI with BFF proxy")
        Container(cli, "CLI", "Rust / clap", "Developer tool — init, validate, deploy, run")
        Container(operators, "CRD Operators", "Rust / kube-rs", "Reconcile Tenant, DataProduct, License, InferenceService CRDs")
        Container(dagster, "Dagster", "Python", "Orchestration — asset graph, sensors, IO managers, quality checks")
    }

    System_Boundary(data, "Data Layer") {
        ContainerDb(pg, "PostgreSQL", "CNPG", "Registry, state, RLS tenant isolation")
        ContainerDb(redis, "Redis", "Sentinel", "Serving cache, session store")
        ContainerDb(starrocks, "StarRocks", "Shared-data", "OLAP analytics via Iceberg federation")
        ContainerDb(ceph, "Ceph RGW", "S3 API", "Data lake — Iceberg tables")
        ContainerQueue(redpanda, "Redpanda", "Kafka API", "Domain events, per-tenant topics")
    }

    Rel(dev, cli, "akili deploy", "CLI")
    Rel(dev, api, "REST", "HTTPS")
    Rel(ops, portal, "Browser", "HTTPS")
    Rel(portal, api, "BFF proxy", "HTTP")
    Rel(api, pg, "sqlx", "TCP")
    Rel(api, redpanda, "publish events", "TCP")
    Rel(api, redis, "cache", "TCP")
    Rel(api, starrocks, "analytics queries", "MySQL")
    Rel(dagster, pg, "execution state", "TCP")
    Rel(dagster, ceph, "IO managers", "S3")
    Rel(operators, pg, "CRD status", "TCP")

Rust Crate Architecture

The control-plane is built from 7 crates with strict dependency rules:

flowchart TD
    API["akili-api<br/>Handlers, middleware, extractors"]
    OPS["akili-operators<br/>CRD reconcilers"]
    SVC["akili-services<br/>Business logic"]
    STG["akili-storage<br/>Repositories, migrations"]
    EVT["akili-events<br/>Event publishing"]
    CORE["akili-core<br/>Types, traits, errors"]
    CLI["akili-cli<br/>CLI commands, bootstrap"]

    API --> SVC
    API --> CORE
    OPS --> SVC
    OPS --> CORE
    SVC --> STG
    SVC --> EVT
    SVC --> CORE
    STG --> CORE
    EVT --> CORE
    CLI --> SVC
    CLI --> CORE

Dependency rules (enforced by CI):

akili-core depends on nothing (leaf crate)
akili-storage depends on akili-core only
akili-events depends on akili-core only
akili-services depends on akili-core, akili-storage, akili-events
akili-api depends on akili-core, akili-services (never storage or events directly)
akili-operators depends on akili-core, akili-services (never storage or events directly)

Portal Architecture

Component	Technology	Purpose
Framework	Next.js 15, React 19	SSR + client-side rendering
State	Zustand (5 stores)	Client-side state management
Data fetching	TanStack Query	Server state with query presets
Styling	Tailwind v4 + CSS custom properties	Vision design language
Auth	NextAuth v5 + Authentik OIDC	Session management
BFF	Route handlers + rewrites	Server-side credential injection

Infrastructure

Service	Deployment	Namespace
ArgoCD	App-of-Apps (56 child applications, 2 controller replicas)	`argocd`
PostgreSQL	CNPG operator (HA, streaming replication)	`cnpg-system`
Ceph	Rook operator (3 OSD, 1 RGW)	`rook-ceph`
Redpanda	Helm chart (3 brokers)	`redpanda`
Authentik	Helm chart (2 replicas)	`authentik`
Monitoring	Prometheus + Grafana + Loki + Tempo + Alertmanager	`monitoring`
Cert-manager	Helm chart + Let’s Encrypt	`cert-manager`
K3s	3 masters (embedded etcd quorum) + 8 workers + 2 Spark nodes	Cluster-level