> ## Documentation Index
> Fetch the complete documentation index at: https://docs.neuraltrust.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Deployment overview

> Where the NeuralTrust Platform runs, how the architecture is laid out, and how to pick the right combination of cloud and deployment model for your environment.

NeuralTrust ships as a single unified Helm chart — `neuraltrust-platform` — that runs on any Kubernetes cluster: AWS EKS, Google GKE, Azure AKS, Red Hat OpenShift, or vanilla Kubernetes (including on-prem and air-gapped).

You make two decisions before installing:

1. **Where** does it run? → pick your cloud / platform
2. **What** runs in your cluster? → pick your deployment model

Everything else is covered by the chart's defaults.

## 1. Pick your deployment model

| Model                                                                                     | Control Plane    | Data Plane   | Best for                                                   |
| ----------------------------------------------------------------------------------------- | ---------------- | ------------ | ---------------------------------------------------------- |
| [**Hybrid**](./deployment-models#hybrid-data-plane-in-your-environment) *(chart default)* | NeuralTrust SaaS | Your cluster | Most customers — fastest to value, no UI to operate        |
| [**Self-hosted**](./deployment-models#self-hosted-everything-in-your-cluster)             | Your cluster     | Your cluster | Air-gapped, sovereignty mandates, full operational control |

Both modes use the same chart and the same data-plane images. You can switch later without losing data. The complete decision matrix and topology diagrams live in [Deployment models](./deployment-models).

## 2. Pick your environment

Each guide covers cluster prerequisites, then walks through **both deployment models** with cloud-specific examples (storage class, ingress controller, IAM/identity, DNS, certificates, GPU pools).

<CardGroup cols={2}>
  <Card title="GCP (GKE)" icon="cloud" href="./gcp/overview">
    Google Kubernetes Engine — GCE Ingress, Managed Certificates, Workload Identity, GPU node pools (`nvidia-l4` / `nvidia-t4`).
  </Card>

  <Card title="AWS (EKS)" icon="cloud" href="./aws/overview">
    Amazon EKS — AWS Load Balancer Controller, ACM, EBS / EFS, IRSA, GPU node groups (`g5` / `g6`).
  </Card>

  <Card title="Azure (AKS)" icon="cloud" href="./azure/overview">
    Azure Kubernetes Service — AGIC or NGINX ingress, Key Vault certs, Azure Disk, GPU node pools (`Standard_NC*`).
  </Card>

  <Card title="OpenShift" icon="shield" href="./openshift/overview">
    OpenShift 4.10+ — Routes (default) or Ingress, SCC handling, `oc` workflow, ROSA / ARO / on-prem.
  </Card>

  <Card title="Vanilla Kubernetes" icon="server" href="./kubernetes/overview">
    Any Kubernetes 1.24+ — on-prem, bare metal, air-gapped, k3s, OKE, and other distributions.
  </Card>
</CardGroup>

## High-level architecture

<img className="block dark:hidden" src="https://mintlify.s3.us-west-1.amazonaws.com/neuraltrust-92b43583/images/static/img/nt-architecture-ligth.drawio.svg" alt="NeuralTrust architecture diagram" />

<img className="hidden dark:block" src="https://mintcdn.com/neuraltrust-92b43583/zYhn2tlRtReBJO1T/images/static/img/nt-architecture-dark.drawio.svg?fit=max&auto=format&n=zYhn2tlRtReBJO1T&q=85&s=c10ae9ca7823d885e5ab062e645fe155" alt="NeuralTrust architecture diagram" width="1259" height="1534" data-path="images/static/img/nt-architecture-dark.drawio.svg" />

The platform has two halves:

* **Control Plane** — UI, policy editor, scheduler, RBAC. Runs on NeuralTrust SaaS (hybrid) or in your cluster (self-hosted).
* **Data Plane** — telemetry ingestion, eval execution, ClickHouse writes. Always runs in your cluster.

TrustGate (the AI gateway), the Firewall (prompt/response safety classifiers), and the infrastructure stores (ClickHouse, Kafka, PostgreSQL) all sit on the data-plane side and run **in your cluster** in both deployment models. Your prompt and response data never leaves your environment.

## What gets deployed

| Component                             | Purpose                                                | In hybrid?        | In self-hosted?   |
| ------------------------------------- | ------------------------------------------------------ | ----------------- | ----------------- |
| Data Plane API + worker               | Telemetry ingestion, eval scheduling                   | ✅                 | ✅                 |
| Kafka Connect                         | Streams events into ClickHouse                         | ✅                 | ✅                 |
| Control Plane API + UI + Scheduler    | Dashboards, RBAC, policy distribution                  | — *(SaaS)*        | ✅                 |
| TrustGate (admin + gateway + actions) | AI gateway                                             | ✅ *(typical)*     | ✅                 |
| Firewall (gateway + 5 workers)        | In-cluster prompt/response safety — CPU or GPU workers | ✅                 | ✅                 |
| ClickHouse                            | Analytics database                                     | ✅ *(or external)* | ✅ *(or external)* |
| Kafka                                 | Event streaming                                        | ✅ *(or external)* | ✅ *(or external)* |
| PostgreSQL                            | Relational store (TrustGate + CP metadata)             | ✅ *(or external)* | ✅ *(or external)* |
| Redis                                 | TrustGate cache (bundled with TrustGate subchart)      | ✅ *(or external)* | ✅ *(or external)* |

For the complete image list per model, including tags, replicas, and resource footprints, see [Image catalog](./images).

## Configurable infrastructure

ClickHouse, Kafka, and PostgreSQL can each be:

* **In-cluster** (default) — the chart deploys and manages StatefulSets, PVCs, and credentials.
* **External** — you point the chart at managed services (RDS, Cloud SQL, MSK, Confluent Cloud, ClickHouse Cloud, etc.).

This applies in both deployment models. See [Configuration scenarios › External infrastructure](./configuration#external-infrastructure-only).

## LLM endpoints

Some NeuralTrust components require access to an LLM endpoint to perform their operations (LLM-as-a-Judge evaluators, topic summarizer, etc.).

<Warning>
  The cluster where you deploy the Data Plane must have network reachability to the LLM endpoint.
</Warning>

Configure providers from the NeuralTrust dashboard. Supported out of the box:

| Provider                   | Notes                                              |
| -------------------------- | -------------------------------------------------- |
| **OpenAI**                 | Direct REST integration                            |
| **OpenAI-compatible APIs** | Any provider implementing the OpenAI API shape     |
| **Google Gemini**          | Direct REST integration                            |
| **Ollama**                 | Self-hosted models served from your infrastructure |
| **Anthropic**              | Claude models across regions                       |
| **Azure OpenAI**           | Azure-hosted OpenAI endpoints                      |

<Note>
  In hybrid mode you can use NeuralTrust's managed LLM endpoint.
</Note>

## LLM targets / upstreams

TrustGate and TrustTest both need network reach to the LLM you're protecting or testing.

* For testing, see [TrustTest](/trusttest/connect/overview).
* For protection, see [TrustGate](/trustgate/overview).

<Warning>
  The cluster where you deploy the Data Plane and TrustGate must have network reachability to the LLM target.
</Warning>

## Detailed component reference

Each component below is documented for its responsibilities and security posture. For *how* to deploy them, follow the per-cloud guide above.

### Data Plane

The Data Plane manages your private data and endpoints — user conversations, traces, metrics, and evals.

**API**

* High-throughput ingestion (millions of events/sec at the upper end).
* Real-time validation and enrichment of incoming streams.
* Robust API key management and JWT-based authentication.
* Horizontal autoscaling against incoming volume.

**Worker**

* Real-time analysis for immediate insights and anomaly detection.
* Privacy-preserving analytics while keeping raw data in your environment.
* Alert generation for critical AI security and performance events.

**Message Queue (Kafka)**

* Event sourcing — complete audit trails of all AI monitoring events.
* Guaranteed delivery with configurable durability.
* Stream processing for real-time workflows.
* Backpressure management during traffic spikes.

<Note>
  Kafka is the only supported Data Plane message queue today. Deploy in-cluster or point at an external instance (MSK, Confluent Cloud, Event Hubs).
</Note>

**Database (ClickHouse)**

* Complete data sovereignty — all raw AI monitoring data stays in your VPC.
* High-performance analytics, optimized for real-time and complex queries.
* Encryption at rest with your managed keys.
* Compliant for GDPR, HIPAA, SOX, and other regulatory frameworks.

<Note>
  ClickHouse is the only supported Data Plane analytics DB today. Deploy in-cluster or external (ClickHouse Cloud).
</Note>

### Control Plane

The Control Plane provides centralized management and advanced AI security capabilities.

**API**

* Backbone for all Control Plane operations and customer interactions.
* Powers the NeuralTrust dashboard and customer interfaces.
* Multi-tenant architecture with strict environment isolation.
* Global orchestration across multiple customer Data Plane deployments.

**Application (UI)**

* Real-time dashboards for AI security and performance insights.
* Cross-environment analytics without compromising individual data privacy.
* Centralized alert configuration and notification management.

**Scheduler**

* Schedules and orchestrates TrustTest execution jobs across customer environments.
* Coordinates TrustScan security analysis jobs and vulnerability assessments.
* Coordinates periodic metrics checks for alert generation.
* Manages the timing and execution of AI testing and scanning workflows.

**Database (PostgreSQL)**

* Stores only basic operational data for CRUD operations.
* Never stores customer's sensitive AI monitoring data.
* Configuration management for system configurations and user preferences.
* User management for accounts, permissions, and authentication.

<Note>
  PostgreSQL is the only supported Control Plane database today. Deploy in-cluster or external (RDS, Cloud SQL, Azure Database for PostgreSQL).
</Note>

## Data flow & privacy

NeuralTrust's architecture ensures complete data sovereignty while enabling comprehensive AI security through privacy-preserving data flows.

**AI application data flow (your environment):**

1. AI applications route through **TrustGate** for real-time validation against configured security policies.
2. TrustGate writes validated, protected interaction data directly to the **Data Plane Kafka** for processing.
3. **Data Plane workers** process and analyze the data while keeping everything in your VPC.
4. Workers write raw and derived data to the **Data Plane ClickHouse** in your controlled environment.

**Policy management flow:**

* The **TrustGate admin** service exposes security policies, routing rules, rate limits, and access controls that govern gateway behavior.

**Cross-VPC security operations (privacy-safe only):**

* **TrustTest** runs on the NeuralTrust Control Plane for comprehensive red-teaming, against your data-plane endpoints.
* **TrustScan** performs analysis within your Data Plane using your complete data.
* Only aggregated, anonymized security insights cross the VPC boundary.
* Customer prompts, responses, and user data never leave your environment for vulnerability scanning.

> **Why TrustTest runs in the Control Plane**
>
> TrustTest operates exclusively in NeuralTrust's Control Plane infrastructure to maintain a centralized, continuously updated jailbreak database. New jailbreak techniques emerge daily; maintaining an up-to-date threat intelligence database requires continuous research and monitoring. By running TrustTest centrally, all customers immediately benefit from the latest red-teaming capabilities without independently cataloging new attack methods.

## Cloud-specific guides

| Guide                                       | When to use                                                                       |
| ------------------------------------------- | --------------------------------------------------------------------------------- |
| [GCP (GKE)](./gcp/overview)                 | Google Cloud Platform — default chart target                                      |
| [AWS (EKS)](./aws/overview)                 | Amazon Web Services                                                               |
| [Azure (AKS)](./azure/overview)             | Microsoft Azure                                                                   |
| [OpenShift](./openshift/overview)           | Red Hat OpenShift 4.10+ on any cloud or on-prem                                   |
| [Vanilla Kubernetes](./kubernetes/overview) | Any conformant Kubernetes — on-prem, bare metal, air-gapped, k3s, RKE2, OKE, etc. |

Each guide has hybrid and self-hosted walkthroughs with full YAML examples.

## Cross-cutting reference

| Topic                                      | When you need it                                                                                       |
| ------------------------------------------ | ------------------------------------------------------------------------------------------------------ |
| [Deployment models](./deployment-models)   | Picking between hybrid and self-hosted                                                                 |
| [Feature flags reference](./feature-flags) | PostgreSQL / Redis / Kafka / ClickHouse local vs external, image registry, storage class, secret modes |
| [Image catalog](./images)                  | Image registry, tags, replicas, sizing                                                                 |
| [Configuration scenarios](./configuration) | Side-by-side values files for common topologies                                                        |
| [Secrets management](./secrets)            | Auto-generation, pre-generated, External Secrets Operator                                              |
| [Firewall deployment](./firewall)          | CPU vs GPU workers, TrustGate integration                                                              |

## Source code

* [Helm chart repository](https://github.com/NeuralTrust/neuraltrust-platform)
* [Releases](https://github.com/NeuralTrust/neuraltrust-platform/releases)
* [Issue tracker](https://github.com/NeuralTrust/neuraltrust-platform/issues)

***

> **Data sovereignty first.** NeuralTrust's architecture ensures your sensitive AI data never leaves your environment while providing enterprise-grade AI security monitoring and insights.
