Two paths, one stack

The same code runs in our SaaS and inside your datacentre. What differs is who operates the cluster and how the license is issued. Pick the path that matches your constraints.

Read the source for diligence

The full source is published under AGPL-3.0-or-later for your security team’s review. You can audit every commit, run it locally for evaluation, and verify our claims against the implementation. This is a diligence credential — not a green light to run it in production for your customers.

Run it in production (Dedicated On-Prem)

For any production deployment serving real users — your employees, customers, or partners — you’ll want a Dedicated On-Prem contract with us. We do this sales-led for the first 3–5 customers so we can hand-tune the install for your environment, K8s flavour, and compliance constraints. Email sales@feder8d.ai.

What a Dedicated On-Prem install includes

Each install is bespoke for v1. The standard deliverables once you sign:

• Helm umbrella chart pre-configured with mode: on_prem, tuned for your environment
• OCI image bundle for every service (orchestrator, tenant-api, model-gateway, operator, console, workers) plus bundled Caddy, Postgres, Qdrant, Redis, MinIO
• Pre-pulled model weights for the entitled models (Qwen 2.5 7B, Mistral-Small 24B, BGE embedding + reranker)
• A signed license JWT scoped to your tenant, renewed annually
• Pre-flight + install session — half a day with your ops team, on Zoom or on-site
• 30-day Slack Connect support with our engineering team after install
• Restore drill scripts for testing recovery against your backup target
• A named contact at feder8d for the duration of the contract

Prerequisites your team needs to have ready

Before the install session:

• Kubernetes 1.28+ — EKS / GKE / OpenShift / k3s all supported
• A storage class that supports ReadWriteOnce (for Postgres + Qdrant + MinIO)
• Internal DNS for feder8d.<your-domain> plus a wildcard subdomain
• A wildcard TLS certificate from your internal CA, OR Let’s Encrypt access
• An internal container registry we can push the OCI images into
• An SMTP relay endpoint for outbound email (email verification + password reset)
• For production GPU inference: at least 1× GPU node with ≥48 GB VRAM (or CPU-only with llama.cpp fallback at lower throughput)
• A backup target — S3-compatible bucket of your choice (MinIO works)

Air-gapped installs

Available on request for fully-disconnected environments. Bundle is shipped on encrypted media (no internet egress at install time). Quote and timeline depend on your specific environment — typically 1–2 weeks longer than a connected install.

License terms

The platform code is AGPL-3.0-or-later. Modifications you run as a network service trigger AGPL Section 13 — your modified source must be available to your users. The Tenant Console exposes a /about/source link that points at our upstream by default; configure it to your fork if you’ve modified the code.

For deployments where AGPL’s network-copyleft clause is incompatible with your needs (typical for embedding feder8d inside a closed-source SaaS product you sell), the commercial license is available. It’s included in every Dedicated On-Prem and Dedicated Managed contract by default. For other commercial-license enquiries email legal@feder8d.ai.

Renewal

Renewal is a new license JWT, dropped at /etc/feder8d/license.jwt. The license watcher hot-reloads — no restart needed. New OCI images for the version you renewed against are delivered with the renewal if you’ve moved up a major version.

Where to go next

• Public API reference
• Security posture
• Pricing — Dedicated tiers + paid POC