06 · deploy

Deploy - what the managed tier gives you.

OriginChain is a managed SaaS - you do not run the engine, we do. This page walks through what the managed tier provisions on your behalf, how to pick a region/tier, which add-ons unlock what, and what the wider topology looks like once it's live.

Note for operators

Most customers can skip ahead to provisioning. The architecture and topology sections below are mainly informational - relevant if you're on an Enterprise BYO-cloud variant where your team operates the box on infrastructure we don't own.

Tenant architecture

One managed instance per tenant - writer plus an optional sync follower in the same region - fronted by a per-tenant managed wildcard cert and a single Argon2-hashed bearer. No shared load balancer, no shared disk, no shared memory. The control plane (signup, billing, console) is global; the data plane never crosses the region you picked.

Sharding, replicas, and high availability are engine-level concerns, not infrastructure tricks. There is one managed engine per tenant - nothing extra to schedule.

Choosing a region + tier

tier	use	RAM	topology
Tier 1	First production workload, prototypes, dev environments	8 GB	No SLA. Single AZ. Card required at signup; billed from day 1.
Tier 2	Production SaaS with SLA	16 GB	Sync replica across 2 AZs, 99.9% SLA.
Tier 3	High-concurrency customer-facing SaaS	32 GB	Writer + 2 followers across 3 AZs, 99.95% SLA.
Enterprise	Custom - BYO-cloud, HIPAA BAA, GDPR DPA, dedicated capacity	by spec	Per-contract terms, 99.99% SLA target.

Pricing multiplier: Mumbai is the base price; every other region adds 1.15× on compute and storage to cover cross-region operational overhead.

Selecting add-ons

Base tiers ship with the core engine, single-row CAS, boolean FTS, and continuous-archive PITR. Everything else is an opt-in monthly add-on you can add or remove any time. See /pricing#addons for line-item costs.

SQL Pro

Analytics workloads - JOIN, OUTER JOIN, GROUP BY, HAVING.

Vector Search

Embedding workloads - HNSW ANN with SIMD, filtered topk.

Full-Text Pro

Search workloads - BM25, phrase, Unicode, Snowball stemming.

Graph

Relationship workloads - neighbors, BFS, path, weighted Dijkstra.

Transactions

Multi-row OLTP - snapshot isolation with optimistic conflict detection.

Sub-Second PITR

Sub-second restore granularity. Continuous log archive.

Multi-Writer Cluster

Active-active cross-region replication. Enterprise - contact sales.

Add-ons attach to any tier and bill on the next invoice. Toggle on or off from the console at any time; line items prorate to the day.

Provisioning

Click-to-running takes ~30 seconds. There are no manual steps; the console drives the whole flow.

1. Pick region + tier

Console → New instance. Mumbai (ap-south-1) is the home region; Frankfurt, Virginia, Tokyo, Sydney carry a 1.15× pricing multiplier on compute + storage.

2. Click create

We provision a dedicated managed instance (writer) and, on paid tiers, a sync follower in the same region - both behind a TLS 1.3 listener with a managed wildcard cert under <region>.db.originchain.ai.

3. Copy your bearer

Console mints an Argon2-hashed bearer at instance creation. One active token at a time. Rotation is a single click and emits an audit-log entry; the prior token is honored for 60s to cover rolling deploys.

4. Connect

Endpoint is <tenant>.<region>.db.originchain.ai. Median time from click to first 200 OK on /health is ~30 seconds.

DNS & TLS

Each tenant gets a DNS A record auto-provisioned at <tenant>.<region>.db.originchain.ai pointing at the writer's public IP. The wildcard cert under *.<region>.db.originchain.ai auto-renews; you never see the private key.

On failover the same DNS record is UPSERTed at the new writer's IP with a 60-second TTL - propagation is typically sub-minute.

Bearer rotation

Rotate from the console at any time. The new token activates immediately and the prior token stays honored for 60 seconds so a rolling deploy can swap without a 401-storm. Every rotation lands an entry in the per-tenant audit log with actor, timestamp, and source IP.

Replication topology

Paid tiers run writer + follower in the same region with sync replication (--sync-min-acks=1 default). Commits durably ack only after the follower has the commit on disk: RPO is 0 in steady state, RTO is ~25 seconds via the promote-follower flow (see ops → failover). Both nodes share the same epoch lease, which fences split-brain.

Cross-region active-active replication is available on Enterprise via the Multi-Writer Cluster add-on. On other tiers, every byte stays in the region you picked.

Migration from existing data

Importing from Postgres? See Postgres ingest. For CSV / JSON / NDJSON dumps, see the bulk-load section in Insert → bulk. Connectors for DynamoDB and MongoDB are on the roadmap; in the meantime you can stream your dump through the standard bulk insert.