Architecture
Create a free account to apply in seconds
Technical Architecture
A deep dive into Terrateam's OCaml-powered infrastructure automation
OCaml 5.3.0
PostgreSQL
Custom Async Framework
GitOps Engine
Type safety meets performance
Terrateam is built from the ground up using OCaml, a language chosen for its type safety, performance, and ability to handle complex state machines. Our engineering team has created custom frameworks and tools to deliver a GitOps platform that scales with your infrastructure needs.
Custom async framework
We built Abb (Asynchronous Building Blocks), our own async/futures library providing monadic interfaces for high-performance concurrent operations. This allows us to handle thousands of concurrent GitOps workflows without breaking a sweat.
Type-safe SQL
Every database query is type-checked at compile time. We use OCaml's powerful type system to ensure SQL queries are correct before they ever hit production.
Core architecture components
System architecture overview
GitHub/GitLab
Webhooks
• Pull Request Events
• Push Events
• Comment Events
Terrateam Core
Workflow Engine
Security Layer
API Gateway
Your Runners
GitHub Actions/GitLab CI
• Executes plans
• Applies changes
• Posts results back
Events
Instructions
Built for high availability and reliability
Every component is designed for resilience. No single points of failure, automatic failover, and battle-tested at scale.
No Single Points of Failure
Multiple active servers, database replicas, and automatic failover ensure continuous operation.
Auto-scaling Under Load
Horizontal scaling handles traffic spikes automatically. Add servers as your team grows.
Battle-tested Reliability
Proven in production with thousands of daily deployments across hundreds of teams.
1. GitOps workflow engine
At the heart of Terrateam is a sophisticated state machine that orchestrates your entire Infrastructure as Code workflow. From webhook ingestion to plan execution, every step is carefully managed and tracked.
Workflow pipeline flow
1
Webhook Processing
GitHub/GitLab events trigger workflows
2
Work Manifest
Queued→Running→Completed
3
Lock & Validate
Directory locks + pre-workflow hooks
4
Plan & Review
Generate plan with cost estimation
5
Apply & Complete
Execute changes + post-workflow hooks
2. Security through isolation
Security isn't an afterthought, it's our architecture. By never storing your state, secrets, or code, we eliminate entire categories of security risks. Your sensitive data never enters our systems.
Security boundaries
What Terrateam Sees
PR Metadata
Branch names, PR titles, comments
Workflow Results
Plan outputs, apply status
User Permissions
From GitHub/GitLab teams
Security Boundary
What Stays With You
Terraform State
In your S3/GCS/Azure
Cloud Credentials
AWS/GCP/Azure keys
Source Code
Never cloned or accessed
GitHub/GitLab authentication
• TLS encryption
• Audit logs for all actions
3. Scalable database architecture
Our PostgreSQL-backed architecture is designed for horizontal scaling. Connection pooling, prepared statements, and careful query optimization ensure consistent performance even under load.
High-performance database stack
Application Tier
Terrateam Services
OCaml Workers
Type-Safe Queries
Compile-time SQL validation
Connection Layer
PgBouncer
Connection Pooling
Transaction Mode
Pool Size: 100
Statement Cache
Storage Tier
PostgreSQL
Primary + Replicas
MVCC
WAL
Indexes
Backups
Persistent Connections
Pooled Connections
Optimized Queries
4. Advanced configuration system
Terrateam's configuration system provides unparalleled flexibility while maintaining simplicity. Define workflows, access controls, and automation rules using our intuitive YAML configuration.
# .terrateam/config.yml
workflows:
- tag_query: "dir:production"
plan:
- type: init
- type: plan
apply:
- type: init
- type: apply
- tag_query: "dir:staging env:staging"
plan:
- type: init
extra_args: ["-backend-config=backend-staging.conf"]
- type: plan
extra_args: ["-var-file=staging.tfvars"]
apply_requirements:
checks:
- tag_query: "dir:production"
approved:
enabled: true
any_of:
- "team:sre"
merge_conflicts:
enabled: false
automerge:
enabled: true
delete_branch: true
autoplan:
enabled: true
Technical differentiators
OCaml performance
Native compilation, minimal runtime overhead, and efficient memory management make Terrateam blazingly fast. Handle thousands of concurrent operations without compromise.
Type safety
Catch errors at compile time, not runtime. Our type system ensures correctness across the entire codebase, from API endpoints to database queries.
Stateless architecture
Horizontally scale your Terrateam deployment without limits. Our stateless design ensures consistent performance and reliability at any scale.
Integration ecosystem
Terrateam integrates directly with your existing tools and workflows. No migrations, no vendor lock-in.
Version Control
GitHub & GitHub Enterprise
GitLab SaaS & Self-hosted
Native CI/CD runners
Infrastructure as Code
Terraform
OpenTofu
Terragrunt
Cloud Providers
AWS
Google Cloud
Azure
Operational excellence
Observability
Prometheus metrics, structured logging, and comprehensive audit trails. Export to your monitoring stack.
Zero downtime
Rolling updates and stateless architecture ensure your workflows continue uninterrupted during deployments.
Reliability
Multi-AZ deployment, automated failover, and comprehensive backup strategies protect your operations.
Built by engineers, for engineers
We believe in solving hard technical problems the right way. Our team brings decades of experience building distributed systems, and we've poured that expertise into every line of code.