Open Source Go Library

The control plane
your SaaS deserves

A composable Go library for deploying and managing multi-tenant application instances. Provider-agnostic. Interface-driven. Production-ready.

Get Started GitHub

Quick Start

Up and running
in minutes

Mount Ctrl Plane as a Forge extension, register your provider, and you have a production-ready control plane with OpenAPI docs, health checks, and background workers.

Automatic OpenAPI spec generation
Built-in health checks and lifecycle hooks
Zero-config Docker, Kubernetes, AWS, or custom providers
Multi-tenant isolation out of the box

Read the full guide

main.go

package main

import (
    "log"

    "github.com/xraph/forge"

    "github.com/xraph/ctrlplane/app"
    "github.com/xraph/ctrlplane/extension"
    "github.com/xraph/ctrlplane/provider/docker"
    "github.com/xraph/ctrlplane/store/memory"
)

func main() {
    // Create a Forge app with OpenAPI docs
    forgeApp := forge.New(
        forge.WithAppName("ctrlplane"),
        forge.WithAppVersion("0.1.0"),
    )

    // Register Ctrl Plane as an extension
    cpExt := extension.New(
        extension.WithStore(
            app.WithStore(memory.New()),
        ),
        extension.WithProvider(
            "docker",
            docker.New(docker.Config{}),
        ),
    )

    forgeApp.RegisterExtension(cpExt)
    log.Fatal(forgeApp.Run())
}

Everything you need

A complete toolkit for multi-tenant SaaS infrastructure, designed as composable Go packages.

Instance Lifecycle

Provision, start, stop, scale, and destroy tenant instances with a declarative state machine.

Zero-Downtime Deploys

Rolling, blue-green, and canary strategies. Ship without dropping a single request.

Multi-Tenant Isolation

Every query scoped by tenant. Resource quotas, audit trails, and admin controls built in.

Provider Agnostic

Kubernetes, Docker, AWS ECS, Fly.io, Nomad, or bring your own with a single interface.

Health Monitoring

HTTP, TCP, gRPC, and command checks with automatic recovery and status tracking.

Networking & TLS

Custom domains, automatic TLS certificates, route management, and traffic splitting.

Secrets Management

Pluggable vault interface for secure storage. Inject secrets as environment variables at deploy time.

Event System

Publish and subscribe event bus for lifecycle hooks. In-memory, NATS, or Redis backends.

Layered by design

Every layer has a clean interface. Swap any component without touching the rest.

Your Application

Standalone binary or Forge extension

Ctrl Plane Services

InstancesDeploysHealthTelemetryNetworkSecretsAdminEvents

Provider Layer

KubernetesDockerAWSFly.ioNomadGCPAzureCustom

Built on principles

Library, not framework

A collection of Go packages you import. No binaries to deploy, no runtime to manage, no opinions forced on your architecture.

Provider agnostic

Define infrastructure through a unified interface. Switch from Docker in development to Kubernetes in production without changing application code.

Multi-tenant by default

Tenant isolation is not bolted on. Every store query is scoped, every resource is quota-tracked, and every action is audit-logged from day one.

Composable interfaces

Every subsystem is defined by a Go interface. Use the built-in implementations or bring your own. Mix and match to fit your exact requirements.

Start building your control plane

Read the quick start guide or explore the full API reference.

Quick Start Documentation

Architecture·Concepts·Providers·Deploy Strategies·API Reference

The control planeyour SaaS deserves

Up and runningin minutes