ENTERPRISE · SOVEREIGN · ON YOUR INFRASTRUCTUREDocsTrust centerAboutContact sales →

← Developers§ Environments · Dev / Test / Prod · Eval-gated promotion

Developers · Environments · Dev / Test / Prod

Promote with confidence.
Roll back in one click.

Dev, test, and prod - namespace-isolated, with their own quotas, budgets, and credentials. Eval gates block promotion when scores drop.

"We'll add staging later" stops being acceptable when the agent talks to your finance system.

See the promote flow →Read the docs

§ 01 · The problemWhat "we'll add staging later" actually costs

Most agents reach prod
without a safety net.

Most teams ship agents to a single environment and call it good. The first incident reveals what's missing: no place to test changes against production-like data, no quality gate before users hit the bug, and no clean way to roll back when something regresses. Building isolation in retrospect is twice the work of having it from day one.

PROBLEM 01NO ISOLATION

Single-environment shops

Builders test against prod data because there's no other option. The first time a fine-tuning experiment leaks into a customer conversation, the team scrambles to add isolation. By then the audit trail looks bad.

PROBLEM 02GATE BYPASS

Eval scores nobody checks

Quality gates are great in theory but most platforms make them a manual step. Promotion happens via a Slack message and a kubectl command. The eval ran yesterday. The threshold drift goes unnoticed for weeks.

PROBLEM 03MTTR HOURS

Rollback is a war room

Something regresses in prod. You need to revert. The previous version's config is in someone's git stash, the data ingestion ran on the new schema, and rolling back means coordinating four teams over Zoom. Mean-time-to-recover: hours.

§ 02 · Inside the platformThe actual Environments page

Provisioned by API.
Visible from one console.

This is what your operators see at /operations/org-environments. Three summary cards for dev/test/prod plus a full table with namespace, resources, LLM budget, status. Click 'Promote' on any agent and see the eval gate decide.

app.your-org.katonic.ai/operations/org-environmentsOperations

Dev / Test / Prod

Three-tier environment isolation. Each env is its own Kubernetes namespace with scoped data, GPU quota, and LLM budget.

3/3 Active

DEV● ACTIVE

Namespacekatonic-acme-devResources8 CPU, 16Gi, 50GiLLM Budget$100/moAgents12

TEST● ACTIVE

Namespacekatonic-acme-testResources16 CPU, 32Gi, 200GiLLM Budget$500/moAgents4

PROD● ACTIVE

Namespacekatonic-acme-prodResources64 CPU, 128Gi, 2TiLLM Budget$5000/moAgents3

Environment	Namespace	Resource Profile	Resources	LLM Budget	Status
DEVacme-dev	katonic-acme-dev	small	8 CPU, 16Gi, 50Gi	$100/mo	● ACTIVE
TESTacme-test	katonic-acme-test	medium	16 CPU, 32Gi, 200Gi	$500/mo	● ACTIVE
PRODacme-prod	katonic-acme-prod	large	64 CPU, 128Gi, 2Ti	$5000/mo	● ACTIVE

ℹEach environment maps to a KAI Scheduler child queue under the org's parent queue. Production has guaranteed GPU. Test is preemptible by prod. Dev is best-effort and preemptible by both.

This is the actual productThe screenshots above are not concepts. /operations/org-environments renders this in your sandbox today. The promote modal opens from any agent's detail page in Studio when more than one environment exists.

§ 03 · What's isolated13 layers · Three buckets

Thirteen layers.
Each one explicit.

Most platforms gesture vaguely at "environments" without specifying which layers actually isolate. Here's the full list, by layer, with how the isolation works and what stays shared on purpose.

LayerHow it isolatesScopeNote

Kubernetes namespacekatonic-{org}-{env}PER-ENVAtomic delete. Network policies enforced.

MongoDB collectionsPer-env collection prefixPER-ENVInside the org's MongoDB instance.

PostgreSQLSeparate schemas per envPER-ENVWithin the org's Postgres cluster.

Milvus (vectors)Separate collections per envPER-ENVWithin the org's Milvus instance.

MinIO (objects)Separate buckets per envPER-ENVWithin the org's MinIO instance.

Redis (cache)Per-env key prefixesPER-ENVWithin the org's Redis instance.

GPU quotaKAI Scheduler child queuePER-ENVPer-env guaranteed/preemptible policy.

LLM budgetPer-env spend caps in AI GatewayPER-ENVIndependent monthly limits.

Provider credentialsPer-env overridePER-ENVCheaper models in dev, real ones in prod.

Network policiesK8s NetworkPolicy per namespacePER-ENVDev cannot reach prod databases.

RBAC scopeKeycloak group membershipSCOPEDBuilders can promote-to-test, only admins can promote-to-prod.

Docker image registryOrg-wideSHAREDSame images everywhere by design.

Audit log destinationOrg-wide store with env fieldSHAREDSingle audit timeline across envs - that's the point.

Why audit stays sharedIf a regression hit prod, you need to follow it back to which dev change introduced it. Splitting audit per environment defeats the post-incident timeline. The audit log lives org-wide with an env field, indexed.

§ 04 · The lifecycleBuild · Promote · Roll back · Audit

The eight steps
between idea and live agent.

Every agent that reaches production walks this path. Steps 1-3 happen in Studio. Steps 4-6 are clicks. Step 7 is one click. Step 8 happens whether you look at it or not.

STEP 01✦

Build in dev

Builders create agents in dev. Best-effort GPU. Cheaper models. Sample/synthetic data. Iterate fast, fail cheap.

STEP 02↗

Hit promote button

Click 'Promote' on the agent detail page. The promote modal shows source → target, eval gate status, and what gets copied (config) vs what doesn't (data).

STEP 03✓

Eval gate decides

Platform pulls the latest eval scores. If they pass the threshold for the target environment, promote proceeds. If not, the modal shows which evaluators failed.

STEP 04→

Config copies, data doesn't

Agent config, system prompt, tool bindings, guardrail profile, knowledge source bindings copy. Raw data, embeddings, and chat history stay in dev. Target runs its own ingestion.

STEP 05▦

Validate in test

QA runs the agent against production-like data. Test environment uses the same models as prod but with a smaller GPU quota and a $500/mo budget cap.

STEP 06↗

Promote to prod

Same flow, higher threshold. Production environment gets guaranteed GPU, the real model tier, the production budget, and non-preemptible queue priority.

STEP 07↺

Roll back if needed

Something regresses? Click 'Rollback' on the agent detail page, pick a previous version. The active version pointer re-points. Hot reload, zero downtime.

STEP 08≡

Every step audited

Promote, rollback, env create, env delete - all write to the admin actions audit. Single timeline across environments. Full chain of custody from dev change to prod outcome.

§ 05 · By roleFour conversations · Four answers

The questions you'll be asked.
The answers, on hand.

Platform EngineerQ1

How do environments map to Kubernetes?

Each environment is its own namespace under the org's pattern: katonic-{org}-{env}. The namespace gets a ResourceQuota matching the env's resource profile (small/medium/large), a NetworkPolicy that blocks env-to-env traffic, and a KAI Scheduler child queue under the org's parent queue with the env's GPU policy. Atomic delete: kubectl delete namespace removes everything.

BuilderQ2

Can I promote without an admin?

Dev → test, yes. Test → prod, no - that requires the org admin role. Builders see the Promote button on the agent detail page; the modal shows the eval gate status before the action. If your eval is below threshold, the button is disabled with the failing evaluators visible.

ComplianceQ3

Where does the audit live?

Org-wide audit log with an env field on every entry. A single timeline across environments is what makes incident reconstruction possible. The audit log includes promote events (source env, target env, actor, timestamp), rollback events, env create/delete, and per-env config changes.

FinanceQ4

Can I cap dev spend separately?

Yes. Each environment gets its own monthly LLM budget in the AI Gateway. Default profiles: dev $100/mo, test $500/mo, prod $5,000+/mo. Budget exhaustion is configurable: block requests, degrade to cheaper tier, or alert-only. Budgets reset monthly and surface in the Operations Hub.

§ 06 · vs the alternativesThree environment strategies

Three environment strategies.
One that's promote-aware.

✗ GAP01

Single environment

Fast to start. Painful to scale.

Test against prod. Pray. The first incident becomes the case study for why isolation should have been there from the start. Adding it later means migrating live data, changing namespaces, and renaming everything that hardcoded a path.

+Test = prod
+No quality gate
+Rollback = git stash
+Audit can't separate envs
+Builders touch prod data

○ PARTIAL02

Environments via Helm flags

Three deployments. Three problems.

Set --set env=dev and deploy three copies. Each one is its own platform install with its own state, its own bills, its own upgrades. Promotion means manually exporting + importing. No eval gate, no shared audit.

+3× the install effort
+No promote API
+Per-env state divergence
+Manual eval enforcement
+Separate audit per env

✓ COMPLETE03

Katonic Environments

Three envs. One platform. One promote.

Three first-class environments per org with namespace isolation, scoped data stores, KAI Scheduler queues, and per-env LLM budgets. Promote API copies config. Eval gates enforced. Rollback in one click. Org-wide audit.

+Three envs from day one
+POST /v1/agents/{id}/promote
+Eval gate enforced
+One-click rollback
+Org-wide audit timeline

§ 07 · The positionThree envs · One platform · Eval-gated

Environments are the most important feature most platforms get wrong. Some skip them entirely. Some make them three full installs. Both options force the team to choose between "ship fast and pray" and "do the SRE work yourself." We picked: three environments per org from the first install, isolated by namespace, gated by eval, promotable by API. The team's first agent reaches production through a path that already includes the safety net the second one will need.
Prem Naraindas
Founder & CEO, Katonic AI
Read the founder’s letter →

§ 08 · ExploreAdjacent surfaces

Beyond environments,
where it connects.

§ A→

Evaluation

What the eval gate runs against. 7 evaluators, dataset versioning, the regression detection that blocks promote when scores drop.

§ B→

Governance

RBAC roles that gate promotion. Which roles can promote dev→test, test→prod, and the audit trail every promote produces.

§ C→

AI Gateway

Where per-environment LLM budgets live. Set $/month caps, choose budget exhaustion behaviour, override provider credentials per env.

§ 09 · Next stepsSandbox · 3 envs preconfigured

Three envs, ready.
Promote your first agent today.

Sandbox access in 24 hours. Comes with dev, test, and prod environments preconfigured, a sample agent already promoted to test, and the eval gate threshold set so you can see a promote pass and a promote fail.

Then bring your own agent and run for real.

Request sandbox →Read the Environments docs

Ready to get started?

Deploy sovereign AI on your infrastructure - in weeks, not months.

Book a demo →