Orion provides production-grade capabilities across eight architectural dimensions. Each subcategory below links to its detailed documentation.
C Creational · S Structural · B Behavioral
Click a node to expand its capabilities. Click any leaf node to jump to its documentation.
| Area | Capabilities |
|---|
| Structured Logging | JSON & pretty-print formats · Configurable log levels · Per-request context · Per-crate filtering |
| Prometheus Metrics | Request counters & error rates · Latency histograms · Circuit breaker metrics · Rate limit rejections |
| Distributed Tracing | W3C Trace Context · OpenTelemetry OTLP export · Configurable sampling rate · Per-task span tracking |
| Health Monitoring | Component-level health checks · Automatic degradation · Request ID propagation · Kubernetes liveness & readiness probes |
| Area | Capabilities |
|---|
| Circuit Breakers | Lock-free state machine · Per-connector isolation · Auto-recovery after cooldown · Admin API to inspect & reset |
| Retry & Backoff | Exponential backoff (capped 60 s) · Configurable max retries · Retryable error detection |
| Timeouts | Per-channel enforcement · Workflow execution limits · Per-connector query timeout |
| Fault Tolerance | Graceful shutdown (SIGTERM/SIGINT) · Connection draining · Dead letter queue with retry · Panic recovery middleware |
| Area | Capabilities |
|---|
| Secret Management | Auto-masked API responses · Credential isolation via connectors |
| Input Validation | Per-channel JSONLogic rules · Payload size limits · Header & query param access |
| Network Security | SSRF protection (private IP blocking) · TLS/HTTPS support · Security headers (CSP, X-Frame-Options) |
| Access Control | Admin API authentication · Per-channel CORS enforcement · Origin allowlist |
| Data Safety | Parameterized SQL queries · Injection protection · URL validation |
| Area | Capabilities |
|---|
| Rate Limiting | Token bucket algorithm · Per-client keying via JSONLogic · Platform & per-channel limits |
| Backpressure | Semaphore concurrency limits · 503 load shedding · Per-channel configuration |
| Async Processing | Multi-worker trace queue · Bounded buffer channels · DLQ retry processor |
| Horizontal Scaling | Stateless instances · Channel include/exclude filters · Multi-database backends |
| Area | Capabilities |
|---|
| Packaging | Single binary · SQLite, PostgreSQL, MySQL · Minimal footprint |
| Containerization | Multi-stage Docker build · Non-root execution · Built-in health probes |
| Configuration | TOML + env var overrides · Sensible defaults · Runtime configuration |
| Distribution | Homebrew tap · Shell & PowerShell installers · Multi-platform binaries |
| Area | Capabilities |
|---|
| Connectors | HTTP & Webhooks · Kafka pub/sub · Database (SQL) · Cache (Memory & Redis) · Storage (S3/GCS) · MongoDB (NoSQL) |
| Custom Functions | Async function handlers · Built-in function library · JSONLogic expressions |
| Channel Protocols | REST with route matching (sync) · Simple HTTP (sync) · Kafka (async) |
| Area | Capabilities |
|---|
| Hot-Reload | Zero-downtime engine swap · Channel registry rebuild · Kafka consumer restart |
| Canary Rollouts | Percentage-based traffic split · Gradual migration · Instant rollback |
| Versioning | Draft / Active / Archived lifecycle · Multi-version history · Workflow import & export |
| Performance | Response caching · Request deduplication · Connection pool caching |
| Area | Capabilities |
|---|
| Admin APIs | Full CRUD for all entities · Version management · Engine control · OpenAPI / Swagger UI |
| CI/CD Integration | Bulk import & export · Pre-deploy validation · GitOps-friendly |
| Testing | Dry-run execution · Workflow validation · Step-by-step traces |
| Operations | Audit logging · Database backup & restore · Config validation CLI |