qbrixqbrix

Features

qbrix is a batteries-included platform for multi-armed bandit optimizations. Here's everything it ships out of the box.

Core

Experiment ManagementCreate, update, and delete experiments that link pools to bandit policies. Full lifecycle management with status tracking.
CRUD12 policies
Pool & Arm ManagementOrganize variants into pools. Each arm supports custom JSON metadata for targeting and analytics.
metadatapagination
12 Bandit PoliciesStochastic (BetaTS, GaussianTS, UCB1Tuned, KLUCB, Epsilon, MOSS, MOSSAnytime), contextual (LinUCB, LinTS), and adversarial (EXP3, FPL).
stochasticcontextualadversarial
Feature GatesControl experiment traffic with rollout percentages, time-of-day scheduling, date ranges, and a rules engine with 15+ operators.
rollout %schedulingrules
Stateless Selection TokensHMAC-signed tokens encode the full selection context. Feedback correlation requires zero server-side session state.
HMACstateless
Context-Aware SelectionPass per-request feature vectors for contextual policies. Includes context ID, vector, and arbitrary metadata.
LinUCBLinTS

Security & Access Control

Dual AuthenticationJWT bearer tokens for interactive sessions and API keys for programmatic access. Both supported on all endpoints.
JWTAPI keys
Role-Based Access ControlThree built-in roles — Admin (19 scopes), Member (18 scopes), Viewer (7 scopes, read-only). Granular per-resource permissions.
adminmemberviewer
Multi-TenancyImplicit tenant isolation via authentication. All data queries scoped by tenant. Tenants auto-created on registration.
tenant isolation
Rate LimitingSliding window counters in Redis, checked per-user and per-API-key. Plan-based limits: Free (100/min), Pro (1K/min), Enterprise (10K/min).
per-keyper-user
API Key LifecycleCreate, rotate, rename, deactivate. Usage stats and last-used tracking. Scopes configurable per key.
rotationusage stats
Workspace ManagementNamed workspaces with slug-based routing. Member listing, admin controls, and workspace-level settings.
admin-only writes

Observability & Operations

Runtime Health ChecksDedicated endpoints for Redis, motorsvc (gRPC), and cortexsvc (gRPC). Returns healthy/unhealthy status per service.
Redismotorcortex
Stream MonitoringQuery feedback queue length via xlen to detect consumer lag. Helps identify when cortexsvc falls behind on training.
consumer lag
Structured LoggingJSON format for production, text for development. Per-service log levels. Request ID propagation via contextvars for distributed tracing.
JSONrequest ID
Policy IntrospectionList all available policies with their configurable parameters, constraints, reward types, and category. Filter by reward type.
GET /policies

Console & Dashboard

DashboardReal-time KPI cards for selections, feedback, and reward metrics. Active experiment overview with live feedback stream.
real-timeKPIs
Insights DashboardTimeseries charts, arm performance analysis, convergence tracking, and feedback funnel visualization. Configurable time ranges and bucket intervals.
Enterprisetimeseriesper-arm
Event LogUnified event stream with selection, feedback, and audit event categories. Filter by type, search by request ID, and inspect event details.
Enterpriseaudit trail
Workspace ManagementInvite team members via email, assign roles (Admin, Member, Viewer), and manage workspace settings — all from the console.
invitesroles
Billing & PlansFree, Pro, and Enterprise plans. Manage subscriptions, view invoices, and upgrade directly from the console.
self-serveStripe

Enterprise

Info

Enterprise features are available on the Enterprise plan. Upgrade from the console or contact sales.

Selection & Feedback TracingEvery selection and feedback event is published to dedicated Redis Streams, consumed by tracesvc, and persisted to ClickHouse. Query traces by request ID.
EEClickHouse
Experiment AnalyticsAggregated experiment stats: total selections, default vs. ML selections, unique contexts. Timeseries data with configurable intervals.
EEtimeseries
Per-Arm InsightsPer-arm analytics including selection count, feedback count, and average reward. Identify top-performing variants at a glance.
EEper-arm stats

Feature Gate Details

The feature gate system provides three layers of traffic control, evaluated in order:

Rollout Percentage

Hash-based deterministic inclusion. A given context ID always gets the same result for the same rollout percentage — no randomness, fully reproducible.

Scheduling

Two scheduling modes:

  • Active hours — time-of-day windows with timezone support (e.g., "only serve between 9am-5pm PST")
  • Active periods — date ranges for campaign-style experiments (e.g., "Black Friday only")

Rules Engine

Metadata-based arm selection with operators:

CategoryOperators
Equalityequals, ==, eq, not_equals, !=, ne
Comparisongreater_than (>), less_than (<), greater_or_equal (>=), less_or_equal (<=)
Collectioncontains, not_contains, in, not_in

Rules match against request context metadata. When a rule matches, the gate can commit a specific arm — bypassing bandit selection entirely.

Fail-Safe Behavior

If any gate evaluation fails (bad config, missing data, unexpected error), the gate returns None and falls through to normal bandit selection. The system never blocks a request due to a gate misconfiguration.

RBAC Scopes Reference

ScopeAdminMemberViewer
pool:readyesyesyes
pool:writeyesyes
experiment:readyesyesyes
experiment:writeyesyes
agent:readyesyesyes
agent:writeyesyes
gate:readyesyesyes
gate:writeyesyes
metric:readyesyesyes
insight:readyesyesyes
trace:readyesyesyes
runtime:readyesyesyes
user:readyesyes
user:writeyesyes
user:deleteyes
system:adminyes

Rate Limits by Plan

PlanRequests / minMax API Keys
Free1001
Pro1,00010
Enterprise10,000Unlimited

Rate limits are enforced per API key and per user via sliding window counters in Redis, and apply only to operational endpoints (/api/v1/agent/select and /api/v1/agent/feedback). Management endpoints are not rate-limited. Each counter expires after 120 seconds.