Decklar's platform ingests heterogeneous IoT telemetry across ocean, air, road, and rail, applies multi-modal inference at petabyte scale, and orchestrates sub-second autonomous decisions for Global 2000 customers in Pharma, CPG, Chemicals, Automotive, and Logistics. That workload — event-driven, stateful per-shipment, multi-tenant, globally distributed, AI-heavy — maps almost 1:1 to Cloudflare's developer platform. We sketched out what it looks like.
Read Shailesh Mangal's public description of how Decklar is engineered. Then read Cloudflare's developer platform docs. The mapping is uncanny — to the point where each phrase he uses has a direct managed-service equivalent. Not "kind of" — exactly.
"AI-native enterprise systems from first principles: layered, event-driven architectures that integrate real-time streaming ingestion of heterogeneous IoT and telemetry signals, and long-horizon, self-enriching contextual data lakes accumulated from more than 10 years of visibility transactions. These systems include adaptive, multi-modal inference pipelines that enable sub-second autonomous decision orchestration at petabyte scale."
Your API runs on Kong API Gateway behind AWS EKS in us-east-1 — api.decklar.com and portal.decklar.com both resolve to the same Kong/EKS cluster (CNAME chain: kong.decklar.com → k8s-kong-kongkong-d7cd5b0b95-...elb.amazonaws.com).
Your marketing site runs WordPress on Apache + AWS EC2, no CDN. Your login is still on view.roambee.com post-rebrand. Mail is on Microsoft Outlook. Zero Cloudflare anywhere.
The supply chain workload is fundamentally edge-native — sensors check in from every port, every truck, every container in the world — but your architecture has it all funneling back to a single AWS region.
Ranked by impact-per-effort for your specific workload — petabyte-scale IoT telemetry × multi-modal inference × global sensor fleet.
Sensors on every ocean container, every truck, every railcar check in from anywhere on Earth. Today that traffic funnels through one AWS us-east-1 cluster. Workers at 330+ POPs ingest at the nearest edge — São Paulo POP for Brazilian fleet, Singapore POP for Asian routes, Frankfurt POP for European chains. Sub-50ms ingest, zero cross-region back-haul.
Each container, railcar, ISO tank, and reusable asset is a long-running stateful session — current location, temperature history, ETA prediction, anomaly baseline, current alerts, claim status. Durable Objects give you one DO per shipment/asset, geo-routed, hibernating when idle. Tens of millions of DOs at fleet scale, each holding state next to the compute that updates it. No external Redis or DynamoDB.
Your "adaptive, multi-modal inference pipelines" already imply multi-vendor LLM orchestration. AI Gateway sits in front of any combination of Claude, GPT, Workers AI, or self-hosted models — per-customer cost attribution, semantic cache on repeated supply-chain queries ("ETA for container X with current weather + port congestion"), full audit logs, rate-limit + fallback. One config, no code change.
Multiple Global Top 10 customers per vertical, each with their own SAP / Oracle / BlueYonder / Infor Nexus integrations, custom decision rules, and Tesco-grade reporting. Workers for Platforms dispatch namespaces give you one isolated worker per tenant — Tesco's worker, the named pharma distributor's worker, each automotive OEM's worker — all fully isolated, individually metered, no noisy-neighbor risk.
Your Decision AI catches anomalies — cold chain breach, route deviation, dwell time exceeding contract, detention threshold approaching. Today it runs after telemetry batches reach AWS. Workers AI runs the anomaly model at the same POP that received the sensor data — sub-100ms detection, no regional hop. Pair with Vectorize for similarity search across your 10-year contextual data lake.
"Long-horizon, self-enriching contextual data lakes accumulated from more than 10 years of visibility transactions" — that's a petabyte-class object store with very specific retrieval patterns (queries from RADAR, Decision AI, customer dashboards, Pulse-AI-style cross-tenant pattern learning). On R2: zero egress for every customer-facing query, every internal AI training pass, every auditor's evidence request. S3 egress is the silent margin tax at your scale.
"Sub-second autonomous decision orchestration" is durable execution language. Detect anomaly → consult tenant policy → consult historical context (vector lookup) → invoke LLM → propose action → execute via integration hub → verify outcome → close loop. Cloudflare Workflows is exactly this shape — replaces Temporal / Step Functions / AWS Lambda chains, lives next to the Workers + DOs handling the data.
Your Integration Hub exposes APIs to SAP, Oracle, BlueYonder, Transporeon, Infor Nexus + every enterprise customer's TMS/WMS. Today they hit Kong directly on AWS — no edge schema validation, no per-customer mTLS, no bot protection on sensor-ingest endpoints. API Shield reads your OpenAPI spec, enforces every contract at the edge, applies mTLS per enterprise tenant, blocks fuzzing attempts before they reach Kong.
Each capability you ship maps to a specific Cloudflare developer primitive. Not approximately — exactly.
| Decklar component | What it does | Cloudflare primitive |
|---|---|---|
| TrackerOS (sensor management) | Manages the global fleet of IoT trackers, handles agent updates + heartbeat | Workers at 330+ POPs + Workers for Platforms |
| Unified Visibility (ingest) | Real-time stream of ocean/air/road/rail signals from sensors globally | Workers + Queues + Durable Objects |
| Per-shipment session state | Location, temp, ETA, anomaly baseline, alerts, claim status — per container | Durable Objects (1 DO per shipment, hibernating actors) |
| Decision AI (multi-modal inference) | Adaptive pipelines applying LLMs + ML models to telemetry context | AI Gateway + Workers AI + multi-LLM routing |
| 10-year contextual data lake | Self-enriching historical data — every shipment, every anomaly, every resolution | R2 + Vectorize for semantic + similarity search |
| RADAR (risk monitoring) | 24×7 proactive risk anticipation across customer networks | Workers AI + Durable Objects + Logpush for audit |
| Integration Hub | SAP, Oracle, BlueYonder, Infor Nexus, Transporeon connectors | Workers + API Shield + mTLS per partner |
| Per-customer tenant isolation | Each Global Top 10 enterprise gets its own decision rules + integrations | Workers for Platforms dispatch namespaces |
| Autonomous decision orchestration | Detect → consult policy → infer → execute → verify → close loop | Workflows + Queues + Cron Triggers |
| Customer dashboards | Real-time visibility UI for each customer's supply chain ops team | Pages + Workers + WebSockets |
The compounding insight: when N customers ask similar supply-chain questions, semantic caching scales with N. "What's the ETA for this container given current weather and port congestion?" is asked thousands of times per day across customers — and the answer is highly cacheable when normalized.
Cache hits cost ~5% of a full inference call (embedding lookup + small response stitch). Adjust sliders for your actual scale. Supply-chain workloads typically run higher cache-hit rates because the question space is so repetitive across customers.
Directional. AI Gateway also adds free observability, rate limiting, fallback routing, per-tenant cost attribution, and request logging — none of which is priced into the chart above. Plus the compounding effect: as Decklar lands the next Global Top 10 customers, the cache-hit rate goes up, not down. The math compounds in your favor.
A pharma cold-chain container leaves Mumbai port heading to Frankfurt. Temperature sensor reports a 2°C deviation outside the validated envelope. Following the full path.
The Decklar tracker on the container sends its telemetry packet to ingest.decklar.com, which resolves to the closest POP — Mumbai, not AWS us-east. Round-trip time drops from ~210ms to ~12ms.
Tracker ID → customer lookup → dispatch namespace. The customer's worker — with their cold-chain SLA rules, escalation policies, and Decision AI prompts — runs in an isolated runtime. Zero noisy-neighbor risk between this pharma and the CPG customer using the same Decklar fleet.
One DO per container, geo-pinned. Loads the journey state in <5ms — origin, destination, route plan, last 24h of temperature readings, validated envelope, ETA model, current alerts. Updates with the new reading.
Workers AI runs the cold-chain anomaly model on the new reading vs. the validated envelope vs. the DO's recent history. Detects: 2°C breach, +14 min sustained, ambient at port elevated. Tags as cold-chain-breach-candidate. Total inference time: ~80ms, at the POP.
The anomaly fingerprint hits AI Gateway: "cold-chain breach, +2°C sustained, BOM port, pharma vaccine SKU class." Semantic search finds 89 similar incidents resolved in the last 30 days across other pharma customers. Cached resolution + remediation pattern returned in 30ms. No LLM call needed.
If novel, AI Gateway routes to the configured model. Rate-limited per-customer. Fallback if one provider is degraded. Full request + response logged to Logpush — including the validated cold-chain envelope, customer SLA, and the model's decision. Per-customer cost attribution recorded for the next invoice.
The Workflow starts: validate against customer escalation policy → notify the customer's QA team via Integration Hub → push event to their SAP QM module → schedule re-route consideration if breach extends → wait for confirmation → verify the response → close the loop. Durable, retry-able, with checkpoints.
Full event trace + AI decisions + remediation outcome written to R2 (zero egress when the customer's auditor later requests it for an FDA validation review). The customer's RADAR dashboard updates in real time via WebSocket. The 10-year contextual data lake gains another record. Total wall-clock time end-to-end: under 2 seconds.
Today's architecture works for the Global 2000 customers you've landed. The next tier — broader market penetration, more sensors, more verticals — is where the edge economics, multi-tenant cache math, and per-shipment state model start to dominate the unit economics. A 30-minute architecture conversation, no slides — just the engineering math and a whiteboard.
Book 30 min with Matt Holscher →