Docker Deployment

Docker Deployment Guide

Deploy Lelu using Docker containers for development and production environments. All components are available as pre-built images on Docker Hub.

Available Docker Images

Engine

Core authorization engine with policy evaluation

leluauth/lelu-engine:latest

Platform

Control plane API for policies and audit logs

leluauth/lelu-platform:latest

UI

Web dashboard for monitoring and management

leluauth/lelu-ui:latest

MCP

Model Context Protocol server

leluauth/lelu-mcp:latest

Multi-Architecture Support: All images support both linux/amd64 and linux/arm64 architectures.

Docker automatically pulls the correct architecture for your system (Intel/AMD or Apple Silicon/ARM).

Quick Start

1. Pull Images

terminal
docker pull leluauth/lelu-engine:latest
docker pull leluauth/lelu-platform:latest
docker pull leluauth/lelu-ui:latest
docker pull leluauth/lelu-mcp:latest

2. Download Compose File

terminal
curl -O https://raw.githubusercontent.com/lelu-auth/lelu/main/docker-compose.production.yml

3. Start Services

terminal
docker-compose -f docker-compose.production.yml up -d

Services Available

Engine API: http://localhost:8083
Platform API: http://localhost:9091
Web UI: http://localhost:3002
MCP Server: http://localhost:3003

Environment Configuration

Create a .env file to customize your deployment:

.env
# Required: Generate secure keys
JWT_SIGNING_KEY=your_jwt_signing_key_here
API_KEY=your_api_key_here
PLATFORM_API_KEY=your_platform_api_key_here
POSTGRES_PASSWORD=your_secure_postgres_password

# Optional: Incident webhooks
INCIDENT_WEBHOOK_URL=https://hooks.slack.com/your-webhook
INCIDENT_WEBHOOK_SLACK_MODE=true

# Optional: Rate limiting
TENANT_AUTH_RATE_LIMIT=100
TENANT_MINT_RATE_LIMIT=50

# Optional: Risk thresholds
RISK_ALLOW_THRESHOLD_LOW=0.30
RISK_REVIEW_THRESHOLD_LOW=0.55
Security: Generate secure keys using openssl rand -base64 32 and never commit them to version control.

Production Deployment

Resource Requirements

Minimum (Development)
• CPU: 2 cores
• RAM: 4GB
• Storage: 10GB
Recommended (Production)
• CPU: 4+ cores
• RAM: 8GB+
• Storage: 50GB+ SSD

Health Checks

All containers include health checks. Monitor service status:

terminal
# Check service health
docker-compose -f docker-compose.production.yml ps

# View logs
docker-compose -f docker-compose.production.yml logs -f engine

Backup & Persistence

Data is persisted in Docker volumes. Back up your data regularly:

terminal
# Backup PostgreSQL data
docker exec lelu-postgres pg_dump -U lelu lelu > backup.sql

# Backup Redis data
docker exec lelu-redis redis-cli BGSAVE

Troubleshooting

Services won't start

Check if ports are already in use:

netstat -tulpn | grep :8083

Database connection errors

Ensure PostgreSQL is healthy before starting other services:

docker-compose -f docker-compose.production.yml up postgres

Permission denied errors

Check file permissions for mounted volumes:

sudo chown -R 1000:1000 ./config
Previous: InstallationNext: Architecture