Deployment Checklist

A practical checklist for planning a RADAR self-hosted deployment. Align your infrastructure, networking, storage, and security teams before deployment.

Infrastructure

  • Name
    Compute
    Type
    string
    Description

    Docker Engine 24+ on Linux x86_64 or ARM64. 8GB RAM, 4 vCPUs for evaluation. 16GB+ RAM, 8+ vCPUs for production.

  • Name
    Storage
    Type
    string
    Description

    50GB+ available for evidence. SSD recommended. Plan for ~1GB per 10K traces with findings.

  • Name
    Container runtime
    Type
    string
    Description

    Docker 24+ or containerd 1.6+. Kubernetes 1.24+ with CSI storage driver for production.

  • Name
    Backup
    Type
    string
    Description

    Live backup without downtime. Recommended: daily snapshots with 30-day retention.

Networking

  • Name
    Dashboard access
    Type
    string
    Description

    Port 8080 (configurable). Restrict to internal network or VPN. No public exposure required.

  • Name
    Evidence sources
    Type
    string
    Description

    Outbound to LLM gateways, model APIs, and agent telemetry. Configure per-source.

  • Name
    SIEM forwarding
    Type
    string
    Description

    Outbound to Splunk HEC or syslog. TCP 514 or HTTPS 443.

  • Name
    DNS
    Type
    string
    Description

    No external DNS required in air-gapped mode. Internal DNS for artifact registry and SIEM only.

Security

  • Name
    Authentication
    Type
    string
    Description

    OIDC and SAML 2.0 for dashboard. Local accounts for evaluation. API tokens for programmatic access.

  • Name
    Encryption at rest
    Type
    string
    Description

    Fernet (AES-128-CBC + HMAC). Keys managed via env var or mounted secrets (Vault, AWS, Kubernetes).

  • Name
    Encryption in transit
    Type
    string
    Description

    TLS 1.3 for all communication (planned for a future release). Self-signed certificates for air-gapped deployments.

  • Name
    Audit logging
    Type
    string
    Description

    All admin actions logged: authentication, config changes, evidence export, data deletion.

  • Name
    Secrets management
    Type
    string
    Description

    API keys, tokens, license keys via environment variables or mounted secrets.

Operations

  • Name
    Monitoring
    Type
    string
    Description

    Health endpoint at /health. Prometheus metrics for ingestion rate, storage usage, API latency.

  • Name
    Upgrades
    Type
    string
    Description

    Rolling upgrades. Backward compatibility for 2+ minor versions. Test in staging first.

  • Name
    Incident response
    Type
    string
    Description

    Failure mode: collection stops, evidence preserved. Recovery: restart, backlog auto-processed.

  • Name
    Scaling
    Type
    string
    Description

    Single-node: 10K+ traces/day. Multi-node: 100K+. Evidence store scales independently from compute.

Was this page helpful?