Deployment Checklist
A practical checklist for planning a RADAR self-hosted deployment. Align your infrastructure, networking, storage, and security teams before deployment.
Infrastructure
- Name
Compute- Type
- string
- Description
Docker Engine 24+ on Linux x86_64 or ARM64. 8GB RAM, 4 vCPUs for evaluation. 16GB+ RAM, 8+ vCPUs for production.
- Name
Storage- Type
- string
- Description
50GB+ available for evidence. SSD recommended. Plan for ~1GB per 10K traces with findings.
- Name
Container runtime- Type
- string
- Description
Docker 24+ or containerd 1.6+. Kubernetes 1.24+ with CSI storage driver for production.
- Name
Backup- Type
- string
- Description
Live backup without downtime. Recommended: daily snapshots with 30-day retention.
Networking
- Name
Dashboard access- Type
- string
- Description
Port 8080 (configurable). Restrict to internal network or VPN. No public exposure required.
- Name
Evidence sources- Type
- string
- Description
Outbound to LLM gateways, model APIs, and agent telemetry. Configure per-source.
- Name
SIEM forwarding- Type
- string
- Description
Outbound to Splunk HEC or syslog. TCP 514 or HTTPS 443.
- Name
DNS- Type
- string
- Description
No external DNS required in air-gapped mode. Internal DNS for artifact registry and SIEM only.
Security
- Name
Authentication- Type
- string
- Description
OIDC and SAML 2.0 for dashboard. Local accounts for evaluation. API tokens for programmatic access.
- Name
Encryption at rest- Type
- string
- Description
Fernet (AES-128-CBC + HMAC). Keys managed via env var or mounted secrets (Vault, AWS, Kubernetes).
- Name
Encryption in transit- Type
- string
- Description
TLS 1.3 for all communication (planned for a future release). Self-signed certificates for air-gapped deployments.
- Name
Audit logging- Type
- string
- Description
All admin actions logged: authentication, config changes, evidence export, data deletion.
- Name
Secrets management- Type
- string
- Description
API keys, tokens, license keys via environment variables or mounted secrets.
Operations
- Name
Monitoring- Type
- string
- Description
Health endpoint at /health. Prometheus metrics for ingestion rate, storage usage, API latency.
- Name
Upgrades- Type
- string
- Description
Rolling upgrades. Backward compatibility for 2+ minor versions. Test in staging first.
- Name
Incident response- Type
- string
- Description
Failure mode: collection stops, evidence preserved. Recovery: restart, backlog auto-processed.
- Name
Scaling- Type
- string
- Description
Single-node: 10K+ traces/day. Multi-node: 100K+. Evidence store scales independently from compute.