Installation & Deployment
RedCloud CSPM ships as a set of containerized services. This section covers every way to run it — local development, Docker Compose, Kubernetes, and the customer deployment package — plus full configuration and troubleshooting references.
The services
Section titled “The services”| Service | Default port | Role |
|---|---|---|
Backend (FastAPI api.app:app) | 9900 | REST API; in production it also serves the built React frontend |
| Frontend dev server (Vite) | 8200 | Local development only |
| License server | 7700 | License activation and validation |
| PostgreSQL 16 | 5432 | Application database (connection pool 2–20) |
| Scheduler | — | Runs scheduled scans and the RedCloud Brain cycles (no listening port) |
In production the backend serves the frontend on 9900, so you expose a single port behind your reverse proxy.
Prerequisites
Section titled “Prerequisites”| Requirement | Version | Notes |
|---|---|---|
| Python | 3.12+ | Backend runtime |
| Node.js | 18+ (20 recommended) | Frontend build only |
| PostgreSQL | 16 | Application database |
| Docker + Compose | Compose v2 | Recommended deployment path |
| gcloud CLI | current | Used at runtime for GCP collection and credential checks |
Choosing a deployment method
Section titled “Choosing a deployment method”| Method | Use it when | Guide |
|---|---|---|
| Local development | You’re developing or evaluating on a workstation | Local Development |
| Docker Compose | Single-host production or staging | Docker Deployment |
| Kubernetes | Scaled / managed production | Kubernetes Deployment |
| Customer package | Shipping a self-contained install to a customer host | Customer Deployment |
Before going to production, read the Configuration reference — RedCloud refuses to start in production if required secrets are missing or insecure settings are detected.