Requirements
Hardware sizing, platform compatibility, OS support, and network requirements.
About
Hardware tiers, supported platforms, and the network ports each service uses. Read this first to size your environment before running Docker Compose.
Hardware tiers
| Tier | Use case | CPU | RAM | Disk |
|---|---|---|---|---|
| Evaluation | Local trial, single user | 4 cores | 8 GB | 20 GB |
| Team | 1–20 users, regular eval runs | 8 cores | 16 GB | 50 GB |
| Production | 20+ users, high throughput | 16+ cores | 32+ GB | 200 GB+ SSD |
Resource drivers: ClickHouse and Temporal worker each hold ~1 GB RAM at steady state. First image build is ~6 GB disk. ClickHouse grows with trace volume; Postgres stays small.
Tip
Docker Desktop (Mac/Windows): Settings → Resources → set RAM ≥ 8 GB, disk ≥ 64 GB. The defaults (2–4 GB RAM) will OOM-kill ClickHouse or the backend.
Software
| Requirement | Minimum | Verify |
|---|---|---|
| Docker Engine | 24.0+ | docker --version |
| Docker Compose | v2.20+ | docker compose version |
brew install docker docker-compose colima
colima start --cpu 4 --memory 8 --disk 64Or install Docker Desktop for Mac and allocate ≥ 8 GB RAM in Settings → Resources.
sudo apt-get install -y docker.io docker-compose-v2
sudo systemctl enable --now docker
sudo usermod -aG docker $USER # log out and back inInstall Docker Desktop for Windows with WSL 2 backend. Allocate ≥ 8 GB RAM in Settings → Resources.
Platform compatibility
The code-executor service requires privileged: true. Platforms that block it will crash the service; the rest of the stack still runs.
| Platform | Supported | Notes |
|---|---|---|
| Linux bare metal / EC2 / GCE / Azure VM | Yes | Full support |
| GKE / EKS with privileged enabled | Yes | Requires PodSecurityPolicy exception |
| ECS Fargate | No | privileged: true not supported |
| Google Cloud Run | No | Same |
| Render / Railway / Fly.io | No | Managed platforms block privileged mode |
Ports reference
All ports are configurable via .env.
| Service | Default | Exposed to | .env key |
|---|---|---|---|
| Frontend | 3000 | 0.0.0.0 | FRONTEND_PORT |
| Backend API | 8000 | 0.0.0.0 | BACKEND_PORT |
| Gateway | 8090 | Internal only | GATEWAY_PORT |
| Model serving | 8080 | Internal only | SERVING_PORT |
| Code executor | 8060 | Internal only | CODE_EXECUTOR_PORT |
| Postgres | 5432 | 127.0.0.1 (dev: public) | PG_PORT |
| ClickHouse HTTP | 8123 | 127.0.0.1 (dev: public) | CH_HTTP_PORT |
| ClickHouse TCP | 9000 | 127.0.0.1 (dev: public) | CH_PORT |
| Redis | 6379 | 127.0.0.1 (dev: public) | REDIS_PORT |
| MinIO API | 9005 | 127.0.0.1 | MINIO_API_PORT |
| MinIO console | 9006 | 127.0.0.1 | MINIO_CONSOLE_PORT |
| Temporal | 7233 | 127.0.0.1 (dev: public) | TEMPORAL_PORT |
| Temporal UI | 8085 | Dev mode only | TEMPORAL_UI_PORT |
| PeerDB server | 9900 | 127.0.0.1 | PEERDB_PORT |
| PeerDB UI | 3001 | 0.0.0.0 | PEERDB_UI_PORT |
In production, only the frontend and backend ports should be internet-facing, and only behind a TLS-terminating reverse proxy.