Skip to main content

Azure Deployment Guide

This guide walks you through deploying a Datafi edge server on Azure Container Instances (ACI), with Azure Cache for Redis as a vector database and Azure Blob Storage for document and certificate storage.

Architecture

Prerequisites

  • An active Azure subscription
  • Azure CLI installed and authenticated (az login)
  • A Datafi edge key (obtain from the Datafi coordinator admin panel)
  • Docker image access to datafi/edge

Step 1: Create a Resource Group

Create a dedicated resource group for your Datafi deployment.

az group create \
--name datafi-rg \
--location eastus

Step 2: Deploy Azure Cache for Redis

Azure Cache for Redis serves as the vector database for document embeddings and cached query results.

# Create a Redis instance (Standard C1 tier)
az redis create \
--name datafi-redis \
--resource-group datafi-rg \
--location eastus \
--sku Standard \
--vm-size c1 \
--enable-non-ssl-port false \
--minimum-tls-version 1.2

Wait for the Redis instance to finish provisioning (this typically takes 15-20 minutes).

# Retrieve the connection details
az redis show \
--name datafi-redis \
--resource-group datafi-rg \
--query "{hostname:hostName, port:sslPort}" \
--output table

# Retrieve the access key
az redis list-keys \
--name datafi-redis \
--resource-group datafi-rg \
--query primaryKey \
--output tsv

Save the hostname and primary key for use in the container configuration.

Step 3: Create Azure Blob Storage

Azure Blob Storage is used for document storage, certificate storage, and large object caching.

# Create a storage account
az storage account create \
--name datafistorage \
--resource-group datafi-rg \
--location eastus \
--sku Standard_LRS \
--kind StorageV2 \
--min-tls-version TLS1_2 \
--allow-blob-public-access false

# Create containers for different purposes
az storage container create \
--name documents \
--account-name datafistorage

az storage container create \
--name certificates \
--account-name datafistorage

az storage container create \
--name cache \
--account-name datafistorage

Retrieve the connection string:

az storage account show-connection-string \
--name datafistorage \
--resource-group datafi-rg \
--query connectionString \
--output tsv

Step 4: Deploy the Edge Server on ACI

Deploy the Datafi edge server as an Azure Container Instance.

az container create \
--name datafi-edge \
--resource-group datafi-rg \
--image datafi/edge:latest \
--cpu 2 \
--memory 4 \
--ports 8000 50051 \
--environment-variables \
MODE=edge \
CACHE_ENABLED=true \
LOG_LEVEL=info \
--secure-environment-variables \
EDGE_KEY=your-edge-key-here \
REDIS_URL="rediss://datafi-redis.redis.cache.windows.net:6380,password=YOUR_REDIS_KEY,ssl=True" \
STORAGE_CONNECTION_STRING="YOUR_BLOB_CONNECTION_STRING" \
--restart-policy Always \
--location eastus
warning

Use --secure-environment-variables for sensitive values like EDGE_KEY, REDIS_URL, and STORAGE_CONNECTION_STRING. These are not exposed in the container's metadata.

Step 5: Verify the Deployment

Check that the container is running:

az container show \
--name datafi-edge \
--resource-group datafi-rg \
--query "{status:instanceView.state, ip:ipAddress.ip, ports:ipAddress.ports}" \
--output table

Verify the health endpoint:

# Replace with your container's IP address
curl https://<CONTAINER_IP>:8000/health

Expected response:

{
"status": "healthy",
"version": "1.12.0",
"uptime": "2m30s"
}

Check the container logs:

az container logs \
--name datafi-edge \
--resource-group datafi-rg

Step 6: Configure Networking (Optional)

For production deployments, place the container in a virtual network to restrict access.

# Create a virtual network and subnet
az network vnet create \
--name datafi-vnet \
--resource-group datafi-rg \
--location eastus \
--address-prefix 10.0.0.0/16 \
--subnet-name datafi-subnet \
--subnet-prefix 10.0.1.0/24

# Delegate the subnet to Azure Container Instances
az network vnet subnet update \
--name datafi-subnet \
--resource-group datafi-rg \
--vnet-name datafi-vnet \
--delegations Microsoft.ContainerInstance/containerGroups

# Redeploy the container in the VNet
az container create \
--name datafi-edge \
--resource-group datafi-rg \
--image datafi/edge:latest \
--cpu 2 \
--memory 4 \
--ports 8000 50051 \
--environment-variables \
MODE=edge \
CACHE_ENABLED=true \
--secure-environment-variables \
EDGE_KEY=your-edge-key-here \
REDIS_URL="rediss://datafi-redis.redis.cache.windows.net:6380,password=YOUR_REDIS_KEY,ssl=True" \
STORAGE_CONNECTION_STRING="YOUR_BLOB_CONNECTION_STRING" \
--vnet datafi-vnet \
--subnet datafi-subnet \
--restart-policy Always \
--location eastus

Resource Sizing

ComponentMinimumRecommendedNotes
Edge Server CPU1 vCPU2 vCPUScale up for concurrent query workloads
Edge Server Memory2 GB4 GBIncrease for large result sets
RedisStandard C0Standard C1C1 provides 6 GB cache; scale for embedding volume
Blob StorageStandard LRSStandard LRSGRS for cross-region redundancy

Cleanup

To remove all resources created in this guide:

az group delete \
--name datafi-rg \
--yes \
--no-wait

Next Steps