Azure Deployment Guide
This guide walks you through deploying a Datafi edge server on Azure Container Instances (ACI), with Azure Cache for Redis as a vector database and Azure Blob Storage for document and certificate storage.
Architecture
Prerequisites
- An active Azure subscription
- Azure CLI installed and authenticated (
az login) - A Datafi edge key (obtain from the Datafi coordinator admin panel)
- Docker image access to
datafi/edge
Step 1: Create a Resource Group
Create a dedicated resource group for your Datafi deployment.
az group create \
--name datafi-rg \
--location eastus
Step 2: Deploy Azure Cache for Redis
Azure Cache for Redis serves as the vector database for document embeddings and cached query results.
# Create a Redis instance (Standard C1 tier)
az redis create \
--name datafi-redis \
--resource-group datafi-rg \
--location eastus \
--sku Standard \
--vm-size c1 \
--enable-non-ssl-port false \
--minimum-tls-version 1.2
Wait for the Redis instance to finish provisioning (this typically takes 15-20 minutes).
# Retrieve the connection details
az redis show \
--name datafi-redis \
--resource-group datafi-rg \
--query "{hostname:hostName, port:sslPort}" \
--output table
# Retrieve the access key
az redis list-keys \
--name datafi-redis \
--resource-group datafi-rg \
--query primaryKey \
--output tsv
Save the hostname and primary key for use in the container configuration.
Step 3: Create Azure Blob Storage
Azure Blob Storage is used for document storage, certificate storage, and large object caching.
# Create a storage account
az storage account create \
--name datafistorage \
--resource-group datafi-rg \
--location eastus \
--sku Standard_LRS \
--kind StorageV2 \
--min-tls-version TLS1_2 \
--allow-blob-public-access false
# Create containers for different purposes
az storage container create \
--name documents \
--account-name datafistorage
az storage container create \
--name certificates \
--account-name datafistorage
az storage container create \
--name cache \
--account-name datafistorage
Retrieve the connection string:
az storage account show-connection-string \
--name datafistorage \
--resource-group datafi-rg \
--query connectionString \
--output tsv
Step 4: Deploy the Edge Server on ACI
Deploy the Datafi edge server as an Azure Container Instance.
az container create \
--name datafi-edge \
--resource-group datafi-rg \
--image datafi/edge:latest \
--cpu 2 \
--memory 4 \
--ports 8000 50051 \
--environment-variables \
MODE=edge \
CACHE_ENABLED=true \
LOG_LEVEL=info \
--secure-environment-variables \
EDGE_KEY=your-edge-key-here \
REDIS_URL="rediss://datafi-redis.redis.cache.windows.net:6380,password=YOUR_REDIS_KEY,ssl=True" \
STORAGE_CONNECTION_STRING="YOUR_BLOB_CONNECTION_STRING" \
--restart-policy Always \
--location eastus
Use --secure-environment-variables for sensitive values like EDGE_KEY, REDIS_URL, and STORAGE_CONNECTION_STRING. These are not exposed in the container's metadata.
Step 5: Verify the Deployment
Check that the container is running:
az container show \
--name datafi-edge \
--resource-group datafi-rg \
--query "{status:instanceView.state, ip:ipAddress.ip, ports:ipAddress.ports}" \
--output table
Verify the health endpoint:
# Replace with your container's IP address
curl https://<CONTAINER_IP>:8000/health
Expected response:
{
"status": "healthy",
"version": "1.12.0",
"uptime": "2m30s"
}
Check the container logs:
az container logs \
--name datafi-edge \
--resource-group datafi-rg
Step 6: Configure Networking (Optional)
For production deployments, place the container in a virtual network to restrict access.
# Create a virtual network and subnet
az network vnet create \
--name datafi-vnet \
--resource-group datafi-rg \
--location eastus \
--address-prefix 10.0.0.0/16 \
--subnet-name datafi-subnet \
--subnet-prefix 10.0.1.0/24
# Delegate the subnet to Azure Container Instances
az network vnet subnet update \
--name datafi-subnet \
--resource-group datafi-rg \
--vnet-name datafi-vnet \
--delegations Microsoft.ContainerInstance/containerGroups
# Redeploy the container in the VNet
az container create \
--name datafi-edge \
--resource-group datafi-rg \
--image datafi/edge:latest \
--cpu 2 \
--memory 4 \
--ports 8000 50051 \
--environment-variables \
MODE=edge \
CACHE_ENABLED=true \
--secure-environment-variables \
EDGE_KEY=your-edge-key-here \
REDIS_URL="rediss://datafi-redis.redis.cache.windows.net:6380,password=YOUR_REDIS_KEY,ssl=True" \
STORAGE_CONNECTION_STRING="YOUR_BLOB_CONNECTION_STRING" \
--vnet datafi-vnet \
--subnet datafi-subnet \
--restart-policy Always \
--location eastus
Resource Sizing
| Component | Minimum | Recommended | Notes |
|---|---|---|---|
| Edge Server CPU | 1 vCPU | 2 vCPU | Scale up for concurrent query workloads |
| Edge Server Memory | 2 GB | 4 GB | Increase for large result sets |
| Redis | Standard C0 | Standard C1 | C1 provides 6 GB cache; scale for embedding volume |
| Blob Storage | Standard LRS | Standard LRS | GRS for cross-region redundancy |
Cleanup
To remove all resources created in this guide:
az group delete \
--name datafi-rg \
--yes \
--no-wait
Next Steps
- Operations Guide -- configure health monitoring, graceful shutdown, and rolling updates.
- Container Deployment -- general container deployment guidance for Docker and Kubernetes.