High Availability Deployment
Enterprise
Deploy the CodeRaft platform with redundancy, streaming replication and centralized monitoring using docker-compose-ha.yml.
Overview
The HA deployment extends the standard single-node docker-compose.yml with redundancy at every layer. It is designed for production environments where downtime and data loss are unacceptable.
Architecture
Nginx (reverse proxy, port 3000)
|
+--- API instance 1 (EntraGuard / Ravenscan / RedFox)
+--- API instance 2 (EntraGuard / Ravenscan / RedFox)
|
PostgreSQL primary ---streaming replication--- PostgreSQL replica
|
Redis Sentinel (3 nodes)
| master election + failover
Redis primary ---replication--- Redis replica
|
Neo4j (single instance)
|
Loki <--- Promtail (log collection from all containers)
|
Grafana (dashboards, port 3001) Components
PostgreSQL streaming replication
Primary + read replica with streaming replication. The replica receives WAL records in real-time. If the primary fails, the replica can be promoted manually. All products share the same PostgreSQL cluster.
Redis Sentinel
3 Sentinel nodes monitor the Redis primary. Automatic failover if the primary becomes unreachable (quorum of 2). Application clients use Sentinel-aware connections for transparent failover.
Multi-instance APIs
2 instances of each product API behind the Nginx load balancer (round-robin). Stateless request handling — session state is in PostgreSQL and Redis, not in memory.
Loki + Promtail + Grafana
Centralized logging and monitoring stack. Promtail collects logs from all containers and forwards them to Loki. Grafana provides dashboards for audit logs, scan results, session activity and system health.
Deployment
HA requires two servers (physical or virtual). The Setup Wizard guides you through choosing the role of each node, similar to Azure AD Connect's primary/secondary model.
Node 1 — Primary
- Install on the primary server Install (primary)
# Linux / macOS curl -fsSL https://install.coderaft.io | bash # Windows (PowerShell as Administrator) irm https://install.coderaft.io/win | iex - Activate and choose role Open
http://localhost:3000— in the Setup Wizard:- Activate your Enterprise licence
- In the "High Availability" step, select "Primary node"
- The wizard generates a join token — copy it for the secondary node
- Configure database passwords and network settings
- Start the HA stack Start HA (primary)
docker compose -f docker-compose-ha.yml up -d --build
Node 2 — Secondary
- Install on the secondary server Install (secondary)
# Linux / macOS curl -fsSL https://install.coderaft.io | bash # Windows (PowerShell as Administrator) irm https://install.coderaft.io/win | iex - Join the primary Open
http://localhost:3000— in the Setup Wizard:- Select "Secondary node"
- Enter the primary node IP/hostname (e.g.,
192.168.1.10) - Paste the join token from the primary
- The wizard validates connectivity and starts replication
- Verify replication Verify replication
# On the secondary node — check replication status docker compose -f docker-compose-ha.yml ps docker compose -f docker-compose-ha.yml logs postgres-replica --tail 20 docker compose -f docker-compose-ha.yml exec redis-sentinel redis-cli -p 26379 SENTINEL master mymaster
- 5432 — PostgreSQL streaming replication
- 6379 — Redis replication
- 26379 — Redis Sentinel
- 3001 — Dashboard API (health check + sync)
Monitoring (Grafana)
Grafana is available at http://localhost:3001 (default credentials are set in the environment file). Pre-configured dashboards include:
- System overview — container health, resource usage, uptime
- Audit log stream — real-time view of WORM audit entries across all products
- Scan activity — EntraGuard and Ravenscan scan durations, success/failure rates
- Session monitoring — RedFox active sessions, connection counts, latency
- Database replication — PostgreSQL replication lag, Redis Sentinel status
SIEM integration
The Loki log pipeline can forward events to external SIEM systems. Configure log forwarding in Settings → Integrations or export from Grafana to:
Supported platforms
Linux
Ubuntu 20.04+, Debian 11+, RHEL 8+, CentOS Stream 8+
Windows
Windows Server 2019+ or Windows 10/11 with Docker Desktop (WSL2 backend)
macOS
macOS 12+ with Docker Desktop (Apple Silicon or Intel)
Both primary and secondary nodes can run on different operating systems. Docker is the only runtime dependency.
Limitations
- Neo4j is single-instance in the current HA setup (Neo4j clustering requires Enterprise Edition)
- PostgreSQL failover is manual — automatic promotion with Patroni is planned
- Kubernetes deployment (Helm charts) is planned but not yet available
Hardware requirements (HA)
Each node (primary and secondary) requires:
- 8 GB RAM minimum (16 GB recommended)
- 4 vCPU
- 50 GB disk (SSD recommended for database performance)
- Network latency between nodes < 10 ms recommended
Need help with HA deployment? Contact [email protected]. For Enterprise licensing, reach out to [email protected].