Mythal
azure deploy
Deployment · prepared, not yet deployed

Ship Mythal to Azure.

Everything is staged to deploy the full stack — all containers — to your Azure subscription for the CSX live demo. Two paths: a faithful Docker VM (recommended) and a managed Container Apps control plane. Nothing runs until you say go.

The recommended path → Managed option Print as PDF
IaC
Terraform
Managed option
Bicep · ACA
One command
deploy.ps1
Containers
19
full stack
Time to up
~10 min
Tear down
1 cmd
Choose a path

Two ways, both ready in deploy/azure/

Path A · recommended

Docker VM (full fidelity)

One Ubuntu VM runs the entire stack via Compose — including the live docker ps container-proof and the in-container terminal. This is the path for the CSX live demo: faithful, fast, everything works.

Terraform → VM + VNet + NSG → ship repo → compose up

Path B · enterprise

Container Apps (managed)

Managed Azure Container Apps for the control plane (api + console) + Azure Postgres + Redis, images from ACR. For a managed, scalable control plane.

Note: no Docker daemon → run the lab targets on a VM/AKS.

Path A

Deploy the full stack in one command

# prereqs: az login · Terraform · an SSH key cd deploy/azure ./deploy.ps1 -AdminCidr "<your-ip>/32" # for a customer demo, lock the audience too: ./deploy.ps1 -AdminCidr "<you>/32" ` -AudienceCidr "<customer-cidr>/32" # tear down afterwards: cd deploy/azure/vm; terraform destroy
What you get
1

Terraform provisions

VM + VNet + NSG (22 to you, 3090/8090 to the audience).

2

Repo shipped

Tar + scp (excludes node_modules/.next/.git).

3

Stack up

Lab + control plane built and started; catalog synced.

Console & API

http://<vm-ip>:3090 · login ciso@mythal.io / demo.

Sizing: D4s_v5 floor, D8s_v5 comfortable. OS disk 128 GB. First boot pulls images + middleware (~10 min).

Path B

Managed control plane on Container Apps

# build + push images to ACR az acr build -r <acr> -t mythal-api:latest ` -f apps/api/Dockerfile . az acr build -r <acr> -t mythal-console:latest ` apps/console # deploy api + console + Postgres + Redis az deployment group create -g rg-mythal ` -f deploy/azure/aca/main.bicep ` -p acrName=<acr> postgresAdminPassword=<pw>
What it provisions
  • Container Apps environment + Log Analytics
  • api + console as Container Apps (external ingress, autoscale)
  • Azure Database for PostgreSQL Flexible Server
  • Azure Cache for Redis (TLS)
  • System-assigned identity → ACR pull
!
Daemon-lessThe live docker ps proof + in-container terminal need a real Docker daemon — run the lab targets on a VM/AKS and peer the VNet. Everything else works in ACA.
Before a customer-facing URL

Production hardening checklist

Network

TLS + domain

Front with App Gateway / Front Door (or Caddy on the VM). Private networking for Postgres/Redis.

Identity

SSO

Replace the demo login with OIDC/SAML; managed identity + Key Vault for secrets.

Supply chain

Image security

Defender for Containers, signed images, pinned digests.

Operations

Backups + alerts

DB backups, Log Analytics, alerts, autoscale policies.

Staged and ready in deploy/azure/. Say the word and it goes live in your subscription in about ten minutes.