Skip to main content

Discovery & Registry Deployment

Full deployment guide for Discovery & Registry services.

Prerequisites

  • Docker Engine 24+ with Compose v2
  • 2 GB RAM available for containers
  • Port 8443 available
  • GHCR access token (provided by Watchlight AI)

Install

cd deploy/tier1-discovery/docker-compose
./bootstrap.sh

The bootstrap script will:

  1. Validate prerequisites (Docker 24+, Compose v2)
  2. Collect configuration (domain, version, log level)
  3. Pull container images from GHCR
  4. Generate secrets (never stored on disk)
  5. Start all services
  6. Register discovery scanner
  7. Export self-signed CA cert (localhost mode)

Access

EndpointPurpose
https://localhost:8443Registry Dashboard
https://localhost:8443/api/v1/serversRegistry API
https://localhost:8443/topologyTopology Graph

Dashboard Authentication

By default, the Registry dashboard is accessible without authentication. See Authentication for OIDC and LDAP configuration.

Commands

# Re-run bootstrap (if services are already running, just shows URLs)
./docker-compose/bootstrap.sh

# View logs
docker compose -f docker-compose/docker-compose.yml logs -f

# Stop (preserves data)
docker compose -f docker-compose/docker-compose.yml down

# Full reset (removes all data)
./docker-compose/bootstrap.sh --reset

Upgrade to Authorization

Ready for Cedar authorization policies? See the Authorization Deployment guide.