Deployment
Production deployment options for your Sekuire agents.
Deployment Options
| Option | Best For | Infrastructure |
|---|---|---|
| sekuire run | Development, quick testing | Local |
| Docker | Single-node production | Any Docker host |
| Helm/BYOC | Kubernetes clusters | Your K8s cluster |
| Serverless | Auto-scaling workloads | Cloudflare, Fly.io, etc. |
Local Development
Use sekuire run for local testing with full bootstrap:
sekuire run --cmd "npm start"
This handles:
- Workspace registration
- Install token creation
- Heartbeat loop
- Agent process management
Docker Deployment
Use sekuire docker-init to generate production-ready Docker configuration:
sekuire docker-init --ci
This generates Dockerfile, docker-compose files, and optionally GitHub Actions CI pipeline. See sekuire docker-init for all options.
Build & Push to OCI Registry
# Login to Sekuire OCI registry
sekuire registry login
# Build image
docker build -t registry.sekuire.ai/my-org/my-agent:v1.0.0 .
# Push (includes vulnerability scanning and signing)
sekuire registry push registry.sekuire.ai/my-org/my-agent:v1.0.0
Run with Beacon
docker run -d \
-p 8000:8000 \
-e OPENAI_API_KEY=$OPENAI_API_KEY \
-e SEKUIRE_WORKSPACE_ID=ws_abc123 \
-e SEKUIRE_INSTALL_TOKEN=$INSTALL_TOKEN \
registry.sekuire.ai/my-org/my-agent:v1.0.0
The agent will automatically register with the Sekuire backend and start sending heartbeats.
Beacon Registration
For production deployments, agents should register with the Sekuire backend to enable:
- Fleet visibility in the dashboard
- Kill switch functionality
- Heartbeat monitoring and alerts
Learn more about Beacon or see the Beacon SDK for programmatic control.
Kubernetes (BYOC)
Generate a Helm chart for your cluster:
sekuire install bundle \
--workspace ws_abc123 \
--image myrepo/my-agent:v1.0.0 \
--output deploy/helm
Deploy with Helm
cd deploy/helm/my-agent-helm
# Review values.yaml
# - Set secrets (API keys)
# - Configure replicas
# - Set resource limits
helm install my-agent . -n my-namespace
Generated Files
deploy/helm/my-agent-helm/
deploy/helm/my-agent-helm/
├── Chart.yaml
├── values.yaml # Configure here
├── README.md
└── templates/
├── deployment.yaml
├── service.yaml
├── configmap.yaml
└── secret.yaml
Environment Variables
| Variable | Description |
|---|---|
SEKUIRE_WORKSPACE_ID | Target workspace |
SEKUIRE_AGENT_ID | Agent Sekuire ID |
SEKUIRE_INSTALL_TOKEN | Bootstrap token |
SEKUIRE_BACKEND_URL | API endpoint |
tip
Use sekuire install token to pre-generate tokens for CI/CD pipelines.
Next Steps
- Install Commands - Token, bundle, agent
- CLI Run - Local development
- Policies - Compliance requirements