This section walks you through deployment strategies and platform requirements for running Midaz. Set up your environment, meet the prerequisites, and follow our best practices to ensure a secure, scalable, and reliable setup.

📘

Start with the architecture

Before you deploy, check out the Midaz Architecture Overview. Understanding how the components work together will help you make informed decisions during setup.

Deployment strategies

---

You manage the infrastructure in both Midaz modules, Community and Enterprise. We strongly recommend using Kubernetes with our Helm Charts. This approach simplifies deployment and scaling, especially if using the Enterprise edition, which includes support and modular microservices.

That said, you can choose the deployment strategy that fits your needs.

Deploying with Kubernetes

Our official Helm Charts are the recommended method. They offer a fast and flexible way to install Midaz in a Kubernetes environment.

You can either plug Midaz into your existing databases and services or use the default components provided in the Helm chart. This setup adapts to different infrastructure needs and supports production-grade deployments.

For a step-by-step guide, check the Deploying using Helm documentation.

Self-managed deployment

If you prefer full control, you can deploy Midaz manually. The project is already configured to run with Docker, which makes local or small-scale setups straightforward.

You can also adapt it to your own infrastructure, whether you're using a different orchestrator or running directly on virtual machines or bare metal.

For instructions, check the Installing Midaz page.

Platform requirements

---

You're already aligned with the required versions using our default Helm configuration. If you're bringing your own infrastructure components, make sure you meet the minimum supported versions:

These versions are required to guarantee platform stability and performance.

Best practices

---

Access to the infrastructure

• Use least privilege policies when connecting to databases.
• Block direct access to databases by default. Only allow it in exceptional cases with approval.
• Store secrets securely using tools like HashiCorp Vault.
• Use dedicated tools for safe access to production data.

Redundancy and high availability

• Enable replication and backups for both Midaz and your databases.
• Use load balancers to route traffic across services evenly.

Network security

• Run your services inside VPCs to isolate critical components.
• Use NAT gateways or proxies for outbound connections.
• Apply security groups or firewall rules to restrict access to required ports and IPs.

Data persistence and storage

• Use replicated databases to support high availability and recovery.
• Choose scalable storage solutions that match your data growth.
• Use Redis for caching and background message management.

Observability

• Integrate tools that monitor logs, traces, and metrics.
• Midaz supports observability through OpenTelemetry, making detecting and resolving issues easier.

Shared Responsibilities

---

Running Midaz is a shared responsibility. Lerian provides the platform, tooling, and support. You’re responsible for your infrastructure and access policies.

Lerian is responsible for:

• Release management: Delivers updates through Helm Charts, including core services and the Console.
• Change communication: Shares detailed changelogs with impact guidance.
• Authentication and authorization: Manages access control for Enterprise accounts.
• Account Center administration: Manages external identities and permissions for Enterprise users.

You are responsible for:

• Infrastructure availability: Ensure uptime of your servers and services.
• Security and networking: Set up firewall rules, VPCs, and secure network paths.
• Data protection: Enforce encryption and limit access to sensitive data.
• Version updates: Apply updates provided by Lerian.
• Access control: Manage users and roles through the Account Center.
• Backup and recovery: Run regular backups and test your recovery processes.