> ## Documentation Index
> Fetch the complete documentation index at: https://docs.guardway.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Requirements

> Hardware, software, and network requirements for running a Guardway gateway.

What you need to run a Guardway gateway in development or production. The gateway ships as a Docker image; you don't install any language runtimes on the host.

## Hardware

<CardGroup cols={2}>
  <Card icon="code" title="Development">
    * **CPU**: 2 cores
    * **RAM**: 4 GB
    * **Disk**: 2 GB free
    * **Network**: standard internet connection
  </Card>

  <Card icon="server" title="Production">
    * **CPU**: 4 cores (8+ recommended)
    * **RAM**: 8 GB (16+ recommended)
    * **Disk**: 100 GB free — logs, Redis persistence, cache
    * **Network**: 1 Gbps interface recommended
  </Card>
</CardGroup>

## Software

<Steps>
  <Step title="Docker 24.0+ with Compose v2">
    ```bash theme={null}
    docker --version
    docker compose version
    ```
  </Step>

  <Step title="Redis 7+ (production)">
    Required for caching, rate limiting, and shared state when running more than one gateway replica. Optional in development — the gateway falls back to in-memory storage.
  </Step>
</Steps>

<Note>
  You do **not** need Node.js, pnpm, or any language runtime on the host. The gateway container bundles everything.
</Note>

## API keys

At least one LLM provider API key is required for the gateway to serve traffic. You configure keys in the dashboard after the gateway is online — see [Connect a provider](/platform/configuration/providers). The full list of supported providers lives there; common ones include OpenAI, Anthropic, Google Gemini, Groq, and Mistral.

## Network

### Outbound (from the gateway)

* HTTPS (443) to `api.guardway.ai` — control plane.
* HTTPS (443) to each LLM provider's API.
* Docker Hub / your registry — image pulls only.

### Inbound (to the gateway)

* **Port 8080** (default) — gateway HTTP API. Must be reachable from whichever machine runs the dashboard if you want to use the Playground, Logs, or Traces against it.

## Security expectations

<Warning>
  The container image is hardened (read-only root filesystem, non-root user, dropped capabilities, restricted seccomp profile). Your container runtime needs to support those features — any recent Docker, containerd, or Kubernetes release does.
</Warning>

Secrets you'll need to store somewhere (env vars, Docker secrets, K8s secrets, Vault, Secrets Manager, Key Vault, etc.):

* The one-time **registration token** (used once at boot — see [Deployment](/guardway-gateway/deploy))
* LLM provider API keys
* TLS certificates if you terminate TLS at the gateway

## Platform-specific

<Tabs>
  <Tab title="Kubernetes">
    * Kubernetes 1.24+
    * Ingress controller (nginx, Traefik, or equivalent)
    * Persistent volume for `/var/lib/guardway` if you want cache + audit logs to survive restarts
  </Tab>

  <Tab title="AWS">
    * ECS or EKS
    * Application Load Balancer for the gateway's port 8080
    * ElastiCache Redis (production)
    * Secrets Manager for the registration token and provider keys
  </Tab>

  <Tab title="Azure">
    * AKS or Container Apps
    * Application Gateway or Azure Load Balancer
    * Azure Cache for Redis
    * Key Vault for secrets
  </Tab>

  <Tab title="GCP">
    * GKE or Cloud Run
    * Cloud Load Balancing
    * Memorystore for Redis
    * Secret Manager
  </Tab>
</Tabs>
