usedifyusedify

Dify Deployment Options: Docker, Cloud & Kubernetes

A detailed comparison of Dify Cloud, Dify Docker deployment (Compose), and Kubernetes modes, with expert configuration advice.

Dify Deployment Modes Guide

Dify offers three core usage modes to suit different needs:

  1. Dify Cloud (SaaS): Ready-to-use, maintenance-free.
  2. Private Deployment (Docker Compose): Ideal for small to medium-scale projects or POC phases.
  3. Enterprise Cluster Deployment (Kubernetes/Helm): Best for high-availability, large-scale production environments.

Deployment Modes Comparison

FeatureDify Cloud (SaaS)Docker Compose (Private)Kubernetes (Enterprise)
Use CaseFast POC, non-sensitive business, no DevOps teamInternal tools, sensitive data, small-medium productionLarge-scale public services, high availability, multi-tenant
Data SovereigntyData stored on Dify CloudData fully localizedData fully localized
Infra CostUsage-based / SubscriptionSelf-provided server resourcesSelf-provided cluster & cloud services
Ops ComplexityZero maintenanceMedium (Single machine management)High (Requires K8s expertise)
ScalabilityDependent on platform quotaLimited by single machine capacityNative elastic scaling (HPA)
ComplianceSOC2 (Platform-dependent)Full control, easy GDPR/ComplianceFull control, complex network isolation

For detailed differences and pricing, please refer to: Dify Pricing

1. Dify Cloud (SaaS)

Before deciding on a private deployment, Dify Cloud (dify.ai) is an excellent way to start. It provides the same functional experience as the open-source version but eliminates the burden of infrastructure maintenance.

Getting started is easy:

  1. Visit dify.ai and click Get Started.

    Get Started

  2. You can log in using Email, Google, or GitHub.

    Login

  3. After logging in, you'll enter the dashboard and can start your Dify journey immediately.

2. Private Deployment via Docker Compose

For developers with technical expertise or projects requiring data privacy, Docker Compose is the standard and efficient choice.

2.1 Infrastructure & Environment Tuning

Dify includes several memory-intensive components. Insufficient resources can lead to Out-Of-Memory (OOM) crashes.

2.1.1 Hardware Base Baseline

  • CPU: Minimum 2 vCPU; 4 vCPU recommended for production.
  • RAM: Minimum 4GB; 8GB recommended (especially if using a local vector database).
  • Disk: SSD recommended, with at least 50GB reserved in the root partition.

2.1.2 Software Dependencies

  • Docker Engine: Version >= 19.03.
  • Docker Compose: Use V2 (command: docker compose).
  • System Parameters: Increase vm.max_map_count for components like Weaviate. 
    sysctl -w vm.max_map_count=262144
echo "vm.max_map_count=262144" >> /etc/sysctl.conf

2.2 Deployment Process

Step 1: Get Source Code & Lock Version Always use a Tagged version in production for stability.

Release Tag

git clone https://github.com/langgenius/dify.git
cd dify/docker
latest_tag=$(curl -s https://api.github.com/repos/langgenius/dify/releases/latest | jq -r .tag_name)
git checkout $latest_tag

Step 2: Environment Configuration

cp .env.example .env

The following is a list of key variables to note during deployment:

ModuleVariableRecommended Configuration
SecuritySECRET_KEYHigh Risk. Used for session and database encryption. Run openssl rand -base64 42 to generate. If leaked, system security is compromised.
Web AccessAPP_WEB_URLFull frontend URL (e.g., https://ai.corp.com). Used for OAuth validation and sharing links. Misconfiguration causes SSO failure or broken images.
Web AccessCOOKIE_DOMAINSet to top-level domain (e.g., .corp.com) if frontend/backend are on different subdomains to share cookies.
DatabaseDB_HOSTDefault is db (container name). Use RDS IP/Domain for external databases.
RedisREDIS_PASSWORDDefault is empty. Must set a strong password for production to prevent unauthorized access.
Vector DBVECTOR_STOREDefault is weaviate. Can be changed to milvus with proper parameters. Sync changes with docker-compose.yaml to disable unused containers.
PerformanceGUNICORN_WORKERSNumber of API workers. Default 1. Recommended: CPU cores * 2 + 1.
PerformanceCELERY_WORKER_AMOUNTConcurrent async tasks. Increasing this speeds up ingestion but consumes more RAM.
StorageSTORAGE_TYPEDefault is local. Strongly recommended to use s3 for production.

Modify .env to configure your database, Redis, and storage.

Step 3: Start & Health Check

docker compose up -d
docker compose ps

Monitor the api, worker, and db containers. For troubleshooting, check logs: docker compose logs -f api.

2.3 Advanced Enterprise Configuration: External Middleware

In production, it is best practice to "externalize" stateful services.

2.3.1 Connecting External PostgreSQL & Redis

Point your .env file to your existing high-availability clusters. Dify runs flask db upgrade automatically on startup.

2.3.2 S3 Object Storage (Key to Persistence)

Set STORAGE_TYPE=s3 and configure your S3-compatible credentials. This makes your application "stateless," simplifying horizontal scaling and migration.

3. Enterprise Deployment via Kubernetes

For scaling to thousands of users or maintaining 99.9% SLA, Kubernetes (K8s) is the preferred solution.

3.1 Architecture Planning

  • Stateless Services (Deployments): dify-api, dify-worker, dify-web. Use HPA for automatic scaling.
  • Stateful Services (External): Strictly avoid running core databases inside K8s in production. Use managed services like AWS RDS, ElastiCache, or managed vector stores.

3.2 Helm Chart Deployment

helm repo add dify https://borispolonsky.github.io/dify-helm
helm repo update

Custom values.yaml: Create a production-values.yaml to disable internal databases, connect to external instances, and set resource limits and autoscaling policies.

Deployment & Initialization:

helm upgrade --install dify dify/dify -f production-values.yaml --namespace dify-prod --create-namespace

After deployment, manually trigger the database migration:

API_POD=$(kubectl get pods -n dify-prod -l app.kubernetes.io/component=api -o jsonpath='{.items.metadata.name}')
kubectl exec -it $API_POD -n dify-prod -- flask db upgrade

Appendix: Dify Microservice Architecture

The core of Dify is built with several microservices:

  • API Service (Flask): The brain, handling HTTP requests, logic, and LLM interactions.
  • Worker Service (Celery): The muscle, handling tasks like document parsing, embeddings, and Agent reasoning.
  • Web Service (Next.js): The UI, providing a visual Studio for app orchestration.
  • Redis: Acts as a message broker and cache.
  • PostgreSQL: Stores metadata (app configs, logs, user data).
  • Vector Database: High-dimensional vector storage (Weaviate, Qdrant, etc.).
  • Object Storage (S3): Stores unstructured data like uploaded files.
  • Sandbox: A secure environment for code execution.

Why Choose Dify

Previous Page

Dify Chat API Integration Guide

A practical guide to integrating with Dify's Chat API, featuring working Node.js and curl examples for building chatbots and conversational AI applications.

On this page

Dify Deployment Modes Guide
Deployment Modes Comparison
1. Dify Cloud (SaaS)
2. Private Deployment via Docker Compose
2.1 Infrastructure & Environment Tuning
2.1.1 Hardware Base Baseline
2.1.2 Software Dependencies
2.2 Deployment Process
2.3 Advanced Enterprise Configuration: External Middleware
2.3.1 Connecting External PostgreSQL & Redis
2.3.2 S3 Object Storage (Key to Persistence)
3. Enterprise Deployment via Kubernetes
3.1 Architecture Planning
3.2 Helm Chart Deployment
Appendix: Dify Microservice Architecture