Azure Deployment

Overview

Deploy Confident AI on your Azure infrastructure for complete control over your evaluation and observability platform.

Architecture

The Azure deployment uses Terraform to provision a production-ready infrastructure with the following components:

Core components

VNet & Networking

AKS/database/public/private-endpoint subnets with NAT Gateway, NSG, and Private DNS Zone.

AKS Cluster

Managed Kubernetes with a system node pool and autoscaling worker node pool, Workload Identity, and Azure CNI networking.

PostgreSQL Flexible Server

Managed database in a delegated subnet with zone-redundant HA, automated backups, and private DNS resolution.

NGINX Ingress + Azure LB

NGINX Ingress Controller backed by an Azure Standard Load Balancer with cert-manager for TLS.

ArgoCD

GitOps tool for managing Kubernetes deployments.

Azure Blob Storage

Storage Account with private endpoint and blob containers for test cases, payloads, and ClickHouse backups.

Deployed services

The Kubernetes cluster runs the following services:

ServiceNamespaceDescription
confident-backendconfident-aiExpress.js API service handling core platform logic
confident-frontendconfident-aiNext.js web application for the Confident AI dashboard
confident-evalsconfident-aiFastAPI service for running LLM evaluations
confident-otelconfident-aiOpenTelemetry collector for trace ingestion
redisconfident-aiIn-memory cache for session and queue management
ArgoCDargocdGitOps continuous delivery
ClickHouse Operatorclickhouse-operator-systemManages the analytics database
NGINX Ingressingress-nginxRoutes external traffic to services via Azure LB
External Secretsconfident-aiSyncs credentials from Azure Key Vault
cert-managercert-managerAutomates TLS certificate issuance and renewal