Requirements

To successfully deploy and manage Prisme.ai within your infrastructure, you need to ensure that your environment meets specific prerequisites related to resources, services, and configurations.

​

Infrastructure Recommendations

Prisme.ai’s baseline assumes the Balanced resource profile documented in Resources & Autoscaling. It’s sized for up to a few hundred concurrent users, with HPA absorbing spikes. This is a budget sensitive sizing : Slowdowns may occur, since it does not take full advantage of the capabilities of Prisme.ai services and the HPA takes several seconds to activate.
If you need to support thousands of concurrent users, follow the High-throughput profile and scale node counts proportionally.

• Kubernetes nodes (Balanced baseline): 5 nodes with 4 vCPU and 16 GB RAM each — covers normal load (~8 vCPU / 14 GB across both namespaces) plus headroom for HPA peaks (~20 vCPU / 40 GB at max replicas).
• Minimum viable: 3 nodes will run the platform at steady state but cannot absorb HPA peaks — only suitable for non-production environments.
• High-throughput profile: start at 8 nodes and scale via cluster autoscaler.
• Disk space: Minimum 50 GB per node for ephemeral storage.
• Load balancer: Ingress controller or cloud load balancer required for service routing.

​

Kubernetes Cluster Architecture

• Multi-zone clusters: Spread nodes across at least 2 availability zones.
• Control plane resilience: Managed services like EKS, GKE, AKS provide HA for control planes by default. For self-managed clusters, use at least 3 control plane nodes.
• Cluster autoscaling: Enabled on node groups so capacity follows demand.
• PodDisruptionBudgets: Recommended on stateful workloads to prevent multiple replicas from being evicted simultaneously during maintenance.

​

Database requirements

Versions, sizing baselines and the vector store requirement live on the Databases overview page.

​

Object Storage

Prisme.ai requires object storage for models and file uploads:

• RWX Filesystem: RWX volume with at least 50GB capacity, attached to a Kubernetes Persistent Volume Claim (PVC).
• S3-Compatible Storage
• Azure Blob Storage
• Google Cloud Storage

If no object storage solution is available, a filesystem can be used instead.

​

Filesystems

AI Products also requires a RWX filesystem for prismeai-functions microservice. The RWX filesystem must be backed by a multi-AZ / zone-redundant solution:

• AWS: EFS (or FSx for NetApp ONTAP), multi-AZ.
• Azure: Azure Files with zone-redundant storage (ZRS).
• GCP: Filestore with regional redundancy or Cloud Storage Fuse
• OpenShift: OpenShift Data Foundation.

​

Networking and DNS

Two DNS records are required:

• api.<your-domain> for the API.
• studio.<your-domain> for the Studio.

Both point to the cluster ingress (ALB / Application Gateway / GKE Ingress / Route).

​

Load Balancing & Ingress

• Ingress controllers: Use a cloud-native ingress controller (AWS Load Balancer Controller / Application Gateway Ingress Controller / GKE Ingress / OpenShift Routes, or NGINX / Istio).
• TLS termination: Terminate TLS at the ingress with a certificate covering API and Studio.
• DNS routing: Route DNS to the ingress across healthy zones (e.g., Route 53 with latency-based routing for multi-region).
• Keep-alive timeouts: Set both the LB client keep-alive (≈ 60s, under the api-gateway server keep-alive of 70s) and the LB idle timeout (≈ 300s for long-lived SSE / websocket connections). See Helm install — Ingress for provider-specific annotations.
• Network policies: For default-deny clusters, open only the service, database and external egress flows listed in Network Policies.

​

Observability

You need visibility on the cluster, the platform services and the underlying databases — both for day-to-day operations and for incident response. Plan for the following four pillars:

• Container logs — collect stdout/stderr of every Prisme.ai pod. Mandatory for any non-trivial debugging session.
• Kubernetes metrics — CPU, memory, HPA state, pod restarts, node pressure. Required to size resources, validate HPA targets and catch saturation early.
• Kubernetes events — pod scheduling failures, OOMKilled, image pull errors, autoscaling decisions. Native kubectl get events is volatile; export them to keep history.
• Elasticsearch or OpenSearch UI — direct access to the cluster that backs the events store, crawler indexes and vector store. Critical for shard accounting, ILM monitoring, reindex / cleanup recipes (see Elasticsearch — Operations & Troubleshooting).

​

Recommended stack

This stack is independent of Prisme.ai; deploy and operate it alongside the platform.

​

Offline environments

AI Products and the platform run in offline / private-network environments out of the box. All dependencies needed by the v27 products are bundled into the service images. Additional considerations:

• TLS certificates: if you use internal or self-signed certificates, the CA bundle must be mounted into every microservice calling internal HTTPS endpoints (Python services via REQUESTS_CA_BUNDLE, Node.js services via NODE_EXTRA_CA_CERTS).
• npm registry: only required if you write Custom Code that pulls in extra JavaScript packages beyond the ones bundled in prismeai-functions. See Custom Code Functions — NPM Registry Access.

See Configuration — Offline or private-network deployments for more details.

​

Authentication (SSO)

Prisme.ai supports multiple Single Sign-On (SSO) options:

• OIDC Providers: Compatible with Google, Azure, and other generic OIDC providers【35:1†source】.
• SAML Providers: Supported with HTTP-POST binding (e.g., Okta).

See SSO configuration documentation

​

Next Steps