Deploy reNgine on Azure
Launch a fully-configured reNgine Cloud instance on Azure in under 5 minutes using ARM templates.
Overview
This tutorial guides you through deploying reNgine Cloud on Microsoft Azure using our pre-built ARM (Azure Resource Manager) template. The deployment creates all necessary resources including Azure VM, Azure Database for PostgreSQL, Azure Cache for Redis, and docker-compose orchestration for reconnaissance services.
Prerequisites
- Azure Subscription with Contributor access
- Basic understanding of Azure Resource Groups
- Azure CLI installed (optional)
- Domain name for SSL configuration (optional)
What You'll Get
- Azure VM running reNgine (Standard_D4s_v3 recommended)
- Azure Database for PostgreSQL Flexible Server
- Azure Cache for Redis (Premium tier)
- Network Security Group configured for HTTPS and admin access
- Public IP address for external connectivity
- Docker-compose with all reconnaissance tools
- Managed SSL certificates via Application Gateway
Step 1: Access Azure Portal
Log into the Azure Portal and create a new Resource Group for your reNgine deployment.
- Navigate to portal.azure.com
- Click "Resource groups" → "Create"
- Name it "rg-rengine-prod" in your preferred region
- Click "Review + Create" → "Create"
Step 2: Deploy ARM Template
Use our ARM template to deploy reNgine infrastructure:
# Using Azure CLI
az deployment group create \
--resource-group rg-rengine-prod \
--template-uri https://hailbytes.com/templates/rengine-arm-template.json \
--parameters \
vmSize=Standard_D4s_v3 \
adminUsername=azureuser \
postgresqlSku=GP_Gen5_2 \
redisSku=Premium
# Or click this button in the portal:
# Deploy to Azure button links to templateAlternatively, in the Azure Portal: go to "Create a resource" → "Template deployment" → "Build your own template" → paste the ARM template JSON.
Step 3: Configure Deployment Parameters
Fill in the required parameters for your deployment:
| Parameter | Value | Description |
|---|---|---|
vmName | vm-rengine-prod | Virtual machine name |
vmSize | Standard_D4s_v3 | 4 vCPUs, 16GB RAM |
adminUsername | azureuser | SSH admin username |
authenticationType | sshPublicKey | SSH key or password |
postgresqlSku | GP_Gen5_2 | PostgreSQL tier (2 vCores) |
redisSku | Premium | Redis cache tier |
diskSizeGB | 128 | OS disk size |
Step 4: Review and Create
Validate your configuration and deploy the resources.
- Review all parameters in the validation screen
- Check estimated costs in the summary
- Click "Create" to begin deployment
- Monitor deployment progress in "Deployments" tab
- Wait for "Deployment succeeded" status (5-8 minutes)
Step 5: Access Your reNgine Dashboard
Once deployment completes, retrieve your connection information:
# Get public IP address
az vm show -d -g rg-rengine-prod -n vm-rengine-prod \
--query publicIps -o tsv
# Get deployment outputs
az deployment group show \
-g rg-rengine-prod \
-n rengine-deployment \
--query properties.outputs
# Outputs will include:
# - webURL: https://:8000
# - databaseFQDN: rengine-db.postgres.database.azure.com
# - redisFQDN: rengine-cache.redis.cache.windows.net
# - sshCommand: ssh azureuser@ Navigate to the Web URL and log in with default credentials (sent to your admin email or available in deployment outputs).
Understanding the Architecture
reNgine on Azure uses managed services for scalability and reliability:
Architecture Components
| Component | Azure Service | Purpose |
|---|---|---|
| Compute | Azure VM (D4s_v3) | Host docker containers |
| Database | Azure Database for PostgreSQL | Data persistence |
| Cache/Queue | Azure Cache for Redis | Celery task queue |
| Storage | Managed Disks (Premium SSD) | OS and data storage |
| Networking | Virtual Network + NSG | Security and isolation |
| Monitoring | Azure Monitor | Logs and metrics |
# SSH into your VM to view running containers
ssh azureuser@
# View docker-compose services
cd /opt/rengine
sudo docker-compose ps
# Expected output:
NAME STATUS PORTS
rengine-web Up 5 minutes 0.0.0.0:8000->8000/tcp
rengine-celery Up 5 minutes
rengine-celery-beat Up 5 minutes
rengine-proxy Up 5 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp Post-Deployment Configuration
Security Best Practices
- ✓ Change default admin password immediately
- ✓ Configure Azure Application Gateway for SSL/TLS
- ✓ Update NSG rules to restrict IP access
- ✓ Enable Azure Monitor for VM and database metrics
- ✓ Set up Azure Backup for VM and database
- ✓ Configure custom domain with Azure DNS
- ✓ Enable Azure Database firewall rules
- ✓ Configure OpenAI API for AI-powered analysis (optional)
Configure SSL with Let's Encrypt
Set up free SSL certificates for your reNgine instance:
# SSH into Azure VM
ssh azureuser@
# Update domain in NGINX configuration
sudo nano /opt/rengine/nginx/rengine.conf
# Update server_name directive
server_name rengine.yourcompany.com;
# Install certbot
sudo apt-get update
sudo apt-get install -y certbot python3-certbot-nginx
# Generate certificate
sudo certbot --nginx -d rengine.yourcompany.com
# Follow prompts to complete setup
# Certbot will automatically configure NGINX and set up auto-renewal
# Restart nginx container
cd /opt/rengine
sudo docker-compose restart proxy Ensure your domain's DNS A record points to your Public IP before running certbot.
Configure Azure Database Firewall
Allow the VM to connect to Azure Database for PostgreSQL:
# Get VM's private IP
az vm show -g rg-rengine-prod -n vm-rengine-prod \
--query "privateIps" -o tsv
# Add firewall rule to PostgreSQL
az postgres flexible-server firewall-rule create \
-g rg-rengine-prod \
-n rengine-db \
-r allow-vm \
--start-ip-address 10.0.0.4 \
--end-ip-address 10.0.0.4
# Or allow Azure services
az postgres flexible-server firewall-rule create \
-g rg-rengine-prod \
-n rengine-db \
-r allow-azure \
--start-ip-address 0.0.0.0 \
--end-ip-address 0.0.0.0Troubleshooting
Common Issues
Deployment Failed:
- Check deployment details for specific error messages
- Verify subscription has sufficient quota for VM size
- Ensure selected region supports all required services
- Check naming constraints (lowercase, no special characters)
Cannot Connect to Database:
- Verify PostgreSQL firewall rules allow VM's IP
- Check VNet integration is configured correctly
- Ensure connection string uses correct FQDN
- Review PostgreSQL server logs in Azure Portal
Redis Connection Errors:
- Verify Redis access keys are correct
- Check NSG allows outbound traffic to Redis
- Ensure SSL is enabled if required by Redis tier
- Review Celery worker logs:
docker logs rengine-celery
Scaling and Performance
Scale your reNgine deployment as your needs grow:
Scaling Options
| Component | Scaling Method | Command |
|---|---|---|
| VM Size | Vertical scaling | az vm resize |
| Database | Scale vCores/storage | az postgres flexible-server update |
| Redis | Change tier/shard count | az redis update |
| Disk | Expand disk size | az disk update |
Cost Estimation
Monthly Azure costs for typical reNgine deployment:
| Resource | Configuration | Est. Monthly Cost |
|---|---|---|
| VM Instance | Standard_D4s_v3 (4 vCPU, 16GB) | $140 |
| Azure Database PostgreSQL | GP_Gen5_2 (2 vCore, 50GB) | $95 |
| Azure Cache for Redis | Premium P1 (6GB) | $165 |
| Managed Disk | Premium SSD 128GB | $25 |
| Public IP | Static IPv4 | $3 |
| Bandwidth | ~200GB/month egress | $16 |
| Total | ~$444/month | |
Next Steps
Run Your First Scan
Learn how to configure and execute your first reconnaissance scan.
View Tutorial →Configure AI Analysis
Enable GPT-powered vulnerability analysis and automated reports.
View Tutorial →Need Help?
If you encounter issues during deployment, our support team is here to help.
Contact Support