Docker deployment of the Runtime AI Gateway

Run the Penaxtra Runtime AI Gateway as a Docker container with the enrollment token passed via environment variable. The container exposes the gateway listener on port 8443; the upstream LLM provider is configured via flag.

docker run

docker run -d \
  --name penaxtra-gateway \
  --restart unless-stopped \
  -p 127.0.0.1:8443:8443 \
  -e PNX_ENROLL_TOKEN="<paste from workspace>" \
  --read-only \
  --cap-drop ALL \
  --security-opt no-new-privileges:true \
  registry.penaxtra.com/runtime-gateway:latest \
  --listen=0.0.0.0:8443 \
  --upstream=https://api.upstream-llm.example

Point your LLM client at http://127.0.0.1:8443.

docker compose

services:
  penaxtra-gateway:
    image: registry.penaxtra.com/runtime-gateway:latest
    restart: unless-stopped
    ports:
      - "127.0.0.1:8443:8443"
    environment:
      PNX_ENROLL_TOKEN: "${PNX_ENROLL_TOKEN}"
    command:
      - "--listen=0.0.0.0:8443"
      - "--upstream=https://api.upstream-llm.example"
    read_only: true
    security_opt:
      - no-new-privileges:true
    cap_drop:
      - ALL

Verify health

curl -fSs http://127.0.0.1:8443/healthz
# {"ok": true, "policy_version": "...", "uptime_s": 42}

Security notes

• Bind the listener to 127.0.0.1 on the host unless other VPC services need to reach it. The container's port mapping enforces locality.
• The image is read-only at runtime (--read-only + read_only: true); the gateway writes only to /var/cache/penaxtra-gateway which is mounted on tmpfs by default.
• Drop all Linux capabilities and disable privilege escalation via no-new-privileges.
• For Docker Swarm or compose-prod deployments, store the enrollment token in docker secret and reference it through secrets: rather than env.

Related

• Install the Runtime Gateway
• Kubernetes deployment
• Runtime AI Gateway platform overview

Last reviewed: 2026-06-13. Reviewed by: Engineering. Content type: Developer documentation. Reach the maintainers: [email protected] .