Documentation
Getting Started

Getting Started

Getting Started: The steps below walk you through the Mezusphere onboarding workflow. Contact us if you need help.

Go from zero to a globally reachable, authenticated service in four steps.

Prerequisites

  • A workload (web app, API, or any service) running on any platform
  • Docker, a standalone binary, or Kubernetes for running Warpgate
  • A Mezusphere account (create one in the Console )

Step 1: Deploy your workload anywhere

Mezusphere is cloud-agnostic. Run your application on any cloud provider, in a container, on a virtual machine, or on your local development machine. Mezusphere does not require any specific runtime, framework, or deployment target.

For this guide, we’ll assume you have a web service running on localhost:8080.

Step 2: Add the Warpgate sidecar

Deploy the Warpgate alongside your workload. Warpgate connects outward to Mezusphere’s global edge, so no inbound ports need to be opened on your infrastructure.

Using Docker 

docker run mezusphere/warpgate \
  --token YOUR_WARPGATE_TOKEN \
  --upstream localhost:8080

Using Docker Compose 

services:
  app:
    image: your-app:latest
    ports:
      - "8080:8080"

  warpgate:
    image: mezusphere/warpgate
    command: ["--token", "YOUR_WARPGATE_TOKEN", "--upstream", "app:8080"]
    depends_on:
      - app

Using the standalone binary 

# Download for your platform
curl -fsSL https://get.mezusphere.com/warpgate | sh

# Run
warpgate --token YOUR_WARPGATE_TOKEN --upstream localhost:8080

Your Warpgate token is generated in the Console when you create a service account for your project.

Step 3: Configure routes in the Console

Open the Console to set up your project:

  1. Create a project: give it a name and description
  2. Create an environment: production, staging, or development
  3. Add a service account: this generates the Warpgate token
  4. Define routes: set up URL path routing rules to your backend
  5. Enable authentication (optional): require end-user login on specific routes

Step 4: Go live

Once configured, end users connect through Mezusphere’s global edge. Their traffic is automatically:

  • Encrypted with TLS 1.3
  • Protected against DDoS attacks
  • Authenticated (if enabled) before reaching your Warpgate
  • Routed to the correct backend based on your path rules

Your service is globally reachable and secured without any changes to your application code.

What’s next