Deploying Judge0 CE

Introduction

Judge0 CE (Community Edition) is a robust, scalable, and open-source online code execution system. It provides a REST API for compiling and running code in over 60 programming languages, making it the perfect backend for coding platforms, online judges, educational tools, and IDE integrations.

Used by companies and educational institutions worldwide, Judge0 handles the complex task of securely executing untrusted code in isolated sandbox environments. Each submission runs in its own container with strict resource limits, ensuring security and fair resource allocation.

Key highlights of Judge0 CE:

• 60+ Languages: Support for popular languages including Python, JavaScript, Java, C++, Go, Rust, and many more
• Secure Execution: Isolated sandbox environments prevent malicious code from affecting the host system
• REST API: Simple, well-documented API for submitting code and retrieving results
• Resource Limits: Configurable CPU time, memory, and output limits per submission
• Batch Processing: Submit multiple code snippets in a single API call
• Callback Support: Receive webhook notifications when execution completes
• Redis Queue: Reliable job queuing for handling high submission volumes
• PostgreSQL Backend: Persistent storage for submissions and results
• Scalable Architecture: Horizontally scale workers to handle increased load
• Open Source: MIT licensed with an active community

This guide walks through deploying Judge0 CE on Klutch.sh using Docker, configuring the execution environment, and integrating with your applications.

Why Deploy Judge0 CE on Klutch.sh

Deploying Judge0 CE on Klutch.sh provides several advantages:

Simplified Deployment: Klutch.sh automatically detects your Dockerfile and builds Judge0 without complex orchestration.

Persistent Storage: Attach persistent volumes for your PostgreSQL database and Redis data. Submissions and results survive restarts.

HTTPS by Default: Klutch.sh provides automatic SSL certificates, ensuring secure API access.

GitHub Integration: Connect your configuration repository directly from GitHub. Updates trigger automatic redeployments.

Scalable Resources: Allocate CPU and memory based on expected submission volume and language requirements.

Environment Variable Management: Securely store API keys and database credentials through Klutch.sh’s environment variable system.

Custom Domains: Assign a custom domain to your Judge0 API endpoint.

Always-On Availability: Your code execution service remains accessible 24/7.

Prerequisites

Before deploying Judge0 CE on Klutch.sh, ensure you have:

• A Klutch.sh account
• A GitHub account with a repository for your Judge0 configuration
• Basic familiarity with Docker and containerization concepts
• Understanding of REST APIs and webhook integrations
• (Optional) A custom domain for your Judge0 instance

Understanding Judge0 Architecture

Judge0 uses a multi-component architecture for reliable code execution:

API Server: The Rails application that receives code submissions, manages the queue, and returns results.

Workers: Isolated processes that execute submitted code in secure sandbox containers using isolate.

PostgreSQL Database: Stores submissions, results, and configuration data.

Redis: Message queue for coordinating between the API server and workers.

Isolate: Linux sandboxing tool that provides secure, resource-limited execution environments.

Preparing Your Repository

To deploy Judge0 on Klutch.sh, create a GitHub repository containing your configuration.

Repository Structure

judge0-deploy/
├── Dockerfile
├── judge0.conf
├── README.md
└── .dockerignore

Creating the Dockerfile

Create a Dockerfile in the root of your repository:

FROM judge0/judge0:latest

# Copy custom configuration
COPY judge0.conf /judge0.conf

# Set environment variables
ENV JUDGE0_VERSION=1.13.0

# Expose API port
EXPOSE 2358

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=120s --retries=3 \
  CMD curl -f http://localhost:2358/health || exit 1

Configuration File

Create a judge0.conf file with your settings:

# Judge0 Configuration

# Database configuration
POSTGRES_HOST=db
POSTGRES_PORT=5432
POSTGRES_DB=judge0
POSTGRES_USER=judge0
POSTGRES_PASSWORD=${POSTGRES_PASSWORD}

# Redis configuration
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=${REDIS_PASSWORD}

# API authentication
AUTHN_HEADER=X-Auth-Token
AUTHN_TOKEN=${AUTHN_TOKEN}

# Authorization
AUTHZ_HEADER=X-Auth-User
AUTHZ_TOKEN=${AUTHZ_TOKEN}

# Execution limits
CPU_TIME_LIMIT=5
CPU_EXTRA_TIME=1
WALL_TIME_LIMIT=10
MEMORY_LIMIT=128000
STACK_LIMIT=64000
MAX_PROCESSES_AND_OR_THREADS=60
MAX_FILE_SIZE=1024

# Submission settings
ENABLE_WAIT_RESULT=true
ENABLE_COMPILER_OPTIONS=true
ALLOWED_LANGUAGES_FOR_COMPILE_OPTIONS=

# Callbacks
CALLBACKS_MAX_TRIES=3
CALLBACKS_TIMEOUT=5

# Maintenance mode
MAINTENANCE_MODE=false

Creating the .dockerignore File

Create a .dockerignore file:

.git
.github
*.md
LICENSE
.gitignore
*.log
.DS_Store
.env
.env.local

Environment Variables Reference

Variable	Required	Default	Description
POSTGRES_PASSWORD	Yes	-	PostgreSQL database password
REDIS_PASSWORD	No	-	Redis password (optional)
AUTHN_TOKEN	Yes	-	API authentication token
AUTHZ_TOKEN	No	-	Authorization token for admin operations
CPU_TIME_LIMIT	No	5	Maximum CPU time in seconds
MEMORY_LIMIT	No	128000	Maximum memory in KB

Deploying Judge0 CE on Klutch.sh

Once your repository is prepared, follow these steps to deploy:

Generate Secure Tokens

Generate secure tokens for API authentication:

openssl rand -hex 32  # For AUTHN_TOKEN
openssl rand -hex 32  # For POSTGRES_PASSWORD

Save these securely for environment variable configuration.

Push Your Repository to GitHub

Initialize your repository and push to GitHub:

git init
git add Dockerfile judge0.conf .dockerignore README.md
git commit -m "Initial Judge0 CE deployment configuration"
git remote add origin https://github.com/yourusername/judge0-deploy.git
git push -u origin main

Create a New Project on Klutch.sh

Navigate to the Klutch.sh dashboard and create a new project. Give it a descriptive name like “judge0” or “code-execution”.

Create a New App

Within your project, create a new app. Connect your GitHub account if you haven’t already, then select the repository containing your Judge0 Dockerfile.

Configure HTTP Traffic

In the deployment settings:

• Select HTTP as the traffic type
• Set the internal port to 2358

Set Environment Variables

In the environment variables section, add:

Variable	Value
POSTGRES_PASSWORD	Your generated password
AUTHN_TOKEN	Your generated authentication token
AUTHZ_TOKEN	Your generated authorization token
CPU_TIME_LIMIT	5
MEMORY_LIMIT	128000

Attach Persistent Volumes

Add the following volumes:

Mount Path	Recommended Size	Purpose
/var/lib/postgresql/data	10 GB	PostgreSQL database storage
/var/lib/redis	1 GB	Redis data persistence

Deploy Your Application

Click Deploy to start the build process. Klutch.sh will:

• Detect your Dockerfile automatically
• Build the container image
• Attach the persistent volumes
• Start the Judge0 container
• Provision an HTTPS certificate

Access Judge0 API

Once deployment completes, your Judge0 API is available at https://example-app.klutch.sh.

Using the Judge0 API

Submitting Code

Submit code for execution using the REST API:

curl -X POST https://example-app.klutch.sh/submissions \
  -H "Content-Type: application/json" \
  -H "X-Auth-Token: your-auth-token" \
  -d '{
    "source_code": "print(\"Hello, World!\")",
    "language_id": 71,
    "stdin": ""
  }'

Response:

{
  "token": "d85cd024-1548-4165-96c7-7bc88673f194"
}

Retrieving Results

Get the execution results:

curl https://example-app.klutch.sh/submissions/d85cd024-1548-4165-96c7-7bc88673f194 \
  -H "X-Auth-Token: your-auth-token"

Response:

{
  "stdout": "Hello, World!\n",
  "stderr": "",
  "status": {
    "id": 3,
    "description": "Accepted"
  },
  "time": "0.01",
  "memory": 3072
}

Language IDs

Common language IDs:

Language	ID
Python 3	71
JavaScript (Node.js)	63
Java	62
C++	54
C	50
Go	60
Rust	73
Ruby	72

Get the full list:

curl https://example-app.klutch.sh/languages \
  -H "X-Auth-Token: your-auth-token"

Batch Submissions

Submit multiple code snippets at once:

curl -X POST https://example-app.klutch.sh/submissions/batch \
  -H "Content-Type: application/json" \
  -H "X-Auth-Token: your-auth-token" \
  -d '{
    "submissions": [
      {"source_code": "print(1+1)", "language_id": 71},
      {"source_code": "console.log(2+2)", "language_id": 63}
    ]
  }'

Webhooks

Configure callback URLs to receive results:

curl -X POST https://example-app.klutch.sh/submissions \
  -H "Content-Type: application/json" \
  -H "X-Auth-Token: your-auth-token" \
  -d '{
    "source_code": "print(\"Hello\")",
    "language_id": 71,
    "callback_url": "https://your-app.com/webhook"
  }'

Production Best Practices

Security Recommendations

• API Authentication: Always require authentication tokens for API access
• Rate Limiting: Implement rate limiting to prevent abuse
• Token Rotation: Regularly rotate authentication tokens
• Network Isolation: Restrict access to trusted sources when possible
• Input Validation: Validate all input before submission

Performance Optimization

• Worker Scaling: Add more workers for higher submission volumes
• Resource Limits: Tune CPU and memory limits based on use case
• Queue Monitoring: Monitor Redis queue depth for bottlenecks
• Database Optimization: Index frequently queried fields

Backup Strategy

Protect your submission data:

1. Database Backups: Regularly back up PostgreSQL data
2. Redis Persistence: Enable Redis persistence for queue durability
3. Configuration Backups: Version control all configuration files

Troubleshooting Common Issues

Submissions Stuck in Queue

Symptoms: Submissions remain in “Processing” status.

Solutions:

• Check worker container logs for errors
• Verify Redis connectivity
• Ensure workers have sufficient resources
• Review isolate sandbox configuration

Compilation Errors

Symptoms: Valid code returns compilation errors.

Solutions:

• Verify the correct language ID is used
• Check language-specific compiler settings
• Review memory and time limits
• Test with simpler code first

API Authentication Failures

Symptoms: 401 Unauthorized responses.

Solutions:

• Verify the authentication token is correct
• Check the header name (X-Auth-Token)
• Ensure tokens are properly URL-encoded if needed

Additional Resources

• Judge0 Official Website
• Judge0 CE Documentation
• Judge0 GitHub Repository
• Supported Languages
• Klutch.sh Persistent Volumes
• Klutch.sh Deployments

Conclusion

Deploying Judge0 CE on Klutch.sh gives you a powerful code execution backend for building coding platforms, online judges, and educational tools. The combination of Judge0’s extensive language support and Klutch.sh’s deployment simplicity means you can focus on building your application rather than managing infrastructure.

With secure sandboxed execution, a simple REST API, and support for 60+ programming languages, Judge0 handles the complex challenges of running untrusted code at scale. Whether you’re building a competitive programming platform, an educational coding environment, or adding code execution to an existing application, Judge0 on Klutch.sh provides the reliable foundation you need.