For beginners, the best deployment is usually not the most powerful one. It is the one you can get working today without turning setup into a week-long project.
01 Deployment Paths at a Glance
OpenClaw is commonly deployed in a few broad ways:
| Option | Best for | Cost feel | Difficulty |
|---|---|---|---|
Local npm install | Developers, macOS/Linux users | Low | Low |
| Docker | Users comfortable with containers | Low | Medium |
| Alibaba Cloud | Mainland China beginners | Very low | Very low |
| Tencent Cloud | QQ / WeCom ecosystem users | Low | Very low |
| Baidu Cloud | Low-cost trial users | Very low | Very low |
| Huawei Cloud | Enterprise and compliance scenarios | Medium | Medium |
| Volcengine | Feishu-heavy teams | Low | Low |
| Coze Code | People who do not want to manage servers | Low | Very low |
| Railway / Zeabur | Overseas developers | Low to medium | Very low |
The most important economic lesson is that server cost is often not the main cost driver. Model usage usually is.
02 Local Installation
Local install is ideal when you want to fully understand the environment and keep everything under direct control.
Requirements
| Item | Requirement |
|---|---|
| Node.js | >= 22 |
| Package manager | npm, pnpm, or bun |
| macOS | Xcode Command Line Tools recommended |
| Linux | Standard build tooling |
| Windows | WSL2 strongly recommended |
Recommended install
npm install -g openclaw@latest
openclaw onboard --install-daemonIf you want an install script:
curl -sSL https://get.openclaw.ai | bashPlatform notes
- On
macOS, runxcode-select --install - On
Windows, prefer WSL2 instead of native Windows execution - The daemon keeps OpenClaw alive in the background
Typically that means:
launchdon macOSsystemdon Linux
03 Docker Deployment
Docker is the safest path when you want isolation, portability, or long-running server deployment.
Quick start
git clone https://github.com/openclaw/openclaw.git
cd openclaw
docker-compose up -dImage variants
| Variant | Purpose | Good for |
|---|---|---|
| Standard | Full feature set | Most users |
slim | Smaller image | Resource-constrained environments |
sandbox | More isolated execution | Higher-risk workloads |
sandbox-browser | Includes browser execution support | Browser automation |
Persistent mounts
volumes:
- ~/.openclaw:/root/.openclaw
- ~/openclaw/workspace:/workspaceIf you skip these mounts, state and workspace data can disappear when the container restarts.
Ports
ports:
- "18789:18789"
- "3000:3000"18789for Gateway / WebSocket3000for Web UI
Podman works too:
podman-compose up -d04 Cloud and Hosted Paths
If your priority is speed, a cloud template can be much easier than building everything by hand.
Common China-facing choices
| Platform | Strength | Good fit |
|---|---|---|
| Alibaba Cloud | Strong community docs, low cost, mature templates | Most beginners in China |
| Tencent Cloud | Good QQ / WeCom fit | Office IM scenarios |
| Baidu Cloud | Very low-cost first experience | Cheap trial |
| Huawei Cloud | Better enterprise posture | Compliance-focused environments |
| Volcengine | Strong Feishu alignment | Feishu teams |
| Coze Code | No server maintenance | Zero-infra users |
Common overseas choices
| Platform | Strength |
|---|---|
| Railway | Extremely easy deployment |
| Zeabur | Friendly to multi-model failover |
| Sealos | Better for cloud-native and K8s-minded users |
A practical selection guide
Zero to first success: Coze Code or Baidu CloudLow-friction but still controllable: Alibaba Cloud or Tencent CloudContainer-first: DockerOverseas deployment: Railway or ZeaburMaximum local control: local install
05 First-Run Setup That Matters
Getting OpenClaw started is only step one. Several first-run settings really matter.
Run diagnostics first
openclaw doctorIf something seems wrong, start there.
Configure Gateway authentication
From v2026.3.7, Gateway authentication must be configured explicitly.
{
"gateway": {
"auth": {
"mode": "token",
"token": "your-secret-token"
}
}
}You can also use password mode, but public unauthenticated exposure is not a serious option.
Update channels
openclaw update --channel stable
openclaw update --channel beta
openclaw update --channel devFor most users:
stableis the default choicebetais for early adoptersdevis for contributors and testers
First-run checklist
- Gateway starts successfully
- A model is configured and reachable
openclaw doctorhas no critical errors- Authentication is enabled
- Persistent directories are mounted or preserved
- Your first channel config is ready
Once that is done, you move from “reading about OpenClaw” into actually operating it.