Stop Sending Your Data Away: How to Build a Private, Scalable LLM Infrastructure

From Concept to Code: Building the Private Pipeline

To keep this concrete, let’s jump straight to a production-ready Qwen3.5-27B deployment. While 70B+ models dominate the headlines, a well-quantized model in the 20B to 30B range hits an attractive production sweet spot: capable enough for demanding workloads such as chat, document understanding, visual reasoning, and OCR extraction, while still fitting comfortably on a single NVIDIA L40S when served in FP8 precision.

This example shows what a practical production stack looks like: a reproducible environment, persistent caching, scale-to-zero elasticity, faster cold starts through memory snapshots, and stricter endpoint protection through proxy auth.

import socket
import subprocess

import modal

MODEL_NAME = "Qwen/Qwen3.5-27B-FP8"
FAST_BOOT = True
VLLM_PORT = 8000
GPU_TYPE = "L40S"
GPU_COUNT = 1

vllm_image = (
    # Docker image with CUDA drivers and Python 3.12.
    modal.Image.from_registry("nvidia/cuda:12.8.0-devel-ubuntu22.04", add_python="3.12")
    .entrypoint([])
    .uv_pip_install(
        # vLLM version that supports Qwen3.5-27B.
        "vllm>=0.17.0",
        # Hugging Face Hub is used to pull model weights.
        "huggingface-hub",
        # High-performance attention backend.
        "flashinfer-python",
    )
    .env(
        {
            # Speeds up model downloads from Hugging Face.
            "HF_XET_HIGH_PERFORMANCE": "1",
            # vLLM server dev mode lets you expose sleep/wake endpoints.
            "VLLM_SERVER_DEV_MODE": "1",
        }
    )
)

# Persist Hugging Face and vLLM caches across cold starts.
hf_cache_vol = modal.Volume.from_name("huggingface-cache", create_if_missing=True)
vllm_cache_vol = modal.Volume.from_name("vllm-cache", create_if_missing=True)

app = modal.App("Qwen3.5-27B")

with vllm_image.imports():
    import requests


# Wait until the local vLLM process is accepting connections.
def wait_ready(proc: subprocess.Popen):
    while True:
        try:
            socket.create_connection(("localhost", VLLM_PORT), timeout=1).close()
            return
        except OSError:
            if proc.poll() is not None:
                raise RuntimeError(f"vLLM exited with {proc.returncode}")


# Tell vLLM to enter sleep mode before snapshotting.
def vllm_sleep(level=1):
    requests.post(f"http://localhost:{VLLM_PORT}/sleep?level={level}").raise_for_status()


# Wake the vLLM server after the container is restored.
def vllm_wake_up():
    requests.post(f"http://localhost:{VLLM_PORT}/wake_up").raise_for_status()


@app.cls(
    image=vllm_image,
    gpu=f"{GPU_TYPE}:{GPU_COUNT}",
    volumes={
        "/root/.cache/huggingface": hf_cache_vol,
        "/root/.cache/vllm": vllm_cache_vol,
    },
    # How long should we wait for the container to finish?
    timeout=300,
    # How long should an idle container stay warm?
    scaledown_window=600,
    # How many replicas should we run?
    max_containers=1,
    # Crucial for a scale-to-zero architecture.
    min_containers=0,
    # Save initialized container state.
    enable_memory_snapshot=True,
    # Include GPU memory in the snapshot.
    experimental_options={"enable_gpu_snapshot": True},
)
# Tune concurrency carefully for your workload.
@modal.concurrent(max_inputs=4)
class QwenServer:
    @modal.enter(snap=True)
    def start(self):
        cmd = [
            "vllm",
            "serve",
            "--uvicorn-log-level=info",
            MODEL_NAME,
            "--host",
            "0.0.0.0",
            "--port",
            str(VLLM_PORT),
            # Adjust based on context window requirements.
            "--max-model-len",
            "65536",
            # Limits GPU memory utilization to 90% to avoid fragmentation.
            "--gpu-memory-utilization",
            "0.9",
            # enables sleep mode, which is crucial for snapshotting.
            "--enable-sleep-mode",
            # Reuses KV cache across requests that share a common prefix.
            "--enable-prefix-caching",
        ]
        # enforce-eager disables both Torch compilation and CUDA graph capture.
        # The default behavior is no-enforce-eager.
        cmd += ["--enforce-eager" if FAST_BOOT else "--no-enforce-eager"]
        self.vllm_proc = subprocess.Popen(cmd)
        wait_ready(self.vllm_proc)

        # In production, send a few warmup requests here.
        # That preserves a more ready-to-serve runtime state before sleeping.
        vllm_sleep()

    @modal.enter(snap=False)
    def restore(self):
        # Wake the sleeping server after restore.
        vllm_wake_up()
        wait_ready(self.vllm_proc)

    @modal.web_server(
        port=VLLM_PORT,
        # Allow time for model load and server boot.
        startup_timeout=600,
        # Require Modal proxy auth tokens on the endpoint.
        requires_proxy_auth=True,
    )
    def serve(self):
        pass

Among the production controls in this example, two are especially important:

• Memory snapshots reduce startup time. Volumes help by keeping the model weights close to the runtime, but the server still has to load those weights, initialize vLLM, and rebuild runtime state. Snapshots go further by restoring a container that has already been initialized, which can make cold starts dramatically faster, especially when paired with vLLM sleep mode and a warmup phase.
• requires_proxy_auth=True strengthens access control. By default, a web endpoint may be reachable from the public internet. Proxy auth places a gate in front of that endpoint, allowing only clients that present a valid Modal token ID and secret in the Modal-Key and Modal-Secret headers. Unauthorized requests are rejected before they ever hit the app, which means the container is started only for valid traffic instead of burning resources on unwanted calls.

These choices help turn a working deployment into a production-ready one. Volumes reduce repeated downloads, snapshots make serverless cold starts far more practical, and proxy auth helps ensure the endpoint is not open to the public.