Multiple Octopus Consoles in secure non-routeable networks

I’m wondering of the possibility to host numerous octopus deploy consoles against a single data source?

I basically have unrestricted development / test environments, a restricted staging, and a restricted prod environment. My concern is that I’m unable to route between my unrestricted pre-prod network and the web services in a restricted network. Currently our operations teams use jump boxes and very manual processes to apply to these machines. Hosting a separate octopus console (in each restricted environment) with connectivity to a shared data source (hosted locally in an unrestricted segment) would suit my needs.

Thanks, James.

Hi James,

It’s not currently possible to connect multiple Octopus servers to a single RavenDB database instance. However you could install multiple Octopus servers without the shared data source, and manually keep the deployment configurations in sync.

From a security point of view, having the production/staging Octopus servers connect to a single data source hosted in your pre-prod environment seems like it would have the same risk as simply having one Octopus server deploying to all environments. Anyone with access to that pre-prod shared database could add records that affect the production Octopus server, and thus production web servers.

Perhaps a better way would be for Octopus to be treated as an ops tool (installed in the production environment) with ability to deploy into development, with permissions managed by the ops team.

If this is going to be difficult to convince people of, we also have another feature - you can deploy an Octopus package using Tentacle.exe via the command line. Tentacle.exe can be xcopy deployed, so you could package your staging/production deployments up and give them to your ops team to be installed manually (which sounds like the current process). In a future release we’ll wrap this into a nice wizard interface.

If you haven’t seen them already, here are a couple of pages on how we deal with security of deployments in Octopus:

Hope that helps,