Octopus, workers and proxy

usability
(Sophie Mandati) #1

Hi,

due to network segregation concerns, we can’t use our current octopus server located in a dev zone to deploy application to a production zone.
We don’t want to have 2 octopus servers: one dedicated to DEV/INT/QA environments and another one for Staging/Production.

The workaround could be to setup a proxy and a worker.
Octopus Server (DEV Network) -> Proxy (Proxy Network) -> Worker (TNZ Network) -> Target Servers (Staging/Prod Network)

Can Octopus server communicate to workers via proxy server?
If yes, how the packages are pushed from octopus (master)?

Thank you for your help,

Sophie

#3

Hi Sophie,

Thanks for getting in touch!

Firstly, sorry for the delay in getting back to you on this one, I was off sick most of last week and I forgot to pass this one along.

This is actually a question that we have wrestled with over time, so much so that we even spec’d out a possible solution scenario when we first where designing workers back in 2017 - we termed that concept Edge Nodes. Unfortunately any further work on this concept has been parked behind some other features that we consider higher priority, so we haven’t progressed here.

In the meantime, while Workers are able to be behind a proxy (see listening Tentacle on our proxy support page), unfortunately I don’t think this will work in the manner that you need it to. Our workers documentation page outlines what a worker can do quite nicely, the main gap that most people run into is that a worker can’t push packages to a Tentacle, or pass any execution tasks to a Tentacle. That all still needs to happen with a connection from your Octopus Server to a Tentacle directly, you can’t go via a worker here.

Having said that, if your main deployment workload could be broken down into executing scripts (with attached packages) then a worker may be suitable.

The easiest way to think about this is that if your task is self contained (i.e. scriptable) then a worker is suitable, if you are transferring packages to targets and are using complex deployment logic then you will need to deploy directly to a Tentacle.

If there is anything else we can help with, or if you would like to talk to someone further about your deployment scenario please let me know!

Regards,
Alex

(system) closed #4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.