Tower is a web application with a microservice-oriented architecture that is designed to maximize portability, scalability and security.
Tower is composed of several modules that can be configured and deployed according to your organization's requirements. These modules are provided as Docker container images which are securely hosted on several major cloud platforms.
To deploy Nextflow Tower on your infrastructure, you will need a license key. Please contact us at firstname.lastname@example.org to obtain a license.
Tower is composed of several Seqera-provided services and standard services that can be provisioned by Tower or by the client.
The Tower backend is a JVM-based web application based on the Micronaut framework, which provides a modern and secure backbone for the application.
The backend implements the main application logic, which is exposed via a REST API and defined via an OpenAPI schema. The backend uses JPA/Hibernate/JDBC API industry standards to interact with the underlying relational database.
The backend can be run standalone or as multiple replicas for scalability when deployed in high-availability mode. It should run on port
Tower cron is an auxiliary backend service that executes regularly-occuring activities, such as sending email notifications and cleaning up stale data. The cron service also performs database migrations at startup.
The Tower frontend is an NGINX web server that serves the Angular application and reverse-proxies HTTP traffic to the Tower backend.
The frontend should run on port
80 within the container, and it should be the only service that acceppts incoming HTTP traffic. The frontend can also be exposed via HTTPS or a load balancer.
Tower requires a Redis database for caching purposes.
Tower requires a SQL database to persist user activities and state. Tower has been tested against MySQL 5.7. Please contact Seqera support if you would like to use a different JDBC-compliant SQL database.
Tower requires a SMTP relay to send email messages and user notifications.
Authentication service (optional)#
Tower supports enterprise authentication mechanisms such as OAuth and OpenID. Third-party identity providers and custom single-sign-on flows can be developed according to specific customer requirements.
Tower can be deployed to a single node (via Docker Compose or natively), or to a Kubernetes cluster. This documentation includes instructions for both options across multiple platforms, including AWS, Azure, Google Cloud, and on-prem infrastructure.
The minimal Tower deployment requires only the frontend, backend, and database services. These services can be deployed as Docker containers or as native services.
This option is suggested only for evaluation purposes or for a small number of users.
Kubernetes is emerging as the technology of choice for deploying applications that require high-availability, scalability, and security. Tower Enterprise includes configuration manifests for Kubernetes deployment.
Here is the reference architecture diagram of Tower on AWS using Elastic Kubernetes Service (EKS):
Tower container images#
The Tower Enterprise container images are hosted securely on Amazon Elastic Container Registry (ECR), Azure Container Registry (ACR), Google Artifact Registry (AR). Visit the corresponding Prerequsites page for instructions on how to acquire them:
For further information, contact Seqera support via email or the support channel provided as part of the Tower Enterprise License agreement.