It is highly recommended to first Sign up and try the hosted version of Tower for free, or request a demo for deployment to your own cloud or on-prem infrastructure.
Tower is a web application with a microservice-oriented architecture that is designed to maximize portability, scalability and security.
Tower is composed of several modules that can be configured and deployed according to your organization's requirements. These modules are provided as Docker container images which are securely hosted on several major cloud platforms.
To deploy Nextflow Tower on your infrastructure, you will need a license key. Contact us to obtain a license.
Tower is composed of several Seqera-provided services and standard services that can be provisioned by Tower or by the client.
The Tower backend is a JVM-based web application based on the Micronaut framework, which provides a modern and secure backbone for the application.
The backend implements the main application logic, which is exposed via a REST API and defined via an OpenAPI schema. The backend uses JPA/Hibernate/JDBC API industry standards to interact with the underlying relational database.
The backend can be run standalone or as multiple replicas for scalability when deployed in high-availability mode. It should run on port
Tower cron is an auxiliary backend service that executes regularly-occurring activities, such as sending email notifications and cleaning up stale data. The cron service also performs database migrations at startup.
The Tower frontend is an NGINX web server that serves the Angular application and reverse-proxies HTTP traffic to the Tower backend.
The frontend should run on port
80 within the container, and it should be the only service that acceppts incoming HTTP traffic. The frontend can also be exposed via HTTPS or a load balancer.
Tower requires a Redis database for caching purposes.
Tower requires a SQL database to persist user activities and state. Tower has been tested against MySQL 5.7. Please contact Seqera support if you would like to use a different JDBC-compliant SQL database.
Tower requires a SMTP relay to send email messages and user notifications.
Authentication service (optional)#
Tower supports enterprise authentication mechanisms such as OAuth and OpenID. Third-party identity providers and custom single-sign-on flows can be developed according to specific customer requirements.
Tower can be deployed to a single node (via Docker Compose or natively), or to a Kubernetes cluster. This documentation includes instructions for both options across multiple platforms, including AWS, Azure, Google Cloud, and on-prem infrastructure.
The minimal Tower deployment requires only the frontend, backend, and database services. These services can be deployed as Docker containers or as native services.
Kubernetes is emerging as the technology of choice for deploying applications that require high-availability, scalability, and security. Tower Enterprise includes configuration manifests for Kubernetes deployment.
Here is the reference architecture diagram of Tower on AWS using Elastic Kubernetes Service (EKS):
Tower container images#
Nextflow Tower is distributed as a collection of Docker containers available through the Seqera Labs
cr.seqera.io. Contact support to get your container access credentials. Once you have received your credentials, log in to the registry using these steps:
Retrieve the name and secret values from the JSON file you received from Seqera Labs support.
Run the following Docker command to authenticate to the registry (using the
secretvalues copied in step 1):
- Pull the Nextflow Tower container images with the following commands:
1 2 3
The Seqera Labs container registry
cr.seqera.io is the default Tower container image registry from version 22.4. Use of the AWS, Azure, and Google Cloud Tower image registries in existing installations is still supported but will be deprecated for new installations starting June 2023.
For further information, contact Seqera support via email or the support channel provided as part of the Tower Enterprise License agreement.