This page describes the prerequisites for deploying Tower to your on-premises infrastructure.
Tower container images#
Nextflow Tower is distributed as a collection of Docker containers available through the Seqera Labs
cr.seqera.io. Contact support to get your container access credentials. Once you have received your credentials, log in to the registry using these steps:
Retrieve the username and password you received from Seqera Labs support.
Run the following Docker command to authenticate to the registry (using the
passwordvalues copied in step 1):
docker login -u '<USERNAME>' -p '<PASSWORD>' cr.seqera.io
Pull the Nextflow Tower container images with the following commands:
1 2 3
docker pull cr.seqera.io/private/nf-tower-enterprise/backend:v23.1.0 docker pull cr.seqera.io/private/nf-tower-enterprise/frontend:v23.1.0
The Seqera Labs container registry
cr.seqera.io is the default Tower container image registry from version 22.4. Use of the AWS, Azure, and Google Cloud Tower image registries in existing installations is still supported but will be deprecated for new installations starting June 2023.
See Docker Compose for instructions to deploy Tower via Docker Compose.
See Kubernetes for instructions to deploy Tower via Kubernetes.
An SMTP server is required to send emails from Tower.
If you don't have your own mail server, you can use an external service from a cloud provider. Visit the corresponding Prerequisites page for more information and consult your IT team to select the most suitable solution for your organization.
An external database (i.e. external to your Docker Compose or Kubernetes deployment) is highly recommended for production deployments. If you don't have your own database service, you can use an external service from a cloud providers. Visit the corresponding Prerequisites page for more information and consult your IT team to select the most suitable solution for your organization.
If you decide to use an external database, you must create a MySQL user and database manually. See Configuration for more details.
An SSL certificate is required for your Tower instance to handle HTTPS traffic.
From Tower 22.1.1, HTTP-only implementations must set the
TOWER_ENABLE_UNSAFE_MODE=true environment variable in the Tower hosting infrastructure to enable user login.