Running an Octopus Tentacle inside a container may be preferable in some environments where installing one directly on the host is not an option.
Octopus publishes both
linux/amd64 Docker images for Tentacle and they are available on DockerHub.
Tentacles set up this way will run inside a container and script execution will not happen on the host itself. For this reason, Octopus Tentacles inside a container may not be appropriate for many deployment tasks.
When an Octopus Tentacle container starts up, it will attempt to invoke the
register-with command to connect and add itself as a machine to that server with the provided roles and environments. This registration will occur on every startup and you may end up with multiple instances if you stop/start a container. Our goal is to update this image to de-register the Tentacle when the container
SIGKILL signal is passed in. In the meantime you may want to use machine policies to remove the duplicated targets.
docker run --interactive --detach ` --name OctopusTentacle ` --publish 10933:10933 ` --env ACCEPT_EULA="Y" ` --env ListeningPort="10933" ` --env ServerApiKey="API-MZKUUUMK3EYX7TBJP6FAKIFHIEO" ` --env TargetEnvironment="Development" ` --env TargetRole="container-server" ` --env ServerUrl="http://10.0.0.1:8080" ` octopusdeploy/tentacle:6.2.206
docker run --interactive --detach ` --name OctopusWorker ` --publish 10933:10933 ` --env ACCEPT_EULA="Y" ` --env ListeningPort="10933" ` --env ServerApiKey="API-MZKUUUMK3EYX7TBJP6FAKIFHIEO" ` --env TargetWorkerPool="LinuxWorkers" ` --env ServerUrl="http://10.0.0.1:8080" ` octopusdeploy/tentacle:6.2.206
When running an Octopus Tentacle Image, the following values can be provided to configure the running Octopus Tentacle instance.
Read Docker docs about setting environment variables.
|ServerApiKey||The API Key of the Octopus Server the Tentacle should register with|
|ServerUsername||If not using an API key, the user to use when registering the Tentacle with the Octopus Server|
|ServerPassword||If not using an API key, the password to use when registering the Tentacle|
|ServerUrl||The Url of the Octopus Server the Tentacle should register with|
|Space||The name of the space which the Tentacle will be added to. Defaults to the default space|
|TargetEnvironment||Comma delimited list of environments to add this target to|
|TargetRole||Comma delimited list of roles to add to this target|
|TargetWorkerPool||Comma delimited list of worker pools to add to this target to (not to be used with environments or role variable).|
|TargetName||Optional Target name, defaults to container generated host name|
|TargetTenant||Comma delimited list of tenants to add to this target|
|TargetTenantTag||Comma delimited list of tenant tags to add to this target|
|TargetTenantedDeploymentParticipation||The tenanted deployment mode of the target. Allowed values are
|MachinePolicy||The name of the machine policy that will apply to this Tentacle. Defaults to the default machine policy|
|ServerPort||The port on the Octopus Server that the Tentacle will poll for work. Defaults to
|ListeningPort||The port that the Octopus Server will connect back to the Tentacle with. Defaults to
|PublicHostNameConfiguration||How the url that the Octopus Server will use to communicate with the Tentacle is determined. Can be
|CustomPublicHostName||If PublicHostNameConfiguration is set to
Exposed Container Ports
Read the Docker docs about exposing ports.
Listening Port Breaking Change:
On Linux containers, prior to version
6.1.1271 the internal listening port was set by the
ListeningPort environment variable. Any containers which previously exposed Tentacle on a port other than
10933 will need to have their port configuration updated if updating to a version
>=6.1.1271. For example if the container was run with
-p 10934:10934 this should be updated to
|10933||Port Tentacle will be listening on (if in listening mode)|
Read the Docker docs about mounting volume.
|C:\Applications||Default directory to deploy applications to|
Using execution containers for Workers
By default, Docker containers are "unprivileged" and cannot run a Docker daemon inside a Docker container.
docker run --privileged
If you plan to host Octopus Tentacle in Kubernetes, you should set the
privileged flag to
true in the
containers YAML section:
containers: - name: octopus_tentacle image: octopusdeploy/tentacle:6.2.206 securityContext: privileged: true
Setting the environment variable
Y prevents Docker-in-Docker from being run when the container is booted, and will prevent the execution containers feature working successfully.
Need support? We're here to help.