Tentacle is a secure, lightweight agent service that Octopus uses to deploy software. Tentacle runs as a Windows Service, and is installed on all of the machines that you plan to deploy software to, such as your application and web servers.
In essence, Tentacle is a job runner. It waits for Octopus to give it a job (deploy a package, run a script), and it executes it, reporting the progress and result back to the Octopus server.
On this page:
- Windows Server 2003 SP2 (N.B. Not supported for Tentacle 3.1 and up due to .NET 4.5 dependency)
Windows Server 2008 (N.B. SP1 not supported for Tentacle 3.1 and up due to .NET 4.5 dependency)
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
(Both "Server Core" and "Server with a GUI" installations are supported for Tentacle)
- .NET Framework
- Windows PowerShell 2.0. This is automatically installed on 2008 R2, but for 2008 pre-R2 you'll need to install it (x86 download, x64 download)
- Windows PowerShell 3.0 or 4.0 is recommended, both of which are compatible with PowerShell 2.0, but execute against .NET 4.0+.
- Windows Server 2003 servers will need Windows Management Framework installed (this includes PowerShell)
- Hardware minimum: 512MB RAM, 1GHz CPU, 2GB free disk space
Tentacle uses a pretty small amount of memory when idle, usually around 10MB (it may appear higher in task manager because memory is shared with other .NET processes that are running). When deploying, depending on what happens during the deployment, this may expand to 60-100MB, and will then go back down after the deployment is complete. Tentacle will happily run on single-core machines, and only uses about 100MB of disk space, though of course you'll need more than that to deploy your applications.
Octopus and Tentacle can be configured to communicate two different ways depending on your network setup. The mode you are using will change the installation process slightly.
Tentacle can be installed and configured directly from the command prompt, which is very useful when you need to install Tentacle on a large number of machines. See more in automating Tentacle installations.
After installation, Tentacle runs as a Windows Service named OctopusDeploy Tentacle.
The Tentacle MSI installer is very simple: it extracts the core program files on disk, adds an event log source, and that's about it. The actual configuration of your Tentacle is done through a tool called Tentacle Manager. When the MSI completes Tentacle Manager will appear, and you can access it any time from your start menu/start screen. Tentacle Manager is a Windows application that:
- Has a setup wizard to configure your Tentacle instance
- Has wizards to configure Tentacle to use a proxy server, or delete the Tentacle instance
- Shows other diagnostic information about Tentacle
By default, the Tentacle Windows Service runs under the Local System context. You can configure Tentacle to run under a different user account by modifying the service properties via the Services MMC snap-in (services.msc).
The account that you use requires, at a minimum:
- Log on as a service rights on the current machine
- Rights to view X.509 certificates in the local machine context
- Read/Write access to the Tentacle "Home directory" that you selected when Tentacle was installed (typically, C:\Octopus)
- Permissions to start/stop services
In addition, since you are probably using Tentacle to install software, you'll need to make sure that the service account has permissions to actually install your software. This totally depends on your applications, but it might mean:
- Permissions to modify IIS (C:\Windows\system32\inetsrv)
- Permissions to connect a SQL Server database
Using a Managed Service Account (MSA)
You can run Tentacle using a Managed Service Account (MSA):
- Install the Tentacle and make sure it is running correctly using one of the built-in Windows Service accounts or a Custom Account
- Reconfigure the
TentacleWindows Service to use the MSA, either manually using the Service snap-in, or using
sc.exe config "OctopusDeploy Tentacle" obj= Domain\Username$
- Restart the Tentacle Windows Service
Learn about using Managed Service Accounts.