Hello everyone, I am having a somewhat hard time trying to configure a self hosted server for prefect. Most of my struggle is based on what is the proper way of doing things. I started by using

prefect server start

but ran with a bunch of issues: • Most container services are listening on 0.0.0.0, which is not desirable in my case. I have a specific IP on which I would like exposed service to listen. • I am confused as to which services actually need to be exposed beyond the loopback. My understanding is that the UI (of course) needs to be, as well as the GraphQL endpoint (since the UI JS seems to communicate with it). What about the others? I have to admit, I am foreign to hasura/apollo/etc. Since I wanted to customize that, I figured I should somehow generate the

docker-compose.yml

with

prefect server config

and tweak that accordingly, which I did. That did not seem to be a good solution though, since even after tweaking the published ports and trial and error with the various configurations in

docker-compose.yml

, the UI is still trying to reach

<http://localhost:4200>

, even though I tried to tweak the config to have it use

http://<server IP>:4200/

so I guess everything is not configurable through editing the

docker-compose.yml

. I spent quite some bunch of time reading various threads on internet, and it seems to me now the proper way of configuring the server is not to tweak the

docker-compose.yml

but rather to tweak

config.toml

, and

prefect server start

will use that when generating its temporary

docker-compose.yml

. So I did that, but I'm still confused as to what exactly should be exposed and what should not. I also get lost in the options of

prefect server start

, it allows me to no publish container listened ports to the host, but of course them of them should be for the UI/agent/graphql to be available. Not sure I can even articulate the questions I have precisly, I'm just lost in the proper way to configure the server and would need some guidance.

Hi @Aurélien Vallée - I'd encourage you to take a look at this blog post, which takes you through a self-hosted server on GCP; the methods should be nearly the same when deploying elsewhere (AWS, Digital Ocean, Azure etc).

thanks, I'm going to read that and revert

It boils down to 2 ports, as you mentioned, the Apollo server port (which defaults to 4200), and the UI port (which defaults to 8080). So long as the other services can communicate with each other, which is true in the default Docker network, those should allow you to deploy to a remote server and access everything as you'd expect 🙂

Not looking for kubernetes at the moment, just a simple local install

Then definitely the first one!

hmm, read it, it clarified some things, but still, the exposed ports are listening on 0.0.0.0

Gotcha. Try modifying your

~/.prefect/config.toml

like this:

[server]
host = "10.0.0.10"

    [server.database]
    host = "10.0.0.10"

    [server.graphql]
    host = "10.0.0.10"

    [server.hasura]
    host = "10.0.0.10"

    [server.ui]
    host = "10.0.0.10"
    apollo_url = "<http://10.0.0.10:4200/graphql>"

hmmm, but since hasura and the db for instance are not published, i don't think that can work right?

Hey @Aurélien Vallée -- glad it sounds like you've sorted out most of your issues. That block in the docs is indeed wrong but

toml

actually doesn't know anything about nesting indentation and the

[telementry]

block is meaningless there.

Pretty much all sorted out yes :-) still did not manage to choose which IP the published ports should bind to. I circumvent that with additional iptables rules but it's very fragile