Temporal Administration tools

  1. is there a way I can run temporal outside docker-compose and docker ? ( Are there downloadable binaries I can install )

  2. Why is that Temporal Web has no user/password ? ( is it possible to add one )

  3. Is Temporal Web meant as an admin tool ( Say, if I want to create a new namespace ) ? or am I supposed to use cli ( tctl ) ?

  4. is it possible to download cli binaries without docker ?

  5. While reading the documentation for Web at Temporal Web UI | Temporal documentation , came across this sentence :
    Tip: Don’t confuse Runs with Workflow Executions - they are similar, but a long-running Workflow Execution can have multiple Runs. A Run is the atomic unit.
    What was meant here ? was this a reference to continueAsNew ?

  1. Temporal also provides Helm charts to help deploy the server on a Kubernetes cluster. You can download the images yourself from dockerhub.

  2. Temporal Web UI | Temporal documentation

  3. It’s more of a debugging tool. For admin type of stuff tctl is more poweful at this time.

  4. Temporal CLI - tctl | Temporal documentation shows that you can also install it via homebrew for example.

  5. Believe so yes, meaning that a workflow execution in the web ui does not necessarily relate to a single entry shown in the list. It can have associated child workflows, and continueAsNew runs for example.

Would it be possible to not bundle so many unrelated questions into the same thread please? Having them as separate groupings of related questions will help future readers find answers better imo. Thanks!

Thank you Tihomir.
2. ( No password ) :
I had read the link you sent. But it did not describe how to protect the Temporal web with a user/password. ( we are not interested in OAuth ).
( It talks about server/config.yml : It took me about 30 mts to realize that this file is inside the docker container . You need to do docker exec -it temporal-web sh in order to edit this file )

I could not find anything inside server/config.yml that allows me to enable user/passwd authentication

Is disabling temporal-web the only way, if we are concerned about the security of our data ?

Also, ( if we disable temporal-web on individual temporal installations ) is it possible to install temporal-web as a stand alone piece and to make it point to different temporal servers so as to debug if the need srises ?

@sonyantony we only support oauth/oidc based auth, currently no plans for supporting username/password

As for security: technically disabling Web UI doesn’t exactly resolve security concerns since it’s just a Temporal client. Security is rather determined by how Temporal service is secured

To secure Temporal service, you can look into enabling TLS (mTLS) and, if needed, namespace level authorization Temporal Server security | Temporal documentation

Lmk if this helps