The SPIN Runtime executes notebook code within your infrastructure. It is built on a Python-based Jupyter server with Docker containerization, featuring custom cell processors for each integration. You can deploy it on Docker, Kubernetes, or cloud instances.

Communication with the Runtime

Communication with the spin runtime is done via a websocket connection from the browser. The runtime does not need to be reachable by the SPIN’s cloud hosted control plane. For more information see our architecture docs. When adding a new runtime via the SPIN UI, you have to specify the URL of the runtime. When sharing a runtime across your team, you will need to host the runtime in a way that is reachable by all those members. Making it accessible from the internet via a public URL is an option. Constraining access to the runtime via a VPN (such as Tailscale) or an SSH tunnel is another option that can enhance security.
Note that for runtimes not running on the users machine directly require a secure connection via HTTPS with a valid certificate. This is because the browser will not allow the runtime to connect to a non-secure origin unless the origin is localhost.

Deploy in Your Own Infrastructure

A Docker image is available for deployment in your own environment: 
ghcr.io/siftd/spin-runtime:latest-prod

Docker

Run the runtime as a standalone container: 
docker run -d --name spin-runtime -p 8888:8888 \
           -v spin-runtime-data:/opt/spin/var \
           -e SPIN_TOKEN=your-secure-token \
           ghcr.io/siftd/spin-runtime:latest-prod

Docker Compose

Example configuration for Docker Compose:
compose.yml
services:
  spin-runtime:
    image: ghcr.io/siftd/spin-runtime:latest-prod
    environment:
      - SPIN_TOKEN=your-secure-token
    ports:
      - "8888:8888"
    volumes:
      - spin-runtime-data:/opt/spin/var
    restart: unless-stopped

volumes:
  spin-runtime-data:
    driver: local

Set up with Tailscale

With Tailscale you can access the SPIN runtime without exposing it to the public internet. See how to configure SPIN runtime with Tailscale sidecar in Docker Compose.

Kubernetes

TODO: Add instructions for deploying in Kubernetes.

Cloud-Hosted Runtime

For testing, you can spin up a cloud-hosted runtime with a few clicks. This is great for experimentation, but for production use, we recommend self-hosting.

Configuration

Configure the SPIN runtime using these environment variables:
VariableDescription
SPIN_TOKENRequired. Secure token for authenticating connections to the runtime. Must match the token provided when adding the runtime to your workspace.
SPIN_HOMEOptional. Base directory for SPIN runtime files. Defaults to /opt/spin.
<your-env-var-name>Optional. Any other environment variable can be passed to the runtime. Refer to them using the {{runtime_env:<your-env-var-name>}} syntax.