On-Prem Overview

Updated 1 month ago by Michael Cretzman

In addition to the Harness SaaS offering, there are two Harness on-prem offerings:

  • Connected On-Prem - The Harness Manager runs in your enterprise cloud environment and Harness manages the installation through a connection to Harness Cloud. For information on setting up Harness Connected On-Prem, see Kubernetes Connected On-Prem Setup and Docker Connected On-Prem Setup.
  • Disconnected On-Prem - The Harness Manager runs in your enterprise environment and you manage the installation.

This document discusses Harness Connected On-Prem.

Security and Data Privacy

Harness Connected On-Prem does not store or transmit sensitive data from your organization’s apps or infrastructure.

To silo the management of Harness with the management of customer applications and infrastructure, Harness uses an Ambassador-Delegate-Server architecture.

In this architecture, all communication from your apps and infrastructure is one-way and handled by delegate communication to the on-prem Harness Server. An Ambassador handles one-way communication to the Harness cloud.

There is no information exposure: the Ambassador associated with the Harness Connected On-Prem server does not contain any customer data. The Ambassador sends outbound HTTPS calls to the Harness cloud only for updates and to send anonymized aggregated metadata and metrics.

At no point is customer data exposed or transmitted outside of the corporate data center. Corporate Data remains behind the corporate firewall, therefore making Harness Connected On-Prem compliant with corporate privacy and governance.

High Scalability and Availability

As demonstrated in the architecture diagram above, Harness Connected On-Prem is designed to be highly available, fault-tolerant, and horizontally scalable.

The Harness Connected On-Prem architecture supports multiple physical servers (replicas) with containerized and load-balanced micro-services on each. Internal communication among micro-services is transparently handled. Only one port is required: proxy is exposed to your load balancer.

As the number of Harness users and deployments increase, you can add more physical servers (replicas) and the Harness Connected On-Prem architecture automatically adapts to scale and meet your growth.

Scalability and fault tolerance is automatically handled at both application and database layers ensuring high availability and zero downtime for upgrades.

Upgrades and Maintenance

Harness performs Continuous Delivery with daily deployments and these updates are provided to our enterprise Harness Connected On-Prem users with zero downtime and impact.

Similar to your desktop operating system, you can select auto-update or scheduled update for your Harness Connected On-Prem. Harness manages the upgrade process, upgrading one physical machine at a time to avoid any downtime or impact.

Harness Connected On-Prem upgrades are frequent and seamless, ensuring you are running the latest Harness Connected On-Prem version without downtime.

Monitoring, Troubleshooting and Support

To avoid any time and cost spent troubleshooting your Harness Connected On-Prem deployments, the Harness Connected On-Prem server logs and monitoring data are available to Harness Support through the delegate when our support team needs access.

If Harness Support needs to troubleshoot any deployment, it can do so without any of your data being being communicated or exposed. The data in transit is 100% Harness data with no customer application or infrastructure data exposed.


Harness on-prem installations do not currently support the Harness Helm Delegate.

Next Steps

How did we do?